Reference - Web.config application keys

The system settings include appSettings keys and other settings, such as a connection string placed in appropriate sections of the project’s web.config file. AppSettings keys are stored in the /configuration/appSettings section.

Some keys referenced on this page apply to live site (MVC5 or ASP.NET Core) applications. When guided to add the configuration key to configuration files of live site applications, make sure to use the configuration file appropriate for your chosen development model.

  • ASP.NET Core projects by default use the appsettings.json file to store application-specific configuration.
  • MVC5 projects by default use the web.config file to store application-specific configuration.

The following setting categories are available:

General settings

Key

Description

Default

CMSTrialKey

Contains a temporary trial license key. You can remove this value after installation.

"" (empty string)

CMSHashStringSalt

Sets the salt value that the system uses in hash functions, for example when creating macro signatures. The installer automatically adds the key for new instances of Xperience, with a random GUID as the value.

Note: Changing the hash salt on a website that already has defined content may prevent macros from resolving correctly, or break dialog links and images on your website. If you encounter such problems, you need to re-save the given content or globally re-sign macros (the system then creates the hashes using the new salt).




<add key="CMSHashStringSalt" value="eb2d6fac-8b9e-427c-b98b-3c562dffbb35" />


Random GUID

CMSUseVirtualPathProvider

Indicates if the virtual path provider is enabled in the administration application.

The system uses the virtual path provider to load objects, such as ASCX page layouts, from the database.




<add key="CMSUseVirtualPathProvider" value="false" />


true

CMSClearFieldEditor

Determines behavior when creating new fields for forms in the administration interface. If true, new fields have empty values of attributes. If false, new fields have predefined values, the same as the previously selected field.




<add key="CMSClearFieldEditor" value="false"/>


true

CMSDatabaseCulture

Specifies the default culture of the system’s database.




<add key="CMSDatabaseCulture" value="en-us"/>


en-us

CMSDisposeConnectionAfterClose

If true, the database connection is automatically disposed (allocated resources released) when a database connection is closed.




<add key="CMSDisposeConnectionAfterClose" value="true"/>


false

CMSAdminCookiesSameSiteNone

If set to true, the system cookies sent between the live site and administration applications under preview mode use the SameSite=None mode and are paired with the Secure and Partitioned attributes.

Note: This key works only for the MVC5 development model and is required when hosting the administration application and the live site on different domains. The key must be added to the web.config file of your live site application. To learn how to configure system cookies for preview mode for ASP.NET Core projects, see Configuring cookie SameSite mode.




<add key="CMSAdminCookiesSameSiteNone" value="true" />


false

CMSUseSessionCookies

Indicates whether session cookies are used for authentication in the Xperience administration application (does not affect authentication on the live site).




<add key="CMSUseSessionCookies" value="false"/>


true

CMSFileScriptTimeout

The maximum number of seconds a script can run before the server terminates it.




<add key="CMSFileScriptTimeout" value="7200"/>


7200

CMSAllowCheckIOPermissions

If true, write permissions on the site folder are checked when necessary and produce an error message when they are insufficient.




<add key="CMSAllowCheckIOPermissions" value="true"/>


true

CMSWorkflowSendEmailToModerator

If true, workflow notification emails are sent to the user who performs a page workflow step transition (in addition to other users involved in the workflow).




<add key="CMSWorkflowSendEmailToModerator" value="true"/>


false

CMSDefaultUserID

Specifies the ID of the default user.




<add key="CMSDefaultUserID" value="53"/>


0

CMSDeleteTemporaryAttachmentsOlderThan

Specifies how old attachments need to be in order to be deleted by the Delete old temporary attachments scheduled task. The value is in hours. Attachments older than the entered value will be deleted when the scheduled task is executed.




<add key="CMSDeleteTemporaryAttachmentsOlderThan" value="12"/>


24

CMSDeleteTempPageBuilderWidgetsOlderThan

Specifies how old a temporary configuration of a page builder MVC widget needs to be before it is deleted from the Temp_PageBuilderWidgets database table by the Delete old temporary Page builder widgets scheduled task. Widget configurations are only stored in the Temp_PageBuilderWidgets table temporarily before they are saved and transferred to the CMS_Document table. However, they may remain stored in the temporary table if an error occurs while using the page builder. The value is in hours.




<add key="CMSDeleteTempPageBuilderWidgetsOlderThan" value="5"/>


1

CMSMVCResolveRelativeUrls

Note: This key must be added to the web.config (MVC5 projects) or appsettings.json (ASP.NET Core projects) file of your live site application.

The system provides an output filter that automatically resolves all virtual relative URLs (~/<link path>) on the side of the MVC live site (based on the environment where the site is actually running). This filter prevents content editors from creating invalid links in cases where your MVC application does not resolve URLs (by processing the content using the Html.Kentico().ResolveUrls method).

If you wish to disable the output filter and resolve URLs manually in your code, set the key to false.




<add key="CMSMVCResolveRelativeUrls" value="false"/>


true

CMSDisableAdministrationInterface

Allows you to disable the Xperience administration interface. The system displays an Access denied screen on each attempt to access the administration interface (~/Admin).




<add key="CMSDisableAdministrationInterface" value="true"/>


false

CMSAuthenticationType

This key overrides the values returned by the IsFormsAuthentication and IsWindowsAuhentication methods in CMS.Helpers.RequestHelper. The key only applies to authentication for the administration interface, and does not affect the live site.

You will typically use this if you are using a custom authentication provider whose authentication type is a non-standard one (e.g. Federated authentication) to make the system handle it as if it were Windows or Forms authentication.

The following values are available:

  • default: standard behavior
  • forms: IsFormsAuthentication always returns true, IsWindowsAuthentication always returns false
  • windows: IsFormsAuthentication always returns false, IsWindowsAuthentication always returns true
  • both: IsFormsAuthentication always returns true, IsWindowsAuthentication always returns true



<add key="CMSAuthenticationType" value="windows" />


default

CMSTemporaryFilesFolderPath

Overrides the default ~/App_Data/CMSTemp location where various temporary files are stored by the system. As a value, you can use:

  • physical disk path - e.g. c:\myfiles\mysite
  • virtual path - e.g. ~/UploadedFiles
  • UNC path - e.g. \\server\folder



<add key="CMSTemporaryFilesFolderPath" value="\\server\MyCustomFolder" />


CMSDefaultTheme

Sets the name of the folder within ~\App_Themes\ containing the theme that the system uses by default in the administration interface.




<add key="CMSDefaultTheme" value="MyTheme" />


Default

CMSApplicationName

Used by Xperience Windows services to identify the Xperience instance. In the case of IIS installations, the path to the instance in IIS is used as its value. In the case of Visual Studio web server installation, the name of the target web project root folder is used. The value must be less than 60 characters long.




<add key="CMSApplicationName" value="Default Web Site/CMS" />


CMSApplicationGuid

Unique identifier of the Xperience instance. Used by Xperience Windows services to identify the instance.




<add key="CMSApplicationGuid" value="fe5493b6-4ea9-42e6-92fa-0db1156b9163" />


CMSMediaFileMaxVersioningSize

Sets the maximum file size of versioned media files in kilobytes. Files in media libraries that are larger than the entered value will not have versions created when updated.




<add key="CMSMediaFileMaxVersioningSize" value="1024" />


2147483647 (int.MaxValue)

CMSShowForgottenPassLink

Indicates if a link that allows users to recover a forgotten password should be displayed on the sign-in page to the administration interface.

The default value is true.




<add key="CMSShowForgottenPassLink" value="false" />


true

CMSSelectorMaxDisplayedItems

Sets the maximum amount of items displayed in drop‑down list selectors in the administration interface when the number of selectable objects is higher than the value of the CMSSelectorMaxDisplayedTotalItems key. Users can select the remaining objects in a dialog that can be opened through the (more items…) option.

The value of this key can be overridden for individual UniSelector controls.




<add key="CMSSelectorMaxDisplayedItems" value="20" />


25

CMSSelectorMaxDisplayedTotalItems

Limits the maximum number of items displayed in drop‑down list selectors in the administration interface. If there are more selectable objects, the list is shortened (to the number specified by the CMSSelectorMaxDisplayedItems key) and the (more items…) option is added.

The value of this key can be overridden for individual UniSelector controls.




<add key="CMSSelectorMaxDisplayedTotalItems" value="30" />


50

CMSWebAnalyticsShowFullData

By default, the system reduces the density of data displayed in analytics report graphs (to improve performance and graph load times for graphs with a very large volume of data). Set the CMSWebAnalyticsShowFullData key to true to have report graphs display full data.




<add key="CMSWebAnalyticsShowFullData" value="true"/>


false

CMSPhysicalFilesCacheMinutes

Sets the number of minutes for which clients consider physical files to be valid and up-to-date when using client caching (i.e. the length of the client cache expiration time for files). Specifically, the key determines how the server sets the Expires response header for file requests.

The key only applies to files stored on the file system that are served using the GetResource.ashx handler. Other types of dynamic files use the expiration time set in Settings -> System -> Performance -> Client cache (minutes) within the administration interface. Physical files that are requested directly use the IIS client cache configuration.

See also: Caching files and resources




<add key="CMSPhysicalFilesCacheMinutes" value="60"/>


10080

CMSEmailValidationRegex

Allows you to customize the regular expression that the system uses to validate email addresses.




<add key="CMSEmailValidationRegex" value="^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$"/>


CMSMacrosCaseSensitiveComparison

If true, string comparisons in macros are case sensitive (if not overriden by |(casesensitive) macro parameter).




<add key="CMSMacrosCaseSensitiveComparison" value="true"/>


false

CategoryIDLength

Category IDs in the CategoryIDPath column/field (the CMS_Category table) will be padded with leading zeros to the width specified in the key, e.g. 00001232.




<add key="CategoryIDLength" value="9"/>


8

UIelementIDLength

UI element IDs in the ElementIDPath column/field (the CMS_UIElement table) will be padded with leading zeros to the width specified in the key, e.g. 00001232.

The default value is 8.




<add key="UIelementIDLength" value="9"/>


8

SettingsCategoryIDLength

Settings category IDs in the CategoryIDPath column/field (the CMS_SettingsCategory table) will be padded with leading zeros to the width specified in the key, e.g. 00001232.




<add key="SettingsCategoryIDLength" value="9"/>


8

CMSDeleteTemporaryUploadFilesOlderThan

Specifies the time period (in hours) after which unfinished upload files should be deleted by the Delete old temporary upload files scheduled task.




<add key="CMSDeleteTemporaryUploadFilesOlderThan" value="12"/>


2

CMSTemporaryUploadFilesFolderSizeLimit

Note: This key must be added to the web.config (for MVC5 projects) or appsettings.json (for ASP.NET Core projects) file of your live site application.

Specifies the maximum size (in MB) of the folder used to hold temporary files (e.g., uploaded using the File uploader form component and stored in a temporary location before the form is submitted by the user).




<add key="CMSTemporaryUploadFilesFolderSizelimit" value="1000">


500

CMSImageEditorMaxVersionsCount

Indicates how many versions of edited image should be saved in the image editor temporary folder within the administration project.




<add key="CMSImageEditorMaxVersionsCount" value="500"/>


999

CMSImageResizingQuality

Specifies the quality (as a percentage) with which images are resized. Lowering the quality results in a smaller file size, but may lead to a more pixelated image. Similarly, increasing the quality results in a more detailed image, but at the cost of a larger file size.




<add key="CMSImageResizingQuality" value="100"/>


85

CMSImageExtensions

Specifies a list of file extensions which should be allowed as image files.




<add key="CMSImageExtensions" value=""/>


""

CMSAudioExtensions

Specifies a list of file extensions which should be allowed as audio files.




<add key="CMSAudioExtensions" value=""/>


""

CMSVideoExtensions

Specifies a list of file extensions which should be allowed as video files.




<add key="CMSVideoExtensions" value=""/>


""

CMSUrlHost

Configures system behavior when running Xperience behind a proxy server

Specifies thehost URL component of the proxy server (without port number) to ensure request URLs for applications hosted behind a proxy are generated correctly. For example, assuming the site is running behind the https://my.proxyserver.com proxy server:




<add key="CMSUrlHost" value="my.proxyserver.com" />


""

CMSUrlPort

Specifies the port number used in certain types of URLs (for example GetResource requests for images or modal dialog URLs). Standard navigation URLs of web pages are not affected.

If not set, the URL port is automatically taken from the current request (80 in most cases).

Add this key if you wish to generate URLs with a specific port number, regardless of the port supplied in requests.

The CMSUrlPort key may also be useful in scenarios where requests are redirected to a non‑standard port number, but you wish to use the usual HTTP port in URLs (for example in a web farm environment, with a load balancer directing traffic to multiple servers identified by different port numbers).




<add key="CMSURLPort" value="80" />


CMSSSLUrlPort

Specifies the port number for certain types of URLs (for example GetResource requests for images or modal dialog URLs) for requests using the SSL (HTTPS) protocol. Overrides the CMSUrlPort key for SSL requests.

Add this key if you wish to generate URLs with a specific port number, regardless of the port supplied in requests.




<add key="CMSSSLURLPort" value="443" />


CMSDisplayApplicationErrorMessages

Defines the level of information which is displayed to the user if the application fails to initialize (e.g., the application fails to connect to the SQL server):

  • false – only general error message is displayed.
  • true – detailed information about the origin of the error is displayed.



<add key="CMSDisplayApplicationErrorMessages" value="true" />


false

CMSUpdateLastLogonForExternalUsers

Indicates whether the system updates the last sign-in time when authenticating external users. For example, you can set the key to false to avoid user updates on each request when using Windows authentication.




<add key="CMSUpdateLastLogonForExternalUsers" value="false" />


true

CMSTransactionIsolationLevel

Sets the Isolation level used for queries that are executed as transactions. Use only in special cases if you encounter problems with deadlocks.

For more information about the available values, see: IsolationLevel Enumeration




<add key="CMSTransactionIsolationLevel" value="ReadUncommitted" />


ReadCommitted

CMSForceAttachmentHistoryInDatabase

Allows you to overwrite the Settings -> System -> Files -> Store files in setting for page attachment history and store the data in the database instead of the file system.




<add key="CMSForceAttachmentHistoryInDatabase" value="true" />


false

CMSDataExportTemplateFolder

Indicates the starting path where the administration application searches for UI data export templates.




<add key="CMSDataExportTemplateFolder" value="\~/App_Data/CMSModules/DataExport"/>


~/App_Data/CMSModules/DataExport

CMSDisableGeneratedAutomationSecureEndpoint

Allows you to disable automatic registration of a secured (HTTPS) endpoint for the WCF service used by the marketing automation designer interface. Otherwise, the system registers the secured endpoint when the administration application is running over HTTPS.

Only disable the automatic behavior if you have an advanced environment configuration, and wish to set up your own secured endpoints.

See also: Configuring Windows Communication Foundation




<add key="CMSDisableGeneratedAutomationSecureEndpoint" value="true" />


false

CMSDisableGeneratedWorkflowSecureEndpoint

Allows you to disable automatic registration of a secured (HTTPS) endpoint for the WCF service used by the advanced workflow designer interface. Otherwise, the system registers the secured endpoint when the administration application is running over HTTPS.

Only disable the automatic behavior if you have an advanced environment configuration, and wish to set up your own secured endpoints.

See also: Configuring Windows Communication Foundation




<add key="CMSDisableGeneratedWorkflowSecureEndpoint" value="true" />


false

CMSBuilderScriptsIncludeJQuery

Determines whether the system links jQuery scripts to pages containing page builder content, as well as the form builder interface.

Set the key to false if you wish to disable the usage of jQuery in page builder content (all default features remain functional without jQuery).




<add key="CMSBuilderScriptsIncludeJQuery" value="false" />


true

> Back to list of web.config key categories

Active Directory settings

You can use the following keys to configure the import of users and roles when using Windows Active Directory authentication:

Key

Description

Default

CMSImportWindowsRoles

When Windows authentication is used and this key set to true, the domain groups of users in Active Directory are imported into the system as roles.




<add key="CMSImportWindowsRoles" value="false"/>


true

CMSRoleImportFormat

When mixed-mode authentication is used, this key determines the format of role names which are imported from Active Directory:

  • SAM – the format of imported roles is rolename.
  • DomainSAM – the format of imported roles is domain-rolename.



<add key="CMSRoleImportFormat" value="DomainSAM"/>


DomainSAM

CMSADDefaultMapUserName

When mixed-mode authentication is used, this key determines the format of user names which are used to communicate with the Active Directory provider:

  • sAMAccountName – uses the Active Directory user name (without the domain).
  • userPrincipalName – uses the Active Directory user principal name (e.g. MyName@office.example.com).



<add key="CMSADDefaultMapUserName" value="userPrincipalName" />


sAMAccountName

> Back to list of web.config key categories

Assembly settings

You can use the following keys to assign custom assemblies to be used instead of certain default assemblies:

Key

Description

Default

CMSStorageProviderAssembly

Specifies the assembly that implements a custom file system provider for the local Windows file system.




<add key="CMSStorageProviderAssembly" value="Company.FileSystemStorage"/>


-

CMSDataProviderAssembly

Specifies the assembly that implements a custom data provider assembly used as the database connector.

See Custom Data provider example.




<add key="CMSDataProviderAssembly" value="Company.DataProvider"/>


-

CMSVirtualPathProviderAssembly

Specifies the assembly that implements a custom Virtual path provider for the administration application.




<add key="CMSVirtualPathProviderAssembly" value="Company.VirtualPathProvider"/>


-

> Back to list of web.config key categories

Settings for forbidden characters in user and role names

You can use the following keys to configure forbidden characters in user and role names:

Key

Description

Default

CMSEnsureSafeUserNames

Indicates if the system replaces forbidden characters in user names imported from Active Directory.

If the key is false, the system also uses less restrictive validation of users names for standard users (applies when new users register, or when creating or editing users in the administration interface). See the CMSUserValidationRegEx key for details.




<add key="CMSEnsureSafeUserNames" value="false" />


true

CMSEnsureSafeRoleNames

Indicates if the system replaces forbidden characters in the code names of roles imported from Active Directory.

If the key is false, you may experience problems with roles names containing certain forbidden characters, for example with leading underscores characters ( _ ). Therefore, it is NOT RECOMMENDED to set the key to false.




<add key="CMSEnsureSafeRoleNames" value="false" />


true

CMSForbiddenUserNameCharactersReplacement

Sets the character that replaces forbidden characters in user names imported from Active Directory.

If not set, the value from Settings -> URLs and SEO -> Forbidden characters replacement is used.




<add key="CMSForbiddenUserNameCharactersReplacement" value="-" />


CMSForbiddenRoleNameCharactersReplacement

Sets the character that replaces forbidden characters in role names imported from Active Directory.

If not set, the value from Settings -> URLs and SEO -> Forbidden characters replacement is used.




<add key="CMSForbiddenRoleNameCharactersReplacement" value="-" />


CMSUserValidationRegEx

Sets a custom regular expression that determines which user names are valid. Applies when new users register on the website, are created in the administration interface or through the API, and when the name of an existing user is modified.

The default value is:
^[a-zA-Z0-9_\-\.@]+$

If the CMSEnsureSafeUserNames key is set to false, a less restrictive regular expression is used by default:
^[a-zA-Z0-9_\-\.\\@!#$%&’*+/=?^_`{|}~]+$

Note: The key does not apply when processing the names of external users, and does not affect replacement of invalid characters in the names of users imported from Active Directory.




<add key="CMSUserValidationRegEx" value="([A-Za-z0-9-]+)" />


> Back to list of web.config key categories

Settings for forbidden character replacement in URLs

You can use the following keys to configure how forbidden URL characters should be replaced:

Key

Description

Default

CMSForbiddenURLValues

The characters entered as the value of this key are forbidden in URL paths and will be replaced automatically by the character specified in the Forbidden characters replacement setting in Settings -> URLs and SEO.

By default, the following characters are forbidden:

\/:*?"<>|&%.’#[]+=„“ and the space character.

If you add this key to the web.config, its value will override the default forbidden character set. This way, you can either allow some of the forbidden characters or add new ones.

Please note that it is recommended to keep the default characters forbidden, since they may prevent certain types of URLs from working correctly if entered into URL paths.

Also, keep in mind that some characters need to be escaped in the web.config according to standard XML rules, e.g. enter < instead of the < character.




<add key="CMSForbiddenURLValues" value="\/:$?&quot;&lt;&gt;|&amp;%.&apos;#[] =" />


CMSLimitUrlReplacements

While enabled, consecutive forbidden characters in URLs will be replaced by only a single replacement character and forbidden URL characters located at the beginning or end of the path will be removed completely instead of being replaced. If set to false, each forbidden character is replaced individually.




<add key="CMSLimitUrlReplacements" value="false" />


true

> Back to list of web.config key categories

Content staging settings

You can use the following keys to configure the behavior of Content staging:

Key

Description

Default

CMSStagingAcceptAllCertificates

If set to true, the system accepts all certificates when performing content staging tasks over a secured protocol (HTTPS). Includes self-signed certificates. If false, the system only accepts certificates generated by a trusted certification authority.




<add key="CMSStagingAcceptAllCertificates" value="true" />


false

CMSMediaFileMaxStagingSize

Sets the maximum size of media library files that are synchronized via staging (in kiloBytes). Add the key to the web.config file of projects that work as source servers in your staging environment.

The system does not synchronize binary data for media library files above the limit. Synchronization tasks for such files only transfer the database definitions of the media objects, without the actual files.




<add key="CMSMediaFileMaxStagingSize" value="1024" />


2147483647 (int.MaxValue)

CMSStagingTreatServerNamesAsInstances

On Xperience instances that contain multiple sites and use staging, changes made to global objects produce staging tasks for all staging servers across all sites. If you synchronize such tasks at different times on different sites, you risk overwriting newer data with the data of old synchronization tasks (we recommend synchronizing such changes at the same time on all servers and sites).

If you have full control over all sites on your instance, you can define the same set of target servers for each site (each server must have an identical Code name across all sites), and set the CMSStagingTreatServerNamesAsInstances key to true. When a global staging task is synchronized, the system then automatically deletes the task from servers with matching code names on the other sites.

The default value is false because code name collisions may occur for staging servers on unrelated sites.




<add key="CMSStagingTreatServerNamesAsInstances" value="true" />


false

CMSStagingServerName

Name of the staging server used for advanced bi-directional content staging. The value needs to be used as the code name when defining this server as a target server of other servers.

See Bi-directional content staging for more information.




<add key="CMSStagingServerName" value="server2" />


"" (empty string)

CMSStagingServiceTimeout

Sets timeout interval for the service used to synchronize staging tasks. The key must be configured within the web.config file on the source instance from which the tasks are being synchronized.

Enter the value in seconds.




<add key="CMSStagingServiceTimeout" value="240" />


180

CMSStagingUseTreeCustomHandlers

If true, events from the DocumentEvents class are raised when processing page staging tasks.




 <add key="CMSStagingUseTreeCustomHandlers" value="false" />


true

CMSStagingLogGlobalObjectsOnlyForAssignedSites

If true, tasks for global objects are logged only for the sites to which the respective objects are assigned.




<add key="CMSStagingLogGlobalObjectsOnlyForAssignedSites" value="true" />


false

CMSStagingUseAutomaticOrdering

Determines whether the system applies automatic ordering to pages created via staging. If true (by default), the system overrides the ordering of new pages according to the Content -> Content management -> New page ordering setting.

Configure this web.config key on target servers that process incoming staging tasks.




<add key="CMSStagingUseAutomaticOrdering" value="false" />


true

> Back to list of web.config key categories

Continuous integration settings

You can use the following keys to configure the continuous integration solution:

Key

Description

Default

CMSCIEncoding

Sets the character encoding used when the continuous integration solution generates non-binary files in the project’s CIRepository folder. The key supports values matching the encoding names listed in the Encoding Class article.

Changing the value of the CMSCIEncoding key does not update the encoding type of existing files in the CIRepository folder. To fully update the encoding of the repository content, you need to:

  • Run complete serialization for all objects.
  • Manually update the encoding type of your repository.config file.



<add key="CMSCIEncoding" value="utf-16" />


utf-8

CMSCIRepositoryPath

Sets the location of the continuous integration file repository root folder. The key’s value must be an absolute or relative path of a folder on a local drive, or a network location for which the application has sufficient permissions.

The specified location is used when serializing object data to the file system and when restoring data back to the database. The key also allows you to set a shared continuous integration repository:

  • Using a shared repository is strongly recommended for live site and administration projects that manage the same site.
  • You can set a shared repository when developing multiple projects with the same database.



<add key="CMSCIRepositoryPath" value="C:\ExternalSourceControl\CIRepository" />


App_Data\CIRepository

> Back to list of web.config key categories

WYSIWYG editor settings

You can use the following keys to configure the WYSIWYG editor for rich text fields in the administration interface:

Key

Description

Default

CKEditor:DefaultToolbarSet

Allows you to set the default toolbar when you use the ‘default’ option for toolbar sets on a page. You can specify one of the following values:

  • Full
  • Standard
  • Basic

You can make custom toolbar sets ‘default’ the same way. Note that the values are case sensitive.




<add key="CKEditor:DefaultToolbarSet" value="Full" />


Standard

CMSWYSIWYGFixXHTML

Indicates if the editor should automatically try to fix XHTML incompatibilities in the code it generates.

Supported values are true and false.




<add key="CMSWYSIWYGFixXHTML" value="true" />


true

CKEditor:BasePath

Specifies the location of the editor (CKEditor) files.

By default, it is located in ~/CMSAdminControls/CKeditor.




<add key="CKEditor:BasePath" value="/CKeditor/" />


CMSHtmlSanitizerAllowedTags

Note: This key is only available after applying hotfix 13.0.110 or newer.

Specifies a set of HTML tags that can be used in the rich text editor for page builder. Any tags that are not allowed will be discarded on save. Setting this key replaces the default set of allowed tags.




<add key="CMSHtmlSanitizerAllowedTags" value="div;p;h1" />


Default allowed tags

CMSHtmlSanitizerAllowedAttributes

Note: This key is only available after applying hotfix 13.0.110 or newer.

Specifies a set of HTML attributes that can be used in the rich text editor for page builder. Any attributes that are not allowed will be discarded on save. Setting this key replaces the default set of allowed attributes.




<add key="CMSHtmlSanitizerAllowedAttributes" value="label;src;data-.*" />


Default allowed attributes

> Back to list of web.config key categories

Code editor settings

You can use the following keys to configure the Code editor, which is used in the administration interface to ensure syntax highlighting and work with code fields:

Key

Description

Default

CMSEnableSyntaxHighlighting

Globally enables or disables the advanced editor and syntax highlighting support for all code fields. This can be used to turn off the editor if it is causing performance issues or other problems.




<add key="CMSEnableSyntaxHighlighting" value="false" />


true

CMSEnableSyntaxHighlighting.<Language>

Can be used to disable the advanced editor and syntax highlighting support for fields that display code in a specific language.

Replace the <Language> string with the name of the language that you wish to disable. The following language options are available: Text, HTML, CSS, JavaScript, XML, CSharp, SQL, HTMLMixed, ASPNET, CMSSharp.

All languages are enabled by default.




<add key="CMSEnableSyntaxHighlighting.CSS" value="false" />


true

CMSShowLineNumbers

Determines whether the code editor in the administration interface displays the panel containing line numbers by default.

Note: The editor fields used in the administration interface always have line numbers disabled by default. The key only affects custom fields that have displaying of line numbers enabled (fields using the Macro editor form control with the Show line numbers parameter enabled).




<add key="CMSShowLineNumbers" value="false" />


true

> Back to list of web.config key categories

E-commerce settings

You can use the following key to configure the Xperience E-commerce Solution:

Key

Description

Default

CMSUseStrictInventoryManagement

Products that use inventory tracking and have the Sell only if items available property enabled may be sold even when the inventory is depleted in cases where multiple customers place orders concurrently. By default, the system logs a warning into the event log if such a situation occurs.

If you set the key to true, the system throws an InvalidOperationException when a customer attempts to create an order containing a product that became out-of-stock due to another concurrently placed order.

If you wish to enable the CMSUseStrictInventoryManagement key, you need to manually ensure that your custom code handles the exception and displays appropriate information to customers.




<add key="CMSUseStrictInventoryManagement" value="true"/>


false

> Back to list of web.config key categories

Email settings

You can use the following keys to configure the sending of emails:

Key

Description

Default

CMSEmailTransferEncoding

Specifies the type of transfer encoding used for emails sent from Xperience.

Supported values are: base64, quotedprintable, sevenbit




<add key="CMSEmailTransferEncoding" value="QuotedPrintable" />


base64

CMSEmailDeleteBatchSize

If the Settings -> System -> Emails -> Archive emails (days) setting is greater than 0, the system stores sent emails for the specified number of days, and regularly deletes them via the Clean email queue scheduled task. The CMSEmailDeleteBatchSize key sets the batch size for the number of emails deleted within a single database operation. The default value is 2000.

You can set a different value if you encounter related database performance issues or timeout errors. For example if you have a database server with relatively low performance and your instance contains a very large number of sent and archived emails.




<add key="CMSEmailDeleteBatchSize" value="200" />


2000

CMSEmailSendLimit

Sets the maximum number of messages sent to individual SMTP servers in a single connection. When the limit is reached, the connection is automatically closed and a new one opens. The process continues until all messages are sent.

You can lower the value if you encounter SMTP errors with too many messages set per connection.




<add key="CMSEmailSendLimit" value="20" />


50

CMSLogEmails

Enables logging of all sent emails to the ~/App_Data/logemails.log file.

The log contains each email’s timestamp, recipients, sender, subject, and custom headers and their encoding (UTF-8 by default).




<add key="CMSLogEmails" value="true"/>


Depends on debugging settings

 CMSDebugEmails

Disables sending of emails to the actual recipients. The system only logs emails into the event log. Helpful if you need to test the functionality, but do not want the emails to actually reach the recipients.

  • To view the event log, open the Event log application.
  • The emails are logged as Information type events.
  • The Event code column contains the recipient’s address.
  • The system randomly generates Sending failed for <recipient’s email address> errors to simulate sending errors.



<add key="CMSDebugEmails" value="true"/>


false

> Back to list of web.config key categories

Email marketing settings

You can use the following key to configure marketing emails:

Key

Description

Default

CMSEmailUtmParametersForAllLinks

If true, UTM parameters are added into all links in marketing emails, including external links. As opposed to the default behavior with enabled UTM tracking, when only relative  email links (relative to your current site) are tagged by the specified UTM parameters.

In order for this key to work, you also need to always enable UTM tracking for individual newsletters or email campaigns.




<add key="CMSEmailUtmParametersForAllLinks" value="true"/>


false

> Back to list of web.config key categories

Event log settings

You can use the following keys when you need to achieve specific behavior of the Event log:

Key

Description

Default

CMSLogEvents

Indicates if logging of events in the Event log is enabled.




<add key="CMSLogEvents" value="true"/>


true

CMSLogKeepPercent

Coefficient for Event log deletion. Keeps the specified percentage of extra log items in the log with regards to the Settings -> System -> Event log size setting. The specified percentage of the oldest events is deleted by batch when the percentage is exceeded. If 0, the exact number of records is kept in the log.




<add key="CMSLogKeepPercent" value="10"/>


10

CMSLogEventsToFile

If true, events are also logged into the ~\App_Data\logevents.log file.




<add key="CMSLogEventsToFile" value="true"/>


false

CMSLogFieldChanges

If true and the Settings -> System -> Log metadata changes option is enabled, details about particular object changes are included in the respective log records.




<add key="CMSLogFieldChanges" value="true"/>


false

CMSLogDocumentFieldChanges

If true and the Settings -> System -> Log metadata changes option is enabled, details about changes of values in page fields are included in the respective log records.




<add key="CMSLogDocumentFieldChanges" value="true"/>


false

CMSLogNewsletterIssueEvents

Indicates if the system logs marketing email changes into the event log (including logging of all sent issues).

You can disable logging of these events if you encounter problems with performance or a cluttered event log when mailing issues to a very large number of recipients – subscribed contacts.




<add key="CMSLogNewsletterIssueEvents" value="false" />


true

CMSLogMATransitions

Indicates if the system logs all step transitions in Marketing automation processes into the event log.

You can disable logging of these events if you encounter performance issues or a cluttered event log when running automation processes for a very large number of contacts.




<add key="CMSLogMATransitions" value="false" />


true

> Back to list of web.config key categories

Export/import settings

You can use the following keys to configure how the export feature handles files:

Key

Description

CMSExportExcludedFolders

Specifies which folders are filtered from the Files folder of the export package.

.svn folders are excluded by default, even without this key added.




<add key="CMSExportExcludedFolders" value="test*;cms*" />


CMSExportExcludedFiles

Specifies which files are filtered from the Files folder of the export package.

.scc files are excluded by default, even without this key added.




<add key="CMSExportExcludedFiles" value="test*;cms*" />


CMSSiteUtilsFolderPath

Overrides the default ~/CMSSiteUtils/ location where the administration application stores export and import packages by default. As a value, you can use:

  • physical disk path - e.g. c:\myfiles\mysite
  • virtual path - e.g. ~/UploadedFiles
  • UNC path - e.g. \\server\folder



<add key="CMSSiteUtilsFolderPath" value="\\server\MyCustomFolder" />


> Back to list of web.config key categories

Item listing settings

You can use the following keys to configure item listing in the Xperience administration interface:

Note: The web.config keys listed below only define default global settings, and individual listing components (UniGrid controls) can override the values. As a result, the values that you configure may not affect all parts of the administration interface.

Key

Description

Default

CMSDefaultListingFilterLimit

Determines the minimum number of items that must be included in a listing in order for a filter to be shown. If the number of listed items is lower than this value, the filter is not displayed. If it is larger, the filter is displayed. This applies to all listings (UniGrid controls) across the entire UI.




<add key="CMSDefaultListingFilterLimit" value="40" />


25

CMSDefaultPageSizeOptions

Sets the options available in the page size selector for listings in the administration interface (the Items per page setting). Values must be separated by commas.

You can use the ##ALL## value to add an option that lists all available rows on a single page (not recommended if you have objects with a very large number of records).




<add key="CMSDefaultPageSizeOptions" value="10,50,200" />


5,10,25,50,100

CMSDefaultListingPageSize

Sets the initial page size of listings in the administration interface (the Items per page setting). If the value is not included among the options defined by the CMSDefaultPageSizeOptions key, the system automatically inserts the value as an additional option.




<add key="CMSDefaultListingPageSize" value="50" />


25

CMSListingShowFirstLastButtons

If true, the first and last page link buttons are included in the pagers of listings in the administration interface (with a large enough number of items). If false, the buttons are always hidden.




<add key="CMSListingShowFirstLastButtons" value="true" />


false

CMSListingShowDirectPageControl

If true, a text box that allows the current page to be changed by directly entering a number is included in pagers of listings in the administration interface (with a large enough number of items). If false, the control is always hidden.




<add key="CMSListingShowDirectPageControl" value="false" />


true

> Back to list of web.config key categories

Scheduler settings

By adding the following keys to your web.config, you can configure the scheduler:

Key

Description

Default

CMSUseAutomaticScheduler

By default, the system uses automatic scheduling – the scheduler periodically requests the ~/CMSPages/Scheduler.ashx route, which ensures that scheduled tasks are processed regularly even if there is no website activity.

Can be set to false for the Xperience administration application, which causes scheduled tasks to be processed at the end of every request sent to the administration. This means that tasks are only executed when user activity in the administration generates requests.

The request-based scheduler is not available for the live site. On the side of the live site application, setting the key to false disables the scheduler.

For more information, see Configuring scheduled task execution.




<add key="CMSUseAutomaticScheduler" value="false" />


true

CMSSchedulerAcceptAllCertificates

If true, all security certificates (including invalid ones) will be accepted when accessing the ~/CMSPages/Scheduler.ashx route via a secured protocol.




<add key="CMSSchedulerAcceptAllCertificates" value="true" />


false

CMSSchedulerUserName

Sets the user name under which the ~/CMSPages/Scheduler.ashx route is accessed (e.g. when using windows authentication).




<add key="CMSSchedulerUserName" value="office\myname" />


"" (blank username)

CMSSchedulerPassword

Sets the password for the user name under which the ~/CMSPages/Scheduler.ashx route is accessed.




<add key="CMSSchedulerPassword" value="mypassword123" />


"" (blank password)

CMSSchedulerAdministrationUrl

Ensures the URL of the administration application for local scheduled task development. Must be used together with CMSSchedulerPresentationUrl.

Supply the full URL of the administration project in the format: <scheme><domain><port><virtual directory>

Add this key to the web.config file of the administration project:

Example - web.config



<add key="CMSSchedulerAdministrationUrl" value="http://localhost:3000" />


"" (empty string)

CMSSchedulerPresentationUrl

Ensures the URL of the live site application for local scheduled task development. Must be used together with CMSSchedulerAdministrationUrl.

Supply the full URL of the live site application in the format: <scheme><domain><port><virtual directory>

Add this key to the web.config or appsettings.json files of both the administration and live site projects:

Example - web.config



<add key="CMSSchedulerPresentationUrl" value="http://localhost:5000" />


Example - appsettings.json



"CMSSchedulerPresentationUrl": "http://localhost:5000",


"" (empty string)

> Back to list of web.config key categories

Contact management settings

By adding the following keys to your web.config, you can configure the behavior of contact management.

Key

Description

Default

CMSProcessContactActionsInterval

Sets the interval (in seconds) in which contact activities are batch processed by the system. Consider raising the interval if your system processes a large number of activities.

You can configure the processing interval separately for the administration and live site applications. Adding the key to the live site application affects the interval at which logged activities and contact detail updates are saved from the memory into the database. Adding the key to the administration application affects how often the system recalculates the data that could be affected by activities and contact updates.




<add key="CMSProcessContactActionsInterval" value="30" />


10

CMSCreateContactActionsLogWorker

If enabled, all administration web farm servers recalculate contact scores, contact groups, personas, and marketing automation triggers.

If you wish to improve performance, you can set this key to false for one or more of your web farm servers, and the recalculation will be disabled for them.

Note: If you set the key value to false for all of your web farm servers, the recalculation will be disabled completely.




<add key="CMSCreateContactActionsLogWorker" value="false"/>


true

CMSGeoIPLocationFileName

Sets the name of the database file used by the geolocation feature for contacts. The file must be placed in the ~/App_Data/CMSModules/WebAnalytics/MaxMind/ folder of your project.




<add key="CMSGeoIPLocationFileName" value="GeoIP2-City.mmdb" />


GeoLite2-City.mmdb

CMSSalesForceUseSandbox

Note: This key is an experimental feature, and may not work in all possible Salesforce integration scenarios.

Allows you to set up and test the Salesforce integration on a Sandbox organization instead of a production org. Add the key to the web.config file of your administration project.

The key ensures that the system connects to Salesforce using the https://test.salesforce.com domain.

Once you are ready to connect to your production organization, remove the key or set its value to false, and re-authorize access to Salesforce.




<add key="CMSSalesForceUseSandbox" value="true" /> 


false

> Back to list of web.config key categories

Security settings

By adding the following keys to your web.config, you can configure security options:

Key

Description

Default

CMSAcceptAllCertificates

Indicates whether application requests should accept all certificates (including invalid certificates). This key ensures the same as if the following keys were enabled at the same time:

  • CMSSearchCrawlerAcceptAllCertificates
  • CMSSchedulerAcceptAllCertificates
  • CMSStagingAcceptAllCertificates
  • CMSValidationAcceptAllCertificates



<add key="CMSAcceptAllCertificates" value="true"/>


false

CMSAdminEmergencyReset

Allows you to recover access to the administration interface if you forget the password of your administrator account. The value must consist of the following parts, separated by semicolons:

  • Username of the account
  • New password for the account
  • Optional true/false value which specifies whether you want to create a new user with the Global administrator privilege level.

The system automatically deletes the key after you gain access to the administration interface.

See also: Configuring password resets for Xperience administration




<add key="CMSAdminEmergencyReset" value="admin;password;true" />


CMSAllowOnlySimpleMacros

If true, only simple macros (i.e. those which do not need a security check) are allowed. All others will not be resolved. If true, the CMSTextBox control does not add security signatures to macros in the administration interface.




<add key="CMSAllowOnlySimpleMacros" value="true"/>


false

CMSEnableClickjackingProtection

Note: This key must be added to the web.config (MVC5 projects) or appsettings.json (ASP.NET Core projects) file of your live site application.

When set to false, the key disables the Content Security Policy (CSP) headers that specify the frame-ancestors policy for the HTTP responses of preview mode requests. Only disable the key if you want to configure adding of CSP headers on your own (otherwise preview URLs would be susceptible to clickjacking attacks).

See also: Adding preview mode support




<add key="CMSEnableClickjackingProtection" value="false"/>


true

CMSEnableCsrfProtection

Indicates whether the system uses security tokens to protect the Xperience administration application against Cross site request forgery attacks. Only set this key to false if you have a custom security mechanism against CSRF.




<add key="CMSEnableCsrfProtection" value="false" />


true

CMSEnableWIF

Overwrites the setting of the Enable WIF authentication option in Settings -> Security & Membership -> Authentication -> Claims-based authentication.

If included in the web.config file and set to false, this key can override enabled WIF authentication in case you have not established an administrator account (as described in Claims-based authentication) and you do not have access to the administration interface.




<add key="CMSEnableWIF" value="false"/>


CMSPasswordSalt

The password salt is a string that is appended to user passwords before they are hashed (to improve security). By default, the salt contains the randomly generated GUID of the given user. The content of this key is added after the base salt value to further increase the length of the salt.

Only applies if the application stores passwords using the SHA2 with salt format, which you can configure in Settings -> Membership & Security -> Passwords -> Password format.

See also: Setting the user password format




<add key="CMSPasswordSalt" value="SaltText" />


CMSRenewSessionAuthChange

When set to true, the system enforces a change of the session ID when a user signs in or out of the Xperience administration interface (does not apply to the live site). Provides protection against session fixation attacks.

If you enable this key, users cannot preserve their session data after signing in or out.

See also: Session protection




<add key="CMSRenewSessionAuthChange" value="true" />


false

CMSValidationAcceptAllCertificates

If set to true, the system accepts all certificates when validating website code or accessibility (e.g. CSS validation) using a 3rd party validation service over a secured protocol (HTTPS). This includes self-signed certificates. If false, the system only accepts certificates generated by a trusted certification authority.




<add key="CMSValidationAcceptAllCertificates" value="true"/>


false

CMSBizFormMailEncodeFields

Visitors can potentially submit forms containing malicious HTML values. By default, form notification and autoresponder emails do not encode displayed field values. This can lead to potential HTML injection if the recipient’s email client is configured to display HTML content.

If the CMSBizFormMailEncodeFields key is set to true, autoresponder and notification emails encode the values of the submitted form’s fields. Add the key to both your live site and administration projects.




<add key="CMSBizFormMailEncodeFields" value="true"/>


false

> Back to list of web.config key categories

Smart search settings

You can use the following keys to configure the Smart search:

Key

Description

Default

CMSSearchIndexPath

Sets the path of a custom directory where the system stores smart search index files (only applies to local search indexes).




<add key="CMSSearchIndexPath" value="App_Data\MyCustomIndexes" />


CMSProcessSearchTasksByScheduler

By default, the smart search creates and runs local indexing tasks immediately whenever content covered by a search index is created or modified.

If you set this key to true, the system does NOT run indexing tasks upon creation – they need to be processed periodically, typically using the Execute local search tasks scheduled task.

Note: The key does not affect processing of tasks for Azure search indexes. Azure search tasks are always processed by the Execute Azure search tasks scheduled task.




<add key="CMSProcessSearchTasksByScheduler" value="true" />


false

CMSCrawlerAllowSiteAliasRedirect

When Pages search indexes process the HTML output of pages, the crawler by default reads pages in scenarios where a custom redirect switches from the domain in the site’s main presentation URL to a live site domain alias. Setting this key to false only allows indexing if the page is running on its main live site URL (the domain may be different between culture versions of pages).




<add key="CMSCrawlerAllowSiteAliasRedirect" value="false" />


true

CMSSearchCrawlerAcceptAllCertificates

When Pages search indexes process the HTML output of pages, the crawler by default does not cover pages on sites using a secured protocol (HTTPS) without a certificate from a trusted authority. For example, you may encounter the problem in development environments that use a self-signed certificate.

If you set this key to true, the system accepts all certificates.

Note: Setting the CMSSearchCrawlerAcceptAllCertificates key to true poses a security vulnerability and should not be used in production environments.




<add key="CMSSearchCrawlerAcceptAllCertificates" value="true" />



false

CMSSearchMaxFieldLength

Sets the maximum number of terms that the smart search allows in a single index field.




<add key="CMSSearchMaxFieldLength" value="10000" />


Unlimited

CMSSearchMaxResultsNumber

Sets the maximum number of results that the smart search can return for a single search request, when using local search indexes. If a search produces more matching results, the system ignores the items that do not fit into the limit.

The purpose of the limit is to avoid processing of large numbers of search results with low relevance. If you use very large search indexes that regularly produce more than 1000 results (the default limit), you can either increase the value or set up search filters to help narrow down the search.

Important: The key may not apply, depending on your search implementation. The maximum number of search results is overriden by the NumberOfProcessedResults property of the SearchParameters object that you use to perform the search. If you create the search parameters using the SearchParameters.PrepareForPages method, the default number of processed results is 100.




<add key="CMSSearchMaxResultsNumber" value="3000" />


1000

CMSSearchSynonymsWeight

Sets the relevance (result score) that the search assigns to items found through the synonym search (i.e. when using Any word or synonyms search mode).

The key’s value must be a decimal number ranging from 0 to 1. A larger number assigns higher relevance to synonyms. If you set 1, the score of synonyms is equal to words in the original unexpanded search expression.

Only applies when using local search indexes.




<add key="CMSSearchSynonymsWeight" value="0.8" />


0.9

CMSSmartSearchLockPollInterval

Specifies how often (time in milliseconds) the smart search indexer attempts to acquire a lock on index files (for local indexes).

The default value of this key is 500 milliseconds.

Set a lower value if the following exception is being logged in your Event log.

Lock obtain timed out: CMS.SiteProvider.SearchLock




<add key="CMSSmartSearchLockPollInterval" value="300" />


500 ms

CMSSmartSearchLockTimeout

Defines the timeout period (in milliseconds) during which the smart search indexer attempts to acquire a lock on index files (for local indexes).

The default value of this key is 1000 milliseconds.




<add key="CMSSmartSearchLockTimeout" value="1500" />


1000 ms

CMSSubsetAnalyzerWordRegex

Sets a regular expression that determines which characters are allowed in the “words” processed by local search indexes with Subset and Starts with analyzers.

The analyzers use the following steps to create search tokens:

  1. Divide text into words
  2. Tokenize the substrings inside the words (according to the analyzer type)

The words created in the first step may contain only characters that match the regular expression in the key’s value. Any other characters split the text into separate words.

By default, the following characters are allowed:

  • word characters (upper and lower case letters, numbers, underscores)
  • at symbols (@)
  • periods ( . )

Note: After changing the value of the key, you need to Rebuild your search indexes that use Subset or Starts with analyzers.




<add key="CMSSubsetAnalyzerWordRegex" value="(\w|@|\.|\$)+" />


(\w|@|\.)+

CMSSearchStoreContentField

Determines whether the smart search stores the original untokenized Content field within index files.

Warning: Setting the key to true reduces indexing performance and increases the size of index files (the difference can be GBs of data for very large indexes). Only enable the key if you need to inspect or debug the content of your index files on development sites. Never enable the key on production sites.




<add key="CMSSearchStoreContentField" value="true" />


false

CMSAzureSearchDnsSuffix

Modifies the domain suffix appended by the system to requests sent to Azure Cognitive Search.

By default, the system assumes Azure Search services are hosted on the search.windows.net domain. This key overrides the default behavior, allowing you to specify a custom domain suffix. This can be useful, for example, when running search services on Azure Government subscriptions, which are hosted with the search.azure.us domain suffix.




<add key="CMSAzureSearchDnsSuffix" value="search.azure.us" />


search.windows.net

The following keys adjust how the smart search indexes page attachments (see Searching attachment files):

Key

Description

Default

CMSSearchDetectTextEncoding

Indicates whether the attachment search uses automatic detection of character encoding for text files (txt and csv).

By default, the search can read text files that use the following encoding:

  • UTF-8
  • The default Windows encoding (the operating system’s current ANSI code page)

If you enable automatic detection, the system attempts to detect the encoding type for each file, and use the correct option when reading the content.

Note: Correct encoding detection is not guaranteed for all files. Automatic detection also slightly increases the time required to index text files.




<add key="CMSSearchDetectTextEncoding" value="true" />


false

CMSSearchIndexXmlAttributes

Determines whether the attachment search includes the values of tag attributes when indexing XML files.




<add key="CMSSearchIndexXmlAttributes" value="true" />


 false

CMSSearchIndexXmlComments

Determines whether the attachment search includes comments when indexing XML files.




<add key="CMSSearchIndexXmlComments" value="true" />


 false

CMSSearchMaxAttachmentSize

Sets the maximum allowed file size in kB for the attachment search. The search ignores page attachments whose size exceeds the value.

Indexing very large files can be resource intensive and have a negative impact on your website’s performance.




<add key="CMSSearchMaxAttachmentSize" value="10000" />


0 (unlimited)

> Back to list of web.config key categories

Translation service settings

You can use the following key to configure Translation services:

Key

Description

Default

CMSTranslationServicesUseCDATAForTransUnit

Use if you want to export XLIFF files without CDATA notation.




<add key="CMSTranslationServicesUseCDATAForTransUnit" value="false" />


true

> Back to list of web.config key categories

User interface culture settings

By adding the following keys to your web.config, you can configure the cultures used in the administration interface:

Key

Description

Default

CMSDefaultSpellCheckerCulture

Specifies the default culture of the built-in spell-checker for the rich text field editor. This culture is used when the dictionary for the currently selected content culture is not found.




<add key="CMSDefaultSpellCheckerCulture" value="en-US" />


en-us

CMSShowLogonCultureSelector

Indicates if the administration interface sign-in page displays a drop-down list with available user interface languages.




<add key="CMSShowLogonCultureSelector" value="false" />


true

CMSDefaultUICulture

Specifies the default UI culture.

If you use this key, you also need to:

  1. Add a corresponding resource string file (localization pack) into the ~\CMSResources folder.
  2. Rename the default CMS.resx file to CMS.en-us.resx.
  3. Rename the new culture’s resource string file to CMS.resx.

This is needed because the CMS.resx file is used when the (default) option is selected as a user’s Preferred user interface culture.




<add key="CMSDefaultUICulture" value="en-nz"/>


en-us

CMSUseSQLResourceManagerAsPrimary

Changes the priority of used localization resource strings to:

  1. custom.resx
  2. cms.resx
  3. database (Xperience administration -> Localization application)



<add key="CMSUseSQLResourceManagerAsPrimary" value="false" />


true

> Back to list of web.config key categories

Web analytics settings

The following key configures Web analytics:

Key

Description

Default

CMSWebAnalyticsProcessingInterval

Sets the interval (in seconds) between batch processing operations that save web analytics data from the application memory to the database. You can set a different interval if you wish to optimize your site’s memory or database performance.

Web analytics logging occurs on the live site, so you need to add the key to the web.config (MVC5 projects) or appsettings.json (ASP.NET Core projects) file of your live site application.




<add key="CMSWebAnalyticsProcessingInterval" value="30" />


10

> Back to list of web.config key categories

Web farm synchronization settings

By adding the following keys to your web.config, you can enable or disable web farm synchronization of certain kind of files stored in the file system:

Key

Description

Default

CMSWebFarmMode

Note: The purpose of this key is only for backwards compatibility and other special scenarios. Instead, set the web farm mode using the Settings -> Versioning & Synchronization -> Web farm -> Web farm mode setting in the Xperience administration interface.

Indicates if web farms are:




<add key="CMSWebFarmMode" value="automatic"/>


disabled

CMSInstanceNameSuffix

When using Automatic web farm mode, the system generates the names of servers by combining the machine name and virtual directory in which the application is running. You can use this key to set an additional suffix that is added to the automatic server name for the given instance.

If you do not set a custom value, the system automatically uses the AutoExternalWeb suffix for external web applications running the Xperience API (typically live site applications).

"" (empty string)
– or –
AutoExternalWeb

CMSWebFarmServerName

Code name of the web farm server. This value is used for manual web farm synchronization support.

This setting overrides the name assigned by the system in Automatic web farm mode.




<add key="CMSWebFarmServerName" value="server1" />


"" (empty string)

CMSWebFarmSyncInterval

Average time before a created web farm synchronization task is processed by web farm servers (the maximum possible time before a task is processed is double of the specified interval).




<add key="CMSWebFarmSyncInterval" value="100" />


2000 ms

CMSWebFarmNotRespondingInterval

By default, web farm servers that transition to the Not responding status remain in the system for 24 hours. The key can be used to change the interval to a specified number of minutes, e.g., 60 for 1 hour.

The web farm continues to generate synchronization tasks for Not responding servers, which can cause unnecessary load and performance problems. You can set the interval to a lower value if you encounter such problems, particularly in hosting environments that dynamically adjust the number of instances (e.g., autoscaling in Azure App Services).

In Automatic web farm mode, servers are deleted after the interval passes. In Manual web farm mode, the servers remain, but the system stops generating memory synchronization tasks (other task types are still generated).




<add key="CMSWebFarmNotRespondingInterval" value="60" />



1440
(24 hours)

CMSWebFarmMaxFileSize

If the CMSWebFarmSynchronizeFiles key is enabled, you can limit the maximum size of synchronized files using this key. The value is entered in kiloBytes and files larger than this value will not be synchronized.




<add key="CMSWebFarmMaxFileSize" value="1024" />


2147483647 (int.MaxValue)

CMSWebFarmApplicationPhysicalPath

Path to the application on the disk used for synchronizing physical files.




<add key="CMSWebFarmApplicationPhysicalPath" value="C:\inetpub\wwwroot\Xperience" />


CMSWebFarmSynchronizeFiles

Determines if web farms synchronize files in general. This key enables synchronization of:

  • Attachments
  • Meta files
  • Media files
  • Form files
  • Avatars

Microsoft Azure notes:

For projects hosted in Microsoft Azure Web Apps, we strongly recommend that you manually set the key to false. Otherwise, you may encounter file system collisions when scaling to multiple instances.




<add key="CMSWebFarmSynchronizeFiles" value="false" />


true

CMSWebFarmSynchronizeAttachments

Enables/disables synchronization of attachments.




<add key="CMSWebFarmSynchronizeAttachments" value="true" />


true

CMSWebFarmSynchronizeMetaFiles

Enables/disables synchronization of meta files.




<add key="CMSWebFarmSynchronizeMetaFiles" value="true" />


true

CMSWebFarmSynchronizeMediaFiles

Enables/disables synchronization of media files.




<add key="CMSWebFarmSynchronizeMediaFiles" value="true" />


true

CMSWebFarmSynchronizeBizFormFiles

Enables/disables synchronization of form files.




<add key="CMSWebFarmSynchronizeBizFormFiles" value="true" />


true

CMSWebFarmSynchronizeAvatars

Enables/disables synchronization of user avatar files.




<add key="CMSWebFarmSynchronizeAvatars" value="true" />


true

CMSWebFarmSynchronizeDeleteFiles

Enables/disables synchronization of deleted files.




<add key="CMSWebFarmSynchronizeDeleteFiles" value="true" />


true

CMSWebFarmTaskDeleteBatchSize

The system regularly performs cleanup of unnecessary web farm synchronization tasks (orphaned tasks without a related web farm server, etc.). The key sets the batch size for the number of tasks deleted within a single database operation. The default value is 500.

You can set a different value if you encounter related database timeout errors, for example if you have a database server with relatively low performance and your instance contains large synchronization tasks with binary data.




<add key="CMSWebFarmTaskDeleteBatchSize" value="100" />


500

> Back to list of web.config key categories

Microsoft Azure settings

By adding the following keys to your web.config file, you can set up the deployment of your website to Microsoft Azure and configure its behavior.

Key

Description

CMSAzureAccountName

Specifies the name of the Azure Storage account that the application will use for its file system.

If you wish to run the application on the local emulator, enter devstoreaccount1 as the value.




<add key="CMSAzureAccountName" value="devstoreaccount1"/>


CMSAzureSharedKey

Contains the primary access key for the storage account specified in the CMSAzureAccountName setting.

You can find the appropriate value for your storage account on the Microsoft Azure Management Portal.




<add key="CMSAzureSharedKey" value="Eby8vdM02xNOcqFlqUwJPLlmEtlCDXJ1OUzFT50uSRZ6IFsuFq2UVErCz4I6tq/K1SZFPTOtr/KBHBeksoGMGw=="/>


CMSAzureBlobEndPoint

Sets the endpoint used for the connection to the blob service of the specified storage account. If you wish to use the default endpoint, clear the value of this setting.




<add key="CMSAzureBlobEndPoint" value="http://127.0.0.1:10000/devstoreaccount1"/>


CMSAzureQueueEndPoint

Sets the endpoint used for the connection to the queue service of the specified storage account. If you wish to use the default endpoint, clear the value of this setting.




<add key="CMSAzureQueueEndPoint" value="http://127.0.0.1:10001/devstoreaccount1"/>


CMSAzureTableEndPoint

Sets the endpoint used for the connection to the table service of the specified storage account. If you wish to use the default endpoint, clear the value of this setting.




<add key="CMSAzureTableEndPoint" value="http://127.0.0.1:10002/devstoreaccount1"/>


CMSAzureRootContainer

Specifies the name of the blob container that will serve as the root of the application’s file system on the Azure storage account.

This can be useful in scenarios where multiple applications use the same storage account.

The default value is cmsstorage.




<add key="CMSAzureRootContainer" value="CustomRoot"/>


CMSAzurePublicContainer

Indicates if the blob container used to store the applications file system should be public. If set to true, it will be possible to access files directly through the URL of the appropriate blob service, for example:

<StorageAccountName>.blob.core.windows.net/cmsroot/corporatesite/media/imagelibrary/logo.png




<add key="CMSAzurePublicContainer" value="true"/>


CMSAzureStorageCacheCleanerThreshold

Specifies a threshold in gigabytes that is used by the Clean Azure storage cache scheduled task. When the threshold is exceeded and the scheduled task is enabled, the system starts to delete files in the Azure Cache and Azure Temp folders from the oldest to the newest.

The default value is 45GB.




<add key="CMSAzureStorageCacheCleanerThreshold" value="45"/>


CMSAzureStorageCacheCleanerKeepLimit

Specifies an amount in gigabytes that is used by the Clean Azure storage cache scheduled task. The amount is the target size of the Azure Cache and Azure Temp folders when the scheduled task deletes the files.

The size of the excluded paths (set by the CMSAzureStorageCacheCleanerExcludedPaths web.config key) is included in the amount.

The default value is 10GB.




<add key="CMSAzureStorageCacheCleanerKeepLimit" value="10"/>


CMSAzureStorageCacheCleanerExcludedPaths

Specifies relative paths separated by semicolons (;) that are excluded when using the Clean Azure storage cache scheduled task.

There is not any predefined excluded path by default.




<add key="CMSAzureStorageCacheCleanerExcludedPaths" value="folder_name1;folder_name2"/>


CMSAzureCDNCacheMinutes

Allows you to set caching interval for Azure CDN.

Using this key, you can set different intervals for expiration of files in the server memory (which can be set in the Settings application -> System -> Performance -> Cache files (minutes) option) and for expiration of files in Azure CDN.

If this key is not used, the Cache files (minutes) setting is used for CDN expiration interval instead.

See also Settings - Performance.




<add key="CMSAzureCDNCacheMinutes" value="30"/>


If you wish to host your website on‑premise, but use a file system based on the Blob Storage service of an Azure storage account, you can specify the following settings:

Key

Description

CMSAzureTempPath

The folder specified by this key will be used to store temporary files on a local disk, e.g. when transferring large files to or from the storage account.

Do not use this key if the entire application is deployed as a Microsoft Azure hosted service.




<add key="CMSAzureTempPath" value="C:\AzureTemp" />


CMSAzureCachePath

Specifies a folder on a local disk where files requested from the storage account will be cached. This helps minimize the amount of blob storage operations, which saves time and resources.

Do not use this key if the entire application is deployed as a Microsoft Azure hosted service.




<add key="CMSAzureCachePath" value="C:\AzureCache" />


CMSDownloadBlobTimeout

Specifies the timeout interval in minutes for importing files from Azure Blob storage into Xperience.

The default value is 1.5 minutes. Increase the interval if you encounter problems when importing large (about 2GB) files.




<add key="CMSDownloadBlobTimeout" value="50" />


> Back to list of web.config key categories

Connection string

The database used by Xperience is specified by the connection string CMSConnectionString in the /configuration/connectionStrings section.




<add name="CMSConnectionString" connectionString="Persist Security Info=False;database=CMS;server=myserver;user id=sa;password=mypassword123;Current Language=English;Connection Timeout=120;" />