Forums | Mahara Community

Support /
Admin Warning

Marcus Tremble's profile picture
Posts: 7

20 May 2016, 7:22 PM

Hi All ...

When logged into my Admin area i get the following warning:

" The $cfg->urlsecret set for this site has not been changed from the default value. Edit your config.php and set the $cgf->urlsecret parameter to a different string (or null if you do not wish to use a urlsecret). "

I don't know the format, or syntax for what this entry should be in the config.php.  But I know it looks like it's not there.  Not sure where/how to add it ...  Can I add anywhere? Should it be first or last in the file?

$cfg-> ???


Please advise ...

Ghada El-Zoghbi's profile picture
Posts: 122

20 May 2016, 10:07 PM

Hi Marcus,

To remove that warning, please add the following to your config.php file :

$cfg->urlsecret = 'a-secret-password';

Please replace  'a-secret-password' with your own password.

That line can go anywhere in the file after the instanciation of $cfg. But, I would add it towards the end. 

The introduction of this variable is to allow only admins or the people who know this password to run upgrades or cron from the GUI. You can run them from the command line without it though.

To run from the GUI, you will need to add to the URL:


If you don't want to use a password (and I do not recommend this ), set

$cfg->urlsecret = null;

in the config.php file.

For a much better explanation, please refer to the manual:

Please let me know if you need any more help.

Marcus Tremble's profile picture
Posts: 7

21 May 2016, 6:23 AM

Thank you for the input Ghada .  Working ...

3 results