Skip to main content
OJS for Everyone Logo
OJS for EveryoneThe Practical Guidebook

Server Configuration

OJS is configured through config.inc.php in the OJS root directory. This file is created from config.TEMPLATE.inc.php during installation.

Key Configuration Sectionsโ€‹

Applicationโ€‹

; Set to "On" in production, "Off" to show errors during development
installed = On

; Your OJS installation base URL
base_url[default] = "https://yoursite.com"

; Unique site key (generated during install โ€” do not change)
salt = "youruniquesalthere"

Databaseโ€‹

[database]
driver = mysqli        ; or pgsql for PostgreSQL
host = localhost
username = ojsuser
password = yourpassword
name = ojs

Emailโ€‹

[email]
; Use SMTP for reliable delivery
smtp = On
smtp_server = smtp.yourprovider.com
smtp_port = 587
smtp_auth = PLAIN      ; or LOGIN, CRAM-MD5
smtp_username = you@domain.com
smtp_password = smtppassword
smtp_tls = On          ; STARTTLS

; Sender envelope address
envelope_sender = noreply@yoursite.com
allow_envelope_sender = On

Filesโ€‹

[files]
; Must be outside the webroot
files_dir = /var/www/ojs-files

; Public files (accessible via URL)
public_files_dir = public

Cachingโ€‹

[cache]
; Options: filecache, memcache, xcache, apc
object_cache = filecache

; For memcache
;memcache_hostname = localhost
;memcache_port = 11211

Securityโ€‹

[security]
; Force HTTPS
force_ssl = On

; Session cookie settings
session_cookie_name = OJSSID
session_lifetime = 30         ; minutes of inactivity before logout

; Allowed upload file types (MIME)
; Restrict to known safe types

Proxy (if behind a reverse proxy)โ€‹

[proxy]
http_proxy = "http://proxyhost:port"
https_proxy = "http://proxyhost:port"

PHP Configuration (php.ini)โ€‹

Recommended values for production:

upload_max_filesize = 128M
post_max_size = 128M
max_execution_time = 300
memory_limit = 256M
date.timezone = UTC

Nginx Configuration Exampleโ€‹

server {
    listen 443 ssl http2;
    server_name yoursite.com;

    root /var/www/html/ojs;
    index index.php;

    ssl_certificate /etc/letsencrypt/live/yoursite.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/yoursite.com/privkey.pem;

    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    location ~ \.php$ {
        fastcgi_pass unix:/run/php/php8.2-fpm.sock;
        fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
        include fastcgi_params;
    }

    # Deny access to config and hidden files
    location ~ /\. { deny all; }
    location ~* config\.inc\.php { deny all; }
}

Further Readingโ€‹