TYPO3 should be configured for backend role hardening, extension hygiene, and scheduler reliability.
TYPO3 uses several key configuration files:
| File | Purpose | Location |
|---|---|---|
LocalConfiguration.php |
Main configuration (database, system settings) | config/ |
AdditionalConfiguration.php |
Custom overrides | config/ |
PackageStates.php |
Active extensions/packages | config/ |
.htaccess |
Apache configuration | Web root |
Edit config/AdditionalConfiguration.php for custom settings:
<?php
// TYPO3 Context
$GLOBALS['TYPO3_CONF_VARS']['SYS']['systemLogLevel'] = 0;
// Trusted hosts (comma-separated list)
$GLOBALS['TYPO3_CONF_VARS']['SYS']['trustedHostsPattern'] = 'typo3.example.com';
// Database settings (usually in LocalConfiguration.php)
$GLOBALS['TYPO3_CONF_VARS']['DB']['Connections']['Default']['host'] = '127.0.0.1';
$GLOBALS['TYPO3_CONF_VARS']['DB']['Connections']['Default']['dbname'] = 'typo3';
$GLOBALS['TYPO3_CONF_VARS']['DB']['Connections']['Default']['user'] = 'typo3';
$GLOBALS['TYPO3_CONF_VARS']['DB']['Connections']['Default']['password'] = 'replace-with-strong-password';
// Security settings
$GLOBALS['TYPO3_CONF_VARS']['BE']['lockToDomain'] = 'typo3.example.com';
$GLOBALS['TYPO3_CONF_VARS']['BE']['sessionTimeout'] = 7200;
// Mail settings
$GLOBALS['TYPO3_CONF_VARS']['MAIL']['transport'] = 'smtp';
$GLOBALS['TYPO3_CONF_VARS']['MAIL']['transport_smtp_server'] = 'smtp.example.com:587';
$GLOBALS['TYPO3_CONF_VARS']['MAIL']['transport_smtp_auth'] = 'login';
$GLOBALS['TYPO3_CONF_VARS']['MAIL']['transport_smtp_username'] = 'user@example.com';
$GLOBALS['TYPO3_CONF_VARS']['MAIL']['transport_smtp_password'] = 'password';
The TYPO3 Install Tool is accessed at https://your-domain.com/typo3/install/
Use it for:
Important: Protect the Install Tool with .htaccess or remove after setup.
Set correct file permissions for security:
# Directories: 755
find /var/www/typo3-site -type d -exec chmod 755 {} \;
# Files: 644
find /var/www/typo3-site -type f -exec chmod 644 {} \;
# config/ directory: More restrictive
chmod 750 /var/www/typo3-site/config
chmod 640 /var/www/typo3-site/config/LocalConfiguration.php
chmod 640 /var/www/typo3-site/config/AdditionalConfiguration.php
# Set ownership (adjust for your web server)
sudo chown -R www-data:www-data /var/www/typo3-site
Configure backend settings in Install Tool or AdditionalConfiguration.php:
// Backend session timeout (seconds)
$GLOBALS['TYPO3_CONF_VARS']['BE']['sessionTimeout'] = 7200;
// Lock backend to specific domain
$GLOBALS['TYPO3_CONF_VARS']['BE']['lockToDomain'] = 'typo3.example.com';
// Enable MFA for backend users
$GLOBALS['TYPO3_CONF_VARS']['BE']['mfa']['enforcedForGroups'] = [1]; // Admin group
// Login security
$GLOBALS['TYPO3_CONF_VARS']['BE']['loginSecurityLevel'] = 'normal';
Back up:
Recovery test:
Squeezing every bit of performance from your Typo3 installation? Our experts help with:
Optimize your setup: office@linux-server-admin.com | Contact Us