Table of Contents

Some configuration settings may only be changed by modifying files in your Blesta installation. These files can be found in the /config/ directory.


Modifying these settings could have disastrous effects. Only modify these settings if you know what you are doing.


This file contains general configuration options which may be updated during upgrades.


SettingData TypeDescription
Blesta.database_infoarrayDatabase connection information.


SettingData TypeDescription
Blesta.results_per_pageintegerNumber of results to display per page.
Blesta.paginationarraySet pagination settings.
Blesta.pagination_ajaxarrayConfigurations to override on pagination to help enabled AJAX.


SettingData TypeDescription
Blesta.cron_memory_limitstringSets the memory limit during cron execution, null will not override memory limit. Acceptable values are those allowed by init_set() for 'memory_limit' (e.g. "512M" = 512 MB).

The time period (in minutes) after which an unfinished cron task will be considered stalled and the cron task may be run again.


The minimum time period (in minutes) after which a cron task may be re-run.

Minimum run interval

This should be set to no less than the smallest interval configured for automation tasks in Blesta. As of version 4.3.0, this is 5 minutes.


SettingData TypeDescription
Blesta.session_ttlintegerLength of time (in seconds) that a session will be valid for
Blesta.cookie_ttlintegerLength of time (in seconds) that a cookie will be valid for


SettingData TypeDescription
Blesta.calendar_time_intervalintegerNumber of minutes between intervals of the full calendar time.
Blesta.sticky_notes_to_showintegerNumber of sticky notes to show before viewing more.
Blesta.sticky_notes_maxintegerMaximum number of sticky notes to show.
Blesta.invoice_renewal_max_daysintegerMaximum number of days to allow invoice days before renewal to be set.
Blesta.autodebit_before_due_max_daysintegerMaximum number of days to allow auto debit days before due date to be set.
Blesta.suspend_services_after_due_max_daysintegerMaximum number of days to allow services to be unpaid and overdue before suspension.
Blesta.payment_notices_max_daysintegerMaximum number of days to allow payment notices/reminders to be set.
Blesta.cron_log_retention_daysintegerNumber of days in the past to retain cron logs.
Blesta.auto_delete_accountaccess_logsbooleanWhether or not to delete account access logs according to the cron log retention policy.
Blesta.auto_delete_client_setting_logsbooleanWhether or not to delete client setting logs according to the cron log retention policy.
Blesta.auto_delete_contact_logsbooleanWhether or not to delete contact logs according to the cron log retention policy.
Blesta.auto_delete_email_logsbooleanWhether or not to delete email logs according to the cron log retention policy.
Blesta.auto_delete_gateway_logsbooleanWhether or not to delete gateway logs according to the cron log retention policy.
Blesta.auto_delete_module_logsbooleanWhether or not to delete module logs according to the cron log retention policy.
Blesta.auto_delete_service_logsbooleanWhether or not to delete service logs according to the cron log retention policy.
Blesta.auto_delete_transaction_logsbooleanWhether or not to delete transaction logs according to the cron log retention policy.
Blesta.auto_delete_user_logsbooleanWhether or not to delete user logs according to the cron log retention policy.
Blesta.cache_lengthstringLength of time that a cached page will be served before being built again.
Blesta.reset_password_ttlstringLength of time that a reset password request will be valid for.
Blesta.gw_callback_urlstringThe URL that gateway callback requests should be directed to.
Blesta.marketplace_urlstringThe URL to the marketplace.
Blesta.demo_modebooleanEnables/Disables demo mode. Demo mode disables certain features.
Blesta.default_password_reset_valuebooleanDefault password reset value. Set to true for improved security, false for more accurate error reporting.
Blesta.parser_optionsarraySets parser options DO NOT MODIFY.
Blesta.replacement_keysarraySets various tags used for ID code replacement values throughout the app DO NOT MODIFY.
Blesta.id_code_sort_modearrayWhen attempting to sort by an "id_code" pseudo field, will instead sort by the given array of values in the given order. If null, will sort "id_code" as a string by itself.
Blesta.transactions_validate_apply_roundbooleanIf true will round invoice due amounts to 2 decimal places when verifying payments can be applied


SettingData TypeDescription
Blesta.email_messages_per_connectionintegerThe maximum number of messages to send before disconnecting/reconnecting to the mail server.
Blesta.email_reconnect_sleepintegerThe number of seconds to wait before reconnecting to the mail server.


SettingData TypeDescription
Blesta.hash_workintegerWork-factor for password hashing algorithms (between 4 and 31).
Blesta.max_failed_login_attemptsintegerThe maximum number of failed login attempts to permit from a given IP per hour.
Blesta.auth_legacy_passwordsbooleanSet to true to enable support for legacy passwords (plain md5). Set to false for improved security.
Blesta.verify_csrf_tokenbooleanEnable/disable automatic CSRF token verification.

Bypasses automatic CSRF checking for a set of controllers and actions (eg. ['client_login::index']). CSRF checking is a security feature, BE SURE YOU KNOW WHAT YOU ARE DOING BEFORE SETTING THIS VALUE.

Common Examples:

LocationRoute Configuration
Client Login (~/client/login/)Configure::set("Blesta.csrf_bypass", ['client_login::index']);
Domain Whois (~/order/config/preconfig...)Configure::set("Blesta.csrf_bypass", ['config::preconfig']);
Registration (~/order/signup/index/...)Configure::set("Blesta.csrf_bypass", ['signup::index']);

Separate exceptions with a comma. For example, if you wish to disable CSRF on the Client Login and Domain Whois pages, the route would look like this: Configure::set("Blesta.csrf_bypass", ['client_login::index', 'config::preconfig']);


The value used to generate the 256-bit AES key using HMAC SHA-256.



This file contains internationalization settings.

SettingData TypeDescription
i18.calling_codesarrayCountry to telephone dialing code mappings.


 All routes may be defined here.  Routes have the following syntax:

Router::route("foo/bar", "bar/foo");

The above route maps the "foo" controller and "bar" method to the "bar" controller and "foo" method.

SettingData TypeDescription
Route.adminstringAdmin panel directory name.
Route.clientstringClient panel directory name.
  • No labels