-
Notifications
You must be signed in to change notification settings - Fork 0
Configuration Guide
All SIGNula configuration (except database credentials) is stored in the tblSettings database table and managed via the Admin Dashboard.
The only file-based configuration is the database connection in web/_config/config.php:
<?php
// 🔒 Database connection credentials
define('DB_HOST', 'localhost');
define('DB_NAME', 'signula_db');
define('DB_USER', 'signula_user');
define('DB_PASS', 'your_secure_password');
define('DB_PORT', 3306);
define('DB_CHARSET', 'utf8mb4');Settings are organised by category with dot-notation keys. All settings are accessible via the Admin Dashboard under System > Settings.
| Category | Prefix | Examples |
|---|---|---|
| General | app.* |
app.name, app.url, app.timezone
|
email.* |
email.from_address, email.smtp_host
|
|
| Security | security.* |
security.session_lifetime, security.max_login_attempts
|
| OAuth | oauth.{provider}.* |
oauth.google.client_id, oauth.microsoft.tenant_id
|
| Payment | payment.{provider}.* |
payment.stripe.secret_key, payment.kofi.verification_token
|
| Captcha | captcha.* |
captcha.provider, captcha.site_key
|
| MFA | mfa.* |
mfa.enabled, mfa.issuer_name
|
Settings marked as isSensitive = 1 are:
- Encrypted with AES-256-CBC before storage
- Automatically decrypted when retrieved via
getSetting() - Never exposed in API responses or logs
- Displayed as masked values in the Admin UI
New settings can be added directly via the Admin Dashboard or SQL:
INSERT INTO tblSettings (settingKey, settingValue, settingType, category, description, isSensitive)
VALUES ('custom.my_setting', 'value', 'string', 'Custom', 'My custom setting', 0);Settings are available immediately via getSetting('custom.my_setting') in PHP.
Configure email delivery via the Admin Dashboard under System > Email Settings:
| Setting | Description | Example |
|---|---|---|
email.smtp_host |
SMTP server hostname | smtp.gmail.com |
email.smtp_port |
SMTP port | 587 |
email.smtp_encryption |
Encryption method | tls |
email.smtp_username |
SMTP username | noreply@signulo.id |
email.smtp_password |
SMTP password (encrypted) | ******** |
email.from_address |
Default sender email | noreply@signulo.id |
email.from_name |
Default sender name | SIGNula |
SIGNula supports sending email via Microsoft 365 and Google Workspace OAuth:
- Navigate to Settings > Email Accounts in the user dashboard
- Click Connect Microsoft 365 or Connect Google Workspace
- Complete the OAuth flow
- Select the connected account as the sending method
This uses FREE shared mailboxes, saving significant licensing costs.
Configure OAuth providers via Admin Dashboard under System > OAuth Providers:
| Setting | Description |
|---|---|
oauth.google.client_id |
Google Cloud Console client ID |
oauth.google.client_secret |
Google Cloud Console client secret |
oauth.google.redirect_uri |
Callback URL (auto-configured) |
| Setting | Description |
|---|---|
oauth.microsoft.client_id |
Azure AD application ID |
oauth.microsoft.client_secret |
Azure AD client secret |
oauth.microsoft.tenant_id |
Azure AD tenant ID (common for multi-tenant) |
| Setting | Description |
|---|---|
oauth.apple.client_id |
Apple Services ID |
oauth.apple.team_id |
Apple Developer Team ID |
oauth.apple.key_id |
Sign In with Apple key ID |
oauth.apple.private_key |
Private key file contents |
SIGNula supports both Cloudflare Turnstile and Google reCAPTCHA:
| Setting | Description |
|---|---|
captcha.provider |
turnstile or recaptcha
|
captcha.site_key |
Public site key |
captcha.secret_key |
Server-side secret key (encrypted) |
If no API keys are configured, captcha is automatically disabled.
| Setting | Default | Description |
|---|---|---|
security.session_lifetime |
7200 |
Session timeout in seconds (2 hours) |
security.remember_me_days |
30 |
"Remember Me" cookie duration |
security.max_sessions |
5 |
Max concurrent sessions per user |
security.max_login_attempts |
5 |
Failed attempts before lockout |
security.lockout_duration |
900 |
Lockout duration in seconds (15 min) |
| Setting | Default | Description |
|---|---|---|
rate_limit.enabled |
1 |
Enable/disable rate limiting |
rate_limit.default_limit |
1000 |
Requests per hour (authenticated) |
rate_limit.unauthenticated_limit |
100 |
Requests per hour (unauthenticated) |
rate_limit.login_limit |
10 |
Login attempts per 15 minutes |
Enable debug mode via URL parameter (development only):
https://your-domain/page?debug=true
Or set globally:
UPDATE tblSettings SET settingValue = '1' WHERE settingKey = 'app.debug';Warning: Never enable debug mode in production.
All PHP errors, warnings, and notices are logged to tblActivityLog with:
- Severity level
- Error code and message
- File and line number
- Backtrace
- Request URL and headers
- Authentication Setup - Configure MFA and OAuth providers
- Payment Configuration - Set up payment providers
- Security Best Practices - Security hardening
Copyright 2025-2026 MWBM Partners Ltd (t/a MWservices). All rights reserved.
Setup
Integration
Operations
External Links