Grav should be configured for flat-file content integrity, admin plugin security, and permission hygiene.
Grav uses several key configuration files:
| File | Purpose | Location |
|---|---|---|
system.yaml |
Main system configuration | user/config/ |
site.yaml |
Site-specific settings | user/config/ |
admin.yaml |
Admin plugin settings | user/config/plugins/ |
Edit user/config/system.yaml for core settings:
# System configuration
system:
absolute_urls: false
timezone: UTC
param_sep: ':'
wrapped_site: false
reverse_proxy_setup: false
force_lowercase_urls: true
username_regex: '^[a-z0-9_-]{3,16}$'
pwd_regex: '(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,}'
intl_enabled: true
http_method: 'POST'
# Cache settings
cache:
enabled: true
check:
method: file
driver: auto
prefix: g
purge_at: '0 4 * * *'
clear_at: '0 3 * * *'
clear_job_type: standard
clear_images_by_default: true
cli_compatibility: false
lifetime: 604800
gzip: true
allow_webserver_gzip: false
# Twig settings
twig:
cache: true
debug: false
auto_reload: true
autoescape: false
undefined_functions: true
undefined_filters: true
umask_fix: false
Edit user/config/site.yaml for site settings:
title: My Grav Site
default_lang: en
author:
name: Site Author
email: author@example.com
taxonomies:
- category
- tag
metadata:
description: 'My Grav Site Description'
Edit user/config/security.yaml:
security:
salt: '!!randomUniqueSaltHere!!' # Generate unique value
content_rewrite:
friendly: false
rememberme:
enabled: true
timeout: 604800
name: grav-rememberme
Set correct file permissions for security:
# Directories: 755
find /var/www/grav -type d -exec chmod 755 {} \;
# Files: 644
find /var/www/grav -type f -exec chmod 644 {} \;
# Set ownership (adjust for your web server)
sudo chown -R www-data:www-data /var/www/grav
Writable directories (web server needs write access):
cache/logs/images/assets/tmp/If using the Admin plugin, configure in user/config/plugins/admin.yaml:
enabled: true
route: /admin
theme: grav
logo_text: ''
body_classes: ''
content_padding: true
twofa_enabled: true
sidebar:
activate: tab
hover_delay: 100
size: auto
image_sep: ''
color: accent
Back up:
Recovery test:
Running Grav in regulated environments? We assist with:
Secure your deployment: office@linux-server-admin.com | Contact Page