Optional settings

Some setup parameters are set to a default value and are not editable through the webinterface. Although CMS Made Simple works out-of-the-box, you might still want to edit these parameters.

Note: If you change anything in config.php, remember to clear the cache afterwards.

Open config.php with you favorite editor (this file has been created by the installer or by yourself during the installation process).

Pretty URLs and mod_rewrite

Quick guide about 1.6.x

Assuming you know about the web, URLs and URL rewriting (according to the requirements) and you want human friendly /really/nice/url.html here is how to configure CMSms to render pretty URLs :

Tune your config.php :

$config['url_rewriting'] = 'mod_rewrite'; // this is new from 1.6
$config['page_extension'] = '.html';
$config['use_hierarchy'] = true; // no longer in the config file
$config['query_var'] = 'page';

Make a .htaccess rewriting ruleset from the provided sample /doc/htaccess.txt. A ruleset of a single simple rule is OK (as in the provided sample).

Done. Don't forget to chmod your config.php back to 444 or less.

If it doesn't work as expected :

• please try to monitor the process (set up a rewritelog, increase the http error log level...)
• please make some (static...) rewriting tests outside of CMSms (say /my/blah.jpg calls /your/helloworld.php...)
• please don't forget to report these results with your config.php extract and your ruleset if you report the issue in the forums otherwise your readers won't have enough information to help you.

Pre-1.6 instructions

CMS Made Simple has two methods for handling SEO (Search Engine Optimization) friendly URLs; It's own internal mechanism and mod_rewrite.

IMPORTANT: You can only have one or the other method set to true if you want to use pretty URL's, but not both.

URLs processed with the internal mechanism look like this:

http://www.example.com/index.php/parent/child

URLs processed with mod_rewrite look like this:

http://www.example.com/parent/child

The internal mechanism is handled entirely within PHP and doesn't require mod_rewrite in Apache. However, it won't work on IIS, and if you do enable it, you must also ensure that your template contains a {metadata} tag. To enable it, set this option to true:

$config['internal_pretty_urls'] = true;

If you want to use mod_rewrite instead of the internal mechanism to handle URLs, make sure that 'internal_pretty_urls' is first set to false, and then you need to enable this:

$config['assume_mod_rewrite'] = true;

Note:

The settings above are for older versions of CMS Made Simple, both of these have been changed to one line, now you just choose what you want in one place, below is the default setting, change it to internal or mod_rewrite.:

$config['url_rewriting'] = 'none';

If you enable mod_rewrite, you also need a .htaccess file for its rules. You'll find a suitable one in /doc/htaccess.txt - copy it to /.htaccess to enable it. Note that for .htaccess files to be used, your Apache server config needs to have or inherit an 'AllowOverride All' directive. Also make sure to check your FTP settings to transfer the file as Encoding: ASCII. (For those using Dreamweaver, you may have to use another FTP software.)

With mod_rewrite, there is a further option:

$config['page_extension'] = '';

Anything you put in here will be appended to generated URLs, but will not affect how they work. It's useful to make pages look like static content, which can help some search engines. For example, with it set to '.html', a typical URL might look like this:

http://www.example.com/parent/child.html

You can make page URLs reflect their location in the hierarchy by enabling the 'use_hierarchy' option:

$config['use_hierarchy'] = true;

With this option disabled,

http://www.example.com/parent/child

would instead be written:

http://www.example.com/child

URL Filtering Using .htaccess

You can increase the security of your site and stop many hacking attempts by inserting a few lines into your .htaccess file. These rules reject http requests containing characters commonly used by exploits, but will not affect the normal operation of CMS Made Simple.

Requires the Apache web server and support for .htaccess files. You do not need to be using Pretty URLs in CMS Made Simple, but mod_rewrite needs to be enabled on the server.

The following is the relevant portion of a working .htaccess file with both Pretty URLs enabled and URL Filtering in place:

# BEGIN Optional settings

# Turns off directory browsing
# not absolutely essential, but keeps people from snooping around without 
# needing empty index.html files everywhere
Options -Indexes

# Deny access to config.php
# This can be useful if php ever breaks or dies
# Use with caution, this may break other functions of CMSms that use a config.php
# file.  This may also break other programs you have running under your CMSms
# install that use config.php.  You may need to add another .htaccess file to those
# directories to specifically allow config.php.
<Files "config.php">
order allow,deny
deny from all
</Files>

# Sets your 403 error document
# not absolutely essential to have, 
# or you may already have error pages defined elsewhere
ErrorDocument 403 /forbidden403.shtml

# No sense advertising what we are running
ServerSignature Off

# END Optional Settings

# BEGIN CMSMS and Rewrite Rules
# Make sure you have Options FollowSymLinks
# and Allow on

RewriteEngine On

# Might be needed in a subdirectory
#RewriteBase /

# URL Filtering helps stop some hack attempts
#IF the URI contains a "http:"
RewriteCond %{QUERY_STRING} http\: [OR]
#OR if the URI contains a "["
RewriteCond %{QUERY_STRING} \[ [OR]
#OR if the URI contains a "]"
RewriteCond %{QUERY_STRING} \] [OR]
#OR if the URI contains a "<script>"
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
#OR script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
#OR any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2}) 
RewriteRule ^.*$ - [F,L] 
# END Filtering

# CMSMS Rewriting
# Set assume mod_rewrite to true in config.php and clear CMSMS cache
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.+)$ index.php?page=$1 [QSA]
# END CMSMS

# END Rewrite rules

The Optional Settings at the beginning are not required for URL filtering or Pretty URLs, but are just a couple additional settings you may want to have in place.

This example .htaccess file is from a working CMS Made Simple 1.2 installation.

Filtering code from: http://forum.cmsmadesimple.org/index.php/topic,15245.msg76522.html#msg76522

See also the security small guide.

Image Manipulation Library

The image manipulation library used by the Image manager, either 'GD' or 'NetPBM' or 'IM' for ImageMagick.

$config["image_manipulation_prog"] = "GD";

If the library is NetPBM or IM, you need to specify where the binary for the selected library are.

$config["image_transform_lib_path"] = "/usr/bin/ImageMagick/";

Upload path for File Manager

The location (filepath and URL) to which files are uploaded using the File Manager

$config["uploads_path"] = "/site/web/cms/uploads";
$config["uploads_url"] = "http://www.cmsmadesimple.org/cms/uploads";

Upload path for Image Manager

The location (filepath and URL) to which files are uploaded using the Image Manager. This can be the same path as the Image Manager URL.

$config["image_uploads_path"] = "/site/web/cms/uploads/images";
$config["image_uploads_url"] = "http://www.cmsmadesimple.org/cms/uploads/images";

HTML validation for WYSIWYG

CMS features a realtime HTML validation plugin for the WYSIWYG editor, which will ensure valid HTML content. This is turned off by default, since it will also disable the use of tables and markup tags.

Update: In the default config.php file that is generated on installation, there you can see the function is default turned on and not used any more. It is kept there, just in case.

$config["use_Indite"] = false;

This page in: English - Deutsch - Español - Français - Italiano - Lietuvių - Nederlands - Norsk - Polski - Česky - Русский - Svenska - Tiếng Việt - عربي - 日本語 简体中文

User Handbook/Installation/Optional Settings

From CMSMS