Global Settings

The Global Settings section (Studio > Settings > Global) is a critical area for Operators to configure the fundamental behavior and core parameters of the entire UNA site. Settings here impact everything from site identity and user interactions to performance, security, and integrations.

This guide provides an overview of the various sub-sections and settings available within Global Settings, explaining the purpose of each configuration option.

General

This section covers basic site identity, default behaviors, search parameters, and content interaction rules.

  • Community name: The name of your website/community. This name is used in various places like site texts, meta tags, emails, and notifications.
  • Operator email: The email address designated to receive critical system notifications, error reports, and alerts intended for the primary site administrator/operator.
  • "From" email: The email address used as the "sender" for transactional emails sent by the system (e.g., registration confirmations, password resets). Ensure this address is configured for reliable delivery.
  • User Tour: (Checkbox) Enable/disable the introductory tour for new users on the frontend. The content of the tour can be edited elsewhere (often via Polyglot or specific tour app settings).
  • Studio Tour: (Checkbox) Enable/disable the introductory tour for new Operators within Studio. Tour content can be edited elsewhere.
  • Automatic System Updates: (Checkbox) Enable this to allow the UNA system (core and modules) to check for and apply updates automatically. Recommended for staying secure, but disable if you prefer manual control or have heavy customizations.
  • Force Automatic Updates: (Checkbox) If enabled, the system will attempt to apply updates even if some core files have been detected as modified (typically up to a 5% threshold). Use with caution if you have custom modifications.
  • Smart App Banner: (Checkbox) Enable/disable the display of a banner prompting mobile users to add the site to their home screen (Progressive Web App feature).
  • iOS app ID for Smart App Banner: (Text Input) If using the Smart App Banner, enter the specific App ID for your iOS application here.
  • Keyword Search Results: (Number) Set the maximum number of results displayed per page specifically for keyword searches.
  • Site Search Results: (Number) Set the maximum number of results displayed per page for general site-wide searches.
  • Live Search Results: (Number) Set the maximum number of suggestions displayed in the live search dropdown as a user types.
  • Profile Search Results: (Number) Set the maximum number of user profiles displayed per page in profile search results.
  • Max number of hashtags per post: (Number) Limit the number of hashtags (#tag) a user can include in a single post. Helps prevent spammy behavior.
  • Max number of mentions per post: (Number) Limit the number of user mentions (@username) allowed in a single post.
  • Max number of attached links per post: (Number) Limit how many hyperlinks can be included in a post. 0 typically means no limit.
  • System Bot profile: (Dropdown) Choose a specific profile (often a dedicated 'System' or 'Bot' profile you create) that will be used as the author for automated system actions or announcements.
  • Allow post to context using Privacy field: (Checkbox) Determines if the privacy selection field should also control the context (e.g., group, event) where content is posted.
  • Hide post to context for modules in Privacy field: (Checkboxes) Select specific context modules (Channels, Events, Groups, Organizations, Persons, Projects) that should not appear as options within the privacy/context selection dropdown when creating content.
  • Treat context posted in context as content: (Checkbox) Influences how content posted within a context (e.g., a post inside a group) is treated system-wide, potentially affecting feeds and visibility.
  • Only parent group(space, event, etc) members can join: (Checkbox) If checked, only members of a parent context (e.g., a main group) can join its sub-contexts (e.g., a subgroup or sub-event).
  • Enable 'Quick Reactions' mode - vote with default reaction when clicked: (Checkbox) Changes the user interface behavior for reactions. If enabled, clicking the reaction button immediately applies the default reaction (e.g., Like/Upvote) instead of opening a panel to choose from multiple reactions.
  • Auto approve a comment after creation: (Checkbox) If checked, newly submitted comments are automatically approved and made visible. If unchecked, comments may require moderator approval depending on other permission settings.
  • Asynchronous forms preload in "Create Post" block: (Checkboxes) Select which content creation forms (Projects, Timeline, Discussions, Groups, Posts, Events, Market) should be preloaded asynchronously in the main posting block. Can improve perceived performance but may increase initial load.

System

This section handles core system identifiers, financial settings, and external service integrations like embeds.

  • UNA account key: [Your UNA Key] - Your unique UNA.io account key, required for connecting to the UNA Market, receiving updates, and accessing paid services. Obtain this from your account on una.io.
  • UNA account secret: [Your UNA Secret] - Your unique UNA.io account secret, used alongside the key for authentication with UNA services. Keep this confidential.
  • Currency code (for checkout system): (Text Input, e.g., USD, EUR, GBP) The standard 3-letter ISO currency code used for any financial transactions processed through the site's payment system.
  • Currency sign (for display purposes only): (Text Input, e.g., $, €, £) The symbol used to represent the currency in the user interface.
  • Payment module: (Dropdown) Select the primary payment gateway module (e.g., Payments, Stripe Connect, PayPal Connect) that will handle transactions on your site. Requires the corresponding module to be installed and configured.
  • Image width to resize before upload: (Number, pixels) Set a maximum width for images. Images wider than this will be automatically resized before being uploaded to the server. 0 disables resizing based on width.
  • Image height to resize before upload: (Number, pixels) Set a maximum height for images. Images taller than this will be automatically resized before uploading. 0 disables resizing based on height. Helps conserve storage and bandwidth.
  • Use operator LIKE for search: (Checkbox) Determines the underlying search mechanism. Using LIKE is generally faster for smaller sites/datasets but less accurate than full-text search, especially for partial words. Disabling it might use more resource-intensive Full-Text indexes if available.
  • Embeds provider: (Dropdown, e.g., Embedly, Iframely) Select the third-party service used to automatically generate rich previews (thumbnails, titles, descriptions) for links shared on your site.
  • Embed.ly API key: [Your Embedly Key] - Required if Embedly is selected as the provider.
  • Iframely API key: [Your Iframely Key] - Required if Iframely is selected as the provider.

Cache

Configure various caching layers to improve site performance. Note that some cache engines (Memcached, Redis) require specific server setup.

  • Enable DB cache: (Checkbox) Enable caching for database query results.
  • DB cache engine: (Dropdown, e.g., File, Memcached, Redis) Select the storage mechanism for the DB cache. 'File' is simplest but potentially slower than memory-based options like Memcached or Redis.
  • Memcached server host: (Text Input) Required if Memcached is selected as the DB cache engine. Enter the hostname or IP address of your Memcached server.
  • Memcached server port: (Text Input) Required if Memcached is selected. Enter the port number for your Memcached server (default is usually 11211).
  • Enable Page cache: (Checkbox) Enable full-page caching for non-authenticated users. Can significantly speed up loading for guests.
  • Page cache engine: (Dropdown) Select the storage mechanism for the full-page cache.
  • Enable page blocks cache: (Checkbox) Enable caching for individual blocks within a page. Can improve performance for logged-in users.
  • Page blocks cache engine: (Dropdown) Select the storage mechanism for block-level cache.
  • Enable cache for HTML files: (Checkbox) Enable caching for compiled template files.
  • Template cache engine: (Dropdown, e.g., FileHtml) Select the storage mechanism for template cache.
  • Enable cache for CSS files: (Checkbox) Enable caching for compiled CSS files.
  • Enable cache for JS files: (Checkbox) Enable caching for compiled JavaScript files.
  • Enable lessening for CSS files (cache should be enabled): (Checkbox) Enable minification/optimization for CSS files (requires CSS cache to be enabled).
  • Enable lessening for JS files (cache should be enabled): (Checkbox) Enable minification/optimization for JavaScript files (requires JS cache to be enabled).
  • Enable compression for JS/CSS files (cache should be enabled): (Checkbox) Enable server-side compression (like Gzip) for CSS/JS files (requires respective caches to be enabled).

Configure URL structures for better SEO and user readability. Requires proper web server configuration (.htaccess for Apache, specific rules for Nginx).

  • Enable friendly permalinks for Pages: (Checkbox) Use clean URLs (e.g., /my-custom-page) for pages created with the Page Builder instead of query parameters.
  • Enable friendly permalinks for Modules: (Checkbox) Use clean URLs (e.g., /posts/view/my-first-post) for content generated by modules.
  • Enable friendly permalinks for local Storage: (Checkbox) Use clean URLs for accessing locally stored files.
  • Enable SEO links: (Checkbox) Master switch to enable the generation and use of SEO-friendly URLs across the site.
  • Enable redirect from regular to SEO links: (Checkbox) If enabled, automatically 301 redirect old non-SEO URLs to their new SEO-friendly equivalents. Important for maintaining search engine ranking after enabling SEO links.

Security

Configure security measures like CSRF protection, CAPTCHA, content filtering, and guest access restrictions.

  • Enable CSRF token in forms: (Checkbox) Highly recommended. Enables protection against Cross-Site Request Forgery attacks by adding hidden tokens to forms.
  • CSRF token lifetime in seconds: (Number) Sets how long a CSRF token remains valid after a form is loaded. 0 might imply it's valid for the session duration or until used. 86400 seconds = 24 hours.
  • Captcha: (Dropdown, e.g., reCAPTCHA) Select the CAPTCHA service used to protect forms (like registration and login) from bots. Requires the corresponding module/integration.
  • reCAPTCHA/hCaptcha public key: [Your Captcha Public Key] - The site key provided by your chosen CAPTCHA service.
  • reCAPTCHA/hCaptcha private key: [Your Captcha Private Key] - The secret key provided by your chosen CAPTCHA service. Keep this confidential.
  • Add "nofollow" attribute for external links: (Checkbox) Automatically adds rel="nofollow" to links pointing to external websites posted by users. Can influence SEO behavior.
  • Ask user confirmation before redirecting user to the external site: (Checkbox) If enabled, displays an intermediate page warning the user they are leaving your site when clicking an external link.
  • Block content after N reports: (Number) Automatically hide or flag content for moderation after it receives this number of user reports. 0 disables automatic blocking based on report count.
  • Enable content filters: (Checkbox) Master switch to enable UNA's built-in content filtering system (e.g., for profanity or adult content).
  • Enable content filters for comments: (Checkbox) Specifically enables content filters for text within comments.
  • Prohibited content: (Checkboxes: G, PG, PG-13, R, X) Select the content ratings that should be blocked or filtered if content filters are enabled. (G=General, PG=Parental Guidance, R=Restricted, X=Adult).
  • Content visible to unauthenticated users: (Checkboxes: G, PG, PG-13, R, X) Select the maximum content rating that guests (users not logged in) are allowed to see.
  • Lock site from unauthenticated users: (Checkbox) If enabled, users must log in to view almost any content on the site.
  • Comma separated list of pages URIs, which are available for unauthenticated users: (Text Input) If the site is locked (previous setting enabled), list the specific URL paths (e.g., login,forgot-password,terms) that should remain accessible to guests.

Storage

Configure the primary storage engine for user-uploaded files and media.

  • Default storage engine: (Dropdown, e.g., Local, S3) Select where files should be stored. 'Local' uses the web server's filesystem. 'S3' uses Amazon S3 or compatible services. Other options may appear if modules are installed.
  • AWS access key: [Your AWS Access Key] - Required for S3 storage.
  • AWS secret key: [Your AWS Secret Key] - Required for S3 storage. Keep confidential.
  • AWS bucket: (Text Input) The name of the S3 bucket to use for storage.
  • AWS custom domain: (Text Input, Optional) If you've configured a custom domain (CDN) to serve files from your S3 bucket, enter it here. Requires DNS setup.
  • Endpoint: (Text Input) Required for S3-compatible services other than AWS (e.g., Wasabi, DigitalOcean Spaces, Linode Objects). Enter the service's endpoint URL.
  • Signature version: (Dropdown, e.g., v2, v4) Select the AWS signature version required by your S3 provider/region. v4 is standard now.
  • Region: (Text Input) Required for Signature v4. Enter the AWS region code of your bucket (e.g., us-east-1).
  • Authenticate using Amazon IAM Role: (Checkbox) Alternative authentication method for S3, typically used within AWS EC2 environments. Disables Access/Secret key usage if checked.
  • Enable ACLs: (Checkbox) Determines if UNA should attempt to set Access Control Lists (permissions) on objects uploaded to S3. Compatibility depends on S3 provider and bucket settings.
  • Force authenticated URLs for specific storages: (Checkbox/Config) Advanced setting, potentially enabling time-limited, secure URLs for accessing files, depending on the storage engine.

Account

These settings directly control user account behavior, registration, security, and lifecycle. (Referencing previous detailed response for consistency).

  • Online status timeframe (minutes): Defines how long a user appears 'online' after inactivity.
  • Automatic account activation after creation: Bypass confirmation steps if checked.
  • Account is confirmed when: Trigger for account confirmation (email, admin, instant).
  • Enable 2 Factor Authentication: Activates 2FA (requires provider like Twilio).
  • Automatic profile creation from account name: Auto-create default profile on registration.
  • 2FA code lifetime, in seconds: Validity period for 2FA codes.
  • Hide profiles which have unconfirmed account: Makes profiles invisible until account is confirmed.
  • Default profile type: Specifies the initial profile type created (Persons, Organizations).
  • Limit number of profiles: Max profiles per account (0=unlimited).
  • Max number of logins attempts: Failed login limit before lockout (0=unlimited).
  • Reset password key lifetime (in seconds): Validity period for password reset links.
  • Redirect after reset password to: Where users go after password reset.
  • URL for 'Custom Page' redirect (Password Reset): Custom redirect URL path.
  • Disable login form: Hides the standard email/password login form.
  • Disable join form: Hides the standard registration form.
  • Allow to use plus sign ('+') in email address: Allows emails like user+tag@domain.com.
  • Accounts pruning: (Checkboxes) Rules for automatic deletion/suspension of inactive/incomplete accounts.
  • Accounts pruning period (in days): The timeframe (N days) used for pruning rules.
  • Number of stored old passwords: Password history limit (0=disabled).
  • Force password change after password expiration: Require password change upon expiration (if policy exists).
  • Redirect after profile switch to: Where users go after switching profiles.
  • URL for 'Custom Page' redirect (Profile Switch): Custom redirect URL path.
  • Default value for 'Remember me' feature: Sets the default state of the "Remember me" login checkbox.

ACL (Access Control List)

Settings related to membership levels and expirations.

  • Number of days before membership expiration to notify members: How many days before a paid membership expires should a notification be sent. -1 means notify after expiration.
  • Notify members about membership expiration only once: (Checkbox) If checked, only one notification is sent per expiration cycle (based on the setting above). If unchecked, notifications might be sent daily leading up to/after expiration.

Notifications

Configure general notification system behavior and queue processing.

  • Notify about pruning results: (Checkbox) Send a notification (likely to the Operator email) summarizing the results of automatic account pruning actions.
  • Notify about new accounts: (Checkbox) Send a notification (likely to the Operator email) whenever a new user account is created.
  • Number of messages to send from queue per run: (Number) Performance tuning. Controls how many email/on-site notifications are processed by the cron job in a single run. Higher values process faster but use more resources.
  • Number of messages to send from mail queue per run to the same recipient: (Number) Limits how many emails can be sent to the same user in a single cron run, preventing accidental flooding if many notifications are queued simultaneously for one person.

Push Notifications

Configure settings for sending browser/mobile push notifications via services like OneSignal.

  • Provider: (Dropdown, e.g., OneSignal) Select the push notification service provider.
  • Number of messages to send from Push queue per run: (Number) Similar to email queue, controls how many push notifications are processed per cron run.
  • Number of messages to send from Push queue per run to the same recipient: (Number) Limits push notifications sent to the same user in one cron run.
  • OneSignal: App ID: [Your OneSignal App ID] - Your application ID from OneSignal.
  • OneSignal: REST API Key: [Your OneSignal REST API Key] - Your API key from OneSignal for sending notifications. Keep confidential.
  • OneSignal: Short name: (Text Input) Required only for specific http sites, matching the subdomain entered in OneSignal settings.
  • OneSignal: Apple Safari Web ID on the Web Push settings: (Text Input) Specific ID required for Safari push notifications, obtained from OneSignal settings.

SMS Sending

Configure settings for sending SMS messages via services like Twilio (often used for 2FA or phone verification).

  • Provider: (Dropdown, e.g., None, Twilio) Select the SMS gateway provider.
  • Twilio: Account SID: [Your Twilio SID] - Your Account SID from Twilio.
  • Twilio: Auth token: [Your Twilio Auth Token] - Your Auth Token from Twilio. Keep confidential.
  • Twilio: Default 'From' number for SMS: (Text Input) The Twilio phone number (or shortcode/Alphanumeric Sender ID) messages should be sent from.

Location

Configure map providers and geocoding services used for location-based features.

  • Location field provider: (Dropdown, e.g., Plain address fields, Nominatim OSM geocoding) Select how location data is entered and processed. 'Plain address' uses separate fields. 'Nominatim' uses OpenStreetMap for geocoding a single address string.
  • Location map provider: (Dropdown, e.g., Leaflet) Select the library/service used to display maps. Leaflet is a common open-source choice.
  • Location map zoom: (Number) Default zoom level for maps displayed on the site. Higher numbers mean more zoomed in.
  • Nominatim server URL: (Text Input) URL of the Nominatim server to use for geocoding (defaults to the public OpenStreetMap server). Can be pointed to a self-hosted instance.
  • Nominatim email to identify requests: (Text Input) Provide an email address for identification purposes when using the public Nominatim server, as per their usage policy.
  • Leaflet tile layers provider: (Dropdown, e.g., OpenStreetMap.Mapnik) Select the source for the map image tiles displayed by Leaflet.
  • Normalize geographic names: (Checkbox) If enabled, UNA attempts to standardize the format of location names obtained from the geocoding provider.
  • Google Maps API key: [Your Google Maps Key] - Required if using any Google Maps based features (like map displays or Places integration).

Social

Configure social login integrations and sharing options.

  • Enable compact view for social login: (Checkbox) If enabled, displays smaller icons/buttons for social login options instead of larger buttons with text.
  • Use Add2Any code instead of default sharing menu: (Checkbox) Allows replacing UNA's built-in content sharing buttons with a custom sharing widget from Add2Any (or similar service).
  • Add2Any code: (Text Area) If the above option is checked, paste the JavaScript code provided by Add2Any (or your chosen sharing service) here.

Sockets Server

Configure settings for real-time features like live chat, notifications, and updates, typically requiring a separate WebSocket server.

  • Type: (Dropdown, e.g., Disabled, Node.js, Pusher) Select the type of WebSocket implementation being used. 'Disabled' turns off real-time features.
  • Url: (Text Input) The URL of your running WebSocket server.
  • App id: [Your Socket App ID] - Application ID for services like Pusher.
  • App key: [Your Socket App Key] - Application Key for services like Pusher.
  • App secret: [Your Socket App Secret] - Application Secret for services like Pusher. Keep confidential.

Saving Changes

After making adjustments in any section, be sure to scroll to the bottom and click the Save button to apply your changes. Remember to clear the site cache (Studio > Dashboard > Cache) if changes don't appear immediately.

Conclusion

The Global Settings area provides Operators with powerful control over the core configuration of their UNA site. Carefully review and adjust these settings according to your community's needs, security policies, and performance requirements. Always test changes, especially those related to security, storage, and account management, before implementing them on a live production site.

On This Page