System configuration screen

The System configuration screen allows you to configure the basic settings for your Matrix system. To access this screen, click on the System configuration icon in the top right-hand corner of the screen; the System configuration screen will appear.

You can also change the fields available on this screen in the main.inc file located in /data/private/conf directory on the server.

It is recommended, however, that the System configuration screen be used instead.

For more information on the main.inc file, visit the Annotated main.inc page at the Matrix site.

System administrators can only edit specific fields on this screen. To edit all fields, you will need to sign in to the system as the root user.

System settings

Fields marked with an asterix (*) can only be edited by the root user.
System name

Enter the name for the system. This name is shown in the header section of the HTML source code created for the site and displayed at the bottom of all emails sent to Matrix editors and administrators. By default, the name of the system is The system.

System owner

Enter the owner of the system. This owner name is then shown in the header section of the HTML source code created for the site. It is also displayed at the bottom of all emails sent to Matrix editors and administrators, so they know whom to contact for assistance. By default, the owner of the system is blank.

System backend suffix

Enter the suffix to be appended to the URL of the site to access the administration interface of Matrix. By default, this is set to _admin.

If you change the system backend suffix, it is recommended that you sign out of Matrix and access the administration interface through the new suffix.
System simple edit suffix

Enter the suffix to be appended to the URL of the site to access the inline edit mode of Matrix. By default, this is set to _edit.

System login suffix

Enter the suffix to be appended to the URL of a page so that you can sign in. Using this suffix will mean that the Matrix sign-in box will appear where you can enter your username and password. Instead of going to the administration or inline edit mode, you will be returned to the page you were currently viewing.

For example, if you view the contact us page on your site and append _login onto the end of the URL, the sign-in box will appear. Once you have entered your username and password, you will be returned to the contact us page. By default, this suffix is set to _login.

The system login suffix is useful if you have information or tools on your site that you only want certain users to view, but you do not want to add a sign-in box into your design so they can access them.
System bypass cache suffix

Enter the suffix to be appended to the URL of the site to access the matrix-uncached version of the page. Using this suffix forces Matrix to serve the most recent version of the page to the user. By default, this is set to _nocache.

System bypass proxy cache suffix

Enter the suffix to be appended to the URL of the site to access the proxy-uncached version of the page. Using this suffix forces Matrix to ignore any Send cacheable headers settings and will not send relevant headers (such as Cache-control, expires, and last-modified) when serving the page to the user. By default, this is set to _noproxycache.

System clear cache suffix

Enter the suffix to be appended to the URL of the site to clear and re-populate the Matrix cache for the page.

Relative href’s generated when using _recache are meant to work for the actual URL without the suffix and will not work as expected when viewing with the suffix attached.

By default, this is set to _recache.

Performance mode suffix

Enter the suffix to be appended to the URL of the site to access Matrix performance mode. By default, this is set to _performance.

System timezone

Enter the time zone for the system. By default, this is set to Australia/Sydney.

Disable attribution

Select Yes to disable the 'running Matrix' attribution from your site’s design source.

Design assets will need to be regenerated before this option takes effect.

By default, this option is set to No, meaning that the attribution will be displayed.

Enforce same origin frame

If Matrix is nested in the frame of a page, enabling this option will select that both the page and your system are hosted on the same domain. If they are not, the browser will block the loading of the page. By default, this option is enabled. It is recommended that you keep this option enabled for added security.

System URL settings

System root URLs

This field allows you to define the list of URLs that can be used to access Matrix. All site assets created within Matrix must have a URL applied based on a URL listed in this field. You can enter as many URLs as you would like, with each URL being defined on a new line. The protocol (that is, http:// or https://) should not be specified.

System parent domains

This field allows you to define a list of parent domains for setting session cookies. Parent domains are useful if several system root URLs have a common parent domain. If the current URL ends with one of the parent domains, then the cookie will be set on the parent domain instead, with the result being that the user’s session will persist across the parent domain and all its subdomains. For example, syd.example.com and mel.example.com are defined as the system root URLs, and example.com is defined as the system parent domain. When a user visits syd.example.com, the cookie will be created for example.com. When they visit mel.example.com, the cookie created for example.com will be used.

System static URL*

By default, Matrix rewrites URLs for publicly accessible and live file-based assets to an apache readable directory on the same server on which Matrix is installed. By entering a system static URL, you can tell Matrix to rewrite those URLs to an alternative location, which could be a different (and lightweight) piece of web server software on the same machine as the Matrix install or a completely different machine. Leave this field blank to use the default Matrix behavior. This is an advanced configuration option and should only be used if instructed by Squiz.

Restricted file extensions through static root domain

This field allows you to set the file extension types (comma-separated) that will not be served through your system’s static URL, as specified in the above system static URL field. This means that any specified file types will not use the system’s static root domain (that is, \www.example.com) instead of using the Matrix system root URL. Any file types not specified in this field will be served through the static URL.

Static URL uses HTTP*

Specify whether the static files can be served using the http:// protocol.

Static URL uses HTTPS*

Specify whether the static files can be served using the https:// protocol.

System web path separator

This field allows you to define the character to replace the spaces in the assets' names when automatically generating URLs. For example, an asset with the name Contact us would have automatically generated URLs of contact-us, where the URL separator has replaced the space. By default, the URL separator is -.

Redirect URL with trailing slash

Enabling this option will strip trailing slashes off frontend requested URLs and redirect them. This will mean that Matrix will log just one cache entry for the URL content, where it would otherwise treat URLs with trailing slashes as a separate cache entry.

This option does not apply to root URLs due to the possibility of apache being configured to append the trailing slash.

Email settings

Default email

Specify the default email address for the system. This is the email address that Matrix will use to send emails to if it has not been supplied with an email address for the message. For example, if a custom form has to send emails, but the To address is empty, the email will be sent to the address specified in this field. This email address should be for the owner of the Matrix installation. By default, this field is blank.

Tech email

Specify the tech email address for the system. This is the email address that Matrix will use to send technical emails to, such as error reports and system configuration changes. This email address should be for a user to diagnose and fix technical problems with the Matrix installation. By default, this field is blank.

Login/session settings

Root URLs requiring secure login*

This field allows you to select which system root URLs will attempt to display the sign-in box using the https protocol regardless of other protocol settings on the site.

Max login attempts*

Enter the maximum number of times a user may incorrectly enter this password before their account is locked. Enter zero (0) to allow an unlimited number of attempts.

To lock an account, Matrix changes the status of the user account to under construction. To unlock the account, an administrator needs to change the status back to live.
Allow IP change*

By default, if a user’s IP address changed while they are using Matrix, they will be signed out to ensure their account is not being used by someone else at the same time. Proxy settings in some companies may change the user’s IP address each time they view a Matrix page, effectively logging out the user each time they try and navigate to a new page. Enabling this setting will tell Matrix to allow a user’s IP address to change throughout their session.

Process PHP credentials*

If a user has previously entered their username and password in a standard HTTP authentication form, Matrix will be provided with the username and password they entered. If this setting is enabled, Matrix will attempt to sign the user into the system using the username and password combination provided without requiring them to retype their username and password. The password stored within Matrix must match the password entered during the initial HTTP authentication.

Enable HTTP authentication*

If this option is enabled, Matrix will generate an HTTP authentication dialogue box instead of showing the standard sign-in design. This then allows external tools to sign into Matrix by appending use_http_login=1 to the URL.

The Process PHP credentials option must also be enabled to use HTTP authentication.
Accept HTTP authentication*

This setting controls whether Matrix should use a user name sent from an external authentication mechanism (for example, an authentication system provided by a web server or a proxy) to automatically sign in a user, without them having to enter their password directly into the system. Matrix will assume the user has been successfully authenticated from the external system and does not check the password entered during the original authentication against their Matrix password.

HTTP authentication variable*

This setting controls the PHP server variable used to authenticate external users if the Accept HTTP authentication setting is turned on.

Authentication may be bypassed if this setting is used with an HTTP header. To securely implement this setting, you must ensure that any HTTP header is fully managed through all routes to Matrix.

There are two common variables for this setting:

REMOTE_USER

Used by standard HTTP authentication systems such as that used by apache. This is the default setting.

HTTP_*

Some proxies may send a user name as an HTTP header instead. Generally speaking, to convert from an HTTP header name to a server variable name, the header name should be capitalized, hyphens should be changed to underscores, and http_ added to the front. For example, if the user name is returned in a header X-USER-NAME, this setting should be set to HTTP-X-USER-NAME.

Enable external authentication systems*

This setting controls whether external authentication systems (LDAP and IPD bridges) are enabled when authenticating a user. When this option is disabled, only the default authentication asset will be returned from the authentication systems folder under the system management folder. This allows a system administrator to temporarily disable external authentication in certain circumstances, for example, if an external system is compromised.

Use default PHP session file save path*

This setting allows you to choose whether to use the default PHP session file save path (as specified in the php.ini configuration file), or let Matrix set it to the cache folder of the system. The former may be required when using shared storage, that is, with multiple servers, while the latter is required for site networks to operate.

Intervals

Lock length

Enter the time (in seconds) for how long a lock is held before expiring. For example, if a user locks an asset and then decides they do not want to edit it further, the lock will be released automatically after the number of seconds entered into this field has elapsed.

Lock refresh interval

Enter the time (in seconds) for how often the lock automatically refreshes in the administration and simple edit interfaces.

Lock inactivity expiry

Enter the time (in seconds) for how long a lock is held before it expires (in seconds) due to inactivity on the current screen, in the administration, and simple edit interfaces. The refreshing of this frame reacquires locks that the user still needs.

You should set the lock refresh interval to a shorter value than the lock length. Otherwise, the locks will expire while the user is still editing an asset.

PHP configuration

Web memory limit

Enter the maximum amount of memory used by the Matrix web system. By default, this is set to 64MB. However, on larger and more complex systems, this limit will probably need to be increased.

Cron memory limit

Enter the maximum amount of memory used by the Matrix cron system. By default, this is set to 64MB. However, on larger and more complex systems, this limit will probably need to be increased.

Error/debug settings

Log errors*

Select whether to log all errors generated on the frontend and editing interfaces to the error log. It is highly recommended that you do not alter this field’s default value, which is Yes.

Log errors to Syslog?*

Select whether to log system errors to the operating system log. If this field is set to Yes, the system name will be used as the system log identifier. If no name is specified, the default string squiz mysource [version] (matrix) will be used. By default, this field is set to No.

Syslog facility*

Select the facility used for logging errors to the operating system log. This will determine where in the system log the errors will be filed.

The log errors to the Syslog field must be set to Yes for this field to work.

The options available are user and local 0 to 7. These facilities are user-defined and must be configured in the system’s syslog.conf file.

Debug settings*

The following options can be set for the formatting of error messages:

Show file and line number in error messages

Check this box to show both the file and line number in error messages. This is not selected by default.

Show stack trace in error messages

Check this box to show the stack trace in error messages. This is not selected by default.

Show additional information about memory and performance

Check this box to show additional information about memory and performance in error messages.

Internationalization settings

Default backend language

The language to use in the backend interface of both admin and edit mode. Note that currently, only polish has been translated in the backend. Changing this setting will also set the correct HTML lang attribute for edit+, which tells Edit+ to try and use the same language for its interface, but only when you use the edit+ design tag in your design code.

Replace accented characters in web paths

Select whether to use character conversion for URLs based on the international settings. If this field is set to Yes, newly-created assets' URLs will be converted to the selected language characters.

Not all languages are supported.

By default, this field is set to Yes.

Editing interface settings

Save button text

This field allows you to change the text displayed on the Save button at the bottom of the administration and simple edit interfaces.

Confirm save changes

This field allows you to set whether the warning appears if the user has not clicked Save. By default, this is set to Yes.

Asset tree settings

The fields that are available in this section are outlined below:

Asset limit per set

Enter the number of child assets displayed for an asset in the asset tree. If there is more than this number of child assets, the Next and Previous buttons will be provided. By default, this option is set to 50. For more information on the Next and Previous buttons, refer to the Concepts documentation.

Asset display name

This field allows you to specify what information to show for each asset in the asset tree. By default, the short name is shown; however, this can be modified to display other information such as asset ID and the number of children. The following keyword replacements can be used, along with other characters:

%asset_assetid%

This displays the ID of the asset.

%asset_name%

This displays the full name of the asset.

%asset_short_name%

This displays the short name of the asset.

%asset_type_code%

This displays the type of asset, for example, a standard page.

%asset_status%

This displays the status of the asset, for example, safe edit.

%asset_num_kids%

This displays the number of immediate child assets an asset has.

HTTP headers settings

Send cacheable header*

Set this to Yes to enable the sending of cacheable cache-control and pragma headers for all public live pages it serves to users who are not signed in. This allows the web browser to cache pages for faster browsing. If set to No, matrix will send Cache-Control: No-store, no-cache, must-revalidate, POST-check=0, pre-check=0 and Pragma: No-cache headers.

Send last-modified header*

Set this field to Yes to send a last-modified header for all publicly cached pages it serves to users who are not signed in.

Send not modified status-code*

Set this field to Yes to send a 304 not modified status code if requested to do so by a proxy. The 304 code will only be sent for publicly cached pages and for users who are not signed in.

Send no-cache header for file assets*

Set this field to Yes to send a no-cache Cache-control header for file asset types. This option can be disabled to resolve inline file display issues involving PDF documents in internet explorer.

Send 404 cacheable header*

Set this field to Yes to allow pages returning a 404 Not Found response to be cached by a caching proxy server. This option is separate from the send cacheable header option. The cache expiry setting determines the cached response’s expiry time on the Details screen of the cache manager.

Read the Cache manager for more information on the Cache manager.

Use "X-Forwarded-for" header

Select whether to enable the x-forwarded-for HTTP header. This header allows parent servers to discern client IPS when behind reverse proxies. This means that IP restrictions within Matrix can be used in conjunction with squid and other reverse proxies specified in the available input fields.

Set 'HttpOnly' flag for session cookies

Select whether to enable HttpOnly cookies. An HttpOnly cookie will only be used when transmitting HTTP or HTTPS requests. Additionally, a web browser will not allow client-side scripts (such as javascript) access to the cookie. This can help mitigate the effects of cross-site scripting attacks.

Set 'Secure' flag for session cookies

Specify whether to transmit the secure cookie flag when a connection is made over https. Enabling this will cause browsers to not share the session cookie between HTTP and HTTPS.

Send IE "X-UA-Compatible" header?

Specify whether to send the X-UA-compatible header for Internet Explorer browsers. Enabling this option will send the IE=edge,chrome=1 X-UA-compatible header, meaning that the webpage will be displayed in 'edge mode', the highest standards mode supported by the IE version being used.

Automatic headers

Matrix sends some headers by default without needing to configure anything. These are as follows:

Surrogate-control

Content="esi/1.0" This header is used for proxy cache layers that support ESI (Edge Side Include) tags, such as Squiz Edge. This header is automatically sent by matrix if it finds any ESI-based HTML tags that start with either <esi: Or <!--esi. This header tells the cache layer that the content contains ESI tags that need to be processed by its rendering engine.

If you are signed in and have write access to the current page, you can also add ?sq_disable_esi to the end of the URL to disable this automatic header from being sent, which is useful for debugging ESI tags.

Even with ?sq_disable_esi added, the accelerator caching proxy might still be configured to inject the surrogate-control header and process the ESI tags automatically. If this is the case, you can disable that proxy config as Matrix will automatically add this header if there are any ESI tags within the rendered HTML.

Roles configuration

Enable permission roles system*

This field allows you to enable permission roles in the system. By default, this is set to No. Leaving roles disabled will increase the performance of the system.

Enable workflow roles system*

This field allows you to enable workflow roles in the system. By default, this is set to No. Leaving roles disabled will increase the performance of the system.

Enable global roles*

This field allows you to enable global roles in the system. By default, this is set to No. Leaving global roles disabled will increase the performance of the system.

Search engine optimizations

In the Remove self links field, select whether to remove system links that direct to the currently viewed asset. If Yes is selected, all global level links will be removed, including links with query strings or URL system suffixes recognized by Matrix, such as the admin or inline edit mode suffixes. By default, this field is set to No.

Miscellaneous settings

The following fields are available:

Visited pages maximum entries

Specify the maximum number of visited URL entries to store in the current session. These visited URL entries and asset IDs can be accessed using the global session variables visited_urls and visited_assets.

Strip matrix comments

Select whether to strip out code using the Matrix comment syntax in your site’s output. By default, this option is enabled, meaning that comments will not be displayed on the frontend.

© 2015- Squiz Pty Ltd