The Moxie.cfg file is read on server start and controls aspects that cannot be changed while the server is running.
The basic server install options saved in the Moxie.cfg file are editable from within the Moxie.Build Server Setup window found when simply running Moxie.exe. There are a number of advanced options however that are typically used in production that can only be edited directly in the Moxie.cfg file. Note that the Moxie.Build Server Setup window saves the Moxie.cfg file on change to any of the fields and when the window closes, so be sure to not edit the Moxie.cfg file directly while this window is open
The following is the current list of the config values available in the most recent version
IP
The IP address the server is bound to. A value of 0.0.0.0 will bind to all addresses on the operating system, any other value will bind to only that one IP
MaxConnections
The maximum number of concurrent TCP connections the server will accept before declining new connections and posting an error in the Moxie.log file
HttpPort
The listening port for insecure HTTP requests. Set to 0 to disable
HttpsPort
The listening port for secure HTTPS requests. Set to 0 to disable. If this is enabled, a valid and working value for CertFile is required
CertFile
The friendly name of the certificate in the operating system's user's certificate store. See Cloudflare Origin Certificates for more information on the easiest way to get a free certificate and protect your systems. Purchased public facing certificates can be used as well, install them the same way as the CloudFlare Origin Certificates
RelayHttpsHost
If you are running this instance of Moxie.Build behind a Moxie.Build Relay, or any other reverse proxy on localhost, the external connecting protocol info HTTP header should be configured in the AltProtocolInfo config value below. If the connecting protocol is identified by that header as http instead of https, and the HttpsEnsure command is executed, the user will be redirected with a 302 Found to the host specified in the RelayHttpsHost instead of using the host header
SecurityPolicy
Sets the HTTP Header Content-Security-Policy. Leave this blank for the default value, which is set to:default-src 'self'; form-action 'self'; frame-ancestors 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:;
plus a dynamic value of https:
. The dynamic value of https:
is set if either the HTTPS port is configured or AltIPInfo is set.
Note that the above default is the baseline for what is needed for Bootstrap to work. If HtmlETable is used, unsafe-eval
is also added.
Set this value to None to disable adding a Content-Security-Policy header.
Any other value specified here will be used as specified. The value for this header may be dynamically overwritten using the HttpHeader command on an as needed basis.
AntiCsfr
When blank, enforcement is off but the Anti-CSRF values are still automatically added to the forms and developers may manually check these values against AntiCsrf$ to validate. Set this config value to Enforce to have the webserver automatically test these values. When mismatched, the user will be logged out (if currently logged in), an Anti-CSRF entry is made in the Moxie.log file, and the request is denied with a response of 403 Forbidden. The Setup Table value of Cnw.AntiCsrfOverride accommodates overrides when this config value is set to Enforce.
Encoding
Leave blank for no encoding, set to the value of deflate to support HTTP deflate if the client request indicates deflate is accepted in the Accept-Encoding header. This is off by default in favor of CPU over bandwidth
RAMRecvSize
The maximum amount of data that will be received by the server into RAM before it starts to place what has been received so far plus any additional data into a cache file in the Recv folder. The Request Query fields of Req.HasFile, Req.FileSize, and Req.FileName contain the info required to handle larger requests. This defaults to 1MB and that is the recommended value. When running a Moxie.Build Relay, this value will affect the largest requests the Relay can handle, so in that use case the recommended value is 15MB
DLLs
A quoted comma separated list (CSV rules) of Moxie.Build plug-in DLLs, including the Default.dll that contains the CMS and Admin interfaces, in your preferred call order. This defaults of just a value of "Default.dll". Third party plug-ins are not currently publicly supported, but please contact us if you have requirements for native compiled inline HTTP request handling, and/or adding additional native compiled keywords to MOX
ServiceName
The name of the Windows service as installed. This should be set before installing the service, and must not be changed while the service is installed. The ability to set this name allows for many instances of Moxie.Build in different folders to be run on the same operating system
ServiceUser
the name of the Windows user the service is installed under. This should be set before installing the service, and must not be changed while the service is installed. Each instance of Moxie.Build should run under a different user, and the notes included in the Moxie.Build Server Setup window must be followed. When several or many such users are one one machine, it is advisable to create a Windows User Group to handle these Local Security Policy settings more easily. Note that the user set here must also have full control permissions to the folder (and sub-folders via inheritance) containing the instance of Moxie.Build; and in most cases should not have permission to access any other folders
DiskFlushTimer
The number of seconds between disk flushes of changes to the in-RAM database, add new entries to the Moxie.log file, and update the Moxie.stats file. The default number of 10 is ideal for most production systems; larger values of 30 or even 60 might sometimes be useful for very high traffic systems to minimize disk writes on SSDs. Smaller values of 1 or 2 can be helpful when running developer copies on localhost in order to see the log file updates sooner
DirectFetch
The maximum number of records for a Work Query to directly fetch the attachment data and the record data per record when executing the Children, ChildrenAlias, Parents, or ParentsAlias commands. If there are a greater number of records in the Work Query, temporary copies of the source data are made to prevent multithreaded collisions on data access. This number is a trade off of bottlenecks. If the system is stalling with low CPU usage then experiment with lower values. The default value is 20,000. Set to zero to disable all direct fetch behavior.
LogHeaders
This is blank, and off, by default. Set to the word Default to enable the Moxie.hdr file to be created and all inbound HTTP request heads to be saved to this file. Default will save up to 4KB of data, truncating any data beyond that. Other values may be specified as number of bytes
LogMOX
This is blank, and off, by default. Set to the word Yes to enable saving additional log details about MOX procedures being compiled and executed to the Moxie.log file. This is useful for development and test environments, but does add a minor extra head for production systems, as well as creates mostly repetitive data when the same pages are accessed repeatedly. The first number shown is the increase in $MaxMem during compilation or running, the second number is the time taken in seconds.
AltIPInfo
Allows the reading of an HTTP header to indicate what the public facing IP is of the client on the other side of a Moxie.Build Relay and/or any other reverse proxy. This defaults to blank which is disabled but the most common production value here is to run behind CloudFlare and have this set to CF-Connecting-IP
AltProtocolInfo
Allows the reading of an HTTP header to indicate what the public facing protocol is of the client on the other side of a Moxie.Build Relay and/or any other reverse proxy. This defaults to blank which is disabled but the most common production value here when run behind a Moxie.Build relay is MX-Connecting-Protocol
RelayNoAltIP
This prevents the Moxie.Build Relay from using the AltIP header. Defaults to disabled which is blank; set to a value of Yes to enable it
CountryInfo
This defaults to blank is disabled, but in most production systems running behind CloudFlare this should be set to CF-IPCountry
ForcedCookies
This defaults to blank is disabled. Any values placed here will be added to the cookie information for every request. This can be useful for test environments when needing external stateless calls to operate in the context of a test user's session
SocketTrace
This only works when running Moxie.Build as an app window (using the Run Server as App.bat file); it will not work from an installed service. It defaults to blank and is disabled. Configurable values are Default, Error, Warning, and HexDump. The trace output will be saved to the Moxie.trace file
Meta
This value is ignored by Moxie.Build and is useful for saving additional environment information for management scripts to work with, such as our open source Nightly Management Utility
Example Moxie.cfg for Instance Behind a Cloudflared Tunnel
'Moxie.cfg
IP = 127.0.0.1
MaxConnections = 1024
HttpPort = 35101
HttpsPort = 0
CertFile =
RelayHttpsHost =
SecurityPolicy =
AntiCSRF =
Encoding =
RAMRecvSize = 1.000
DLLs = "Default.dll"
ServiceName = Moxie DomainName.com
ServiceUser = MOX-DName
DiskFlushTimer = 10
DirectFetch = 20,000
LogHeaders =
LogMOX =
AltIPInfo = CF-Connecting-IP
AltProtocolInfo =
RelayNoAltIP =
CountryInfo = CF-IPCountry
ForcedCookies =
SocketTrace =
Meta =
Example Moxie.cfg for Dedicated IP
'Moxie.cfg
IP = 207.194.111.22
MaxConnections = 1024
HttpPort = 80
HttpsPort = 443
CertFile = DomainName.com
RelayHttpsHost =
SecurityPolicy =
AntiCSRF =
Encoding =
RAMRecvSize = 1.000
DLLs = "Default.dll"
ServiceName = Moxie DomanName.com
ServiceUser = MOX-DName
DiskFlushTimer = 10
DirectFetch = 20,000
LogHeaders =
LogMOX =
AltIPInfo = CF-Connecting-IP
AltProtocolInfo =
RelayNoAltIP =
CountryInfo = CF-IPCountry
ForcedCookies =
SocketTrace =
Meta =
Example Moxie.cfg for Instance Behind a Moxie.Build Relay
'Moxie.cfg
IP = 127.0.0.1
MaxConnections = 1024
HttpPort = 35101
HttpsPort = 0
CertFile =
RelayHttpsHost = DomainName.com
SecurityPolicy =
AntiCSRF =
Encoding =
RAMRecvSize = 1.000
DLLs = "Default.dll"
ServiceName = Moxie DomainName.com
ServiceUser = MOX-DName
DiskFlushTimer = 10
DirectFetch = 20,000
LogHeaders =
LogMOX =
AltIPInfo = CF-Connecting-IP
AltProtocolInfo = MX-Connecting-Protocol
RelayNoAltIP =
CountryInfo = CF-IPCountry
ForcedCookies =
SocketTrace =
Meta =