SFS2X Docs / GettingStarted / admintool-ServerConfigurator
» Server Configurator module
The AdminTool's Server Configurator module gives access to the global SmartFoxServer 2X instance settings. On start-up, SFS2X configures itself with these parameters.
» Usage
When the module is accessed, the current configuration is automatically requested to the server. It is also possible to reload it later by pressing the Reload button located at the bottom of the module.
In order to submit your changes, press the Submit button. In case of concurrent changes made by different administrators, an alert message is displayed.
IMPORTANT
Configuration changes are not applied automatically by SmartFoxServer 2X when submitted (with the exception of the Remote Admin tab – read below). You will need to restart the server for the changes to take effect.
If selected, the Backup checkbox located near the Submit button allows creating a backup copy of the existing settings before saving the new ones. This is highly recommended.
The backup files are located in the [sfs2x-install-folder]/SFS2X/config/_backups folder and are named using the following convention:
- YYYY-MM-DD-HH-mm-SS__server.xml
YYYY = year | MM = month | DD = day
HH = hour (0-23) | mm = minutes | SS = seconds
In order to restore a backup, rename it to server.xml and move it to the [sfs2x-install-folder]/SFS2X/config folder, overwriting the existing file. Then restart the server.
» Configuration settings
The SFS2X configuration settings are divided into a number of tabs. Most of the settings are self-explanatory, anyway they are all accompanied by a little Help icon: keeping the mouse pointer over it for a moment shows up a tooltip with basic information. Reading such notes is highly recommended.
The following paragraphs show the screenshots of all the module's tabs and enter into deeper details about the less straightforward settings.
» General tab
This tab contains the basic SFS2X settings, including the main IP addresses and ports which are listened for incoming connections.
For more information on the protocols supported by SmartFoxServer 2X, check this document.
Additional information
- Stats extra logging makes SFS2X log additional information which is used to provide more metrics in the Analytics module, in particular average and peak CCU and Room joins.
- User-friendly logging and User debug-mode switches are not yet implemented.
» IP Filter tab
This tab configures the IP addresses black-list and white-list. Please notice that these settings are not related to IP banning (see the Ban Manager module): black-listed IPs are never permitted to connect to the SFS2X instance, while white-listed IPs can still be banned.
Additional information
- The IP addresses white-list parameter overrides the Maximum connections per IP address setting, allowing unlimited incoming connections from the listed IPs.
NEW since version 2.12.0
Starting from SFS2X 2.12.0 it is possible to use IP ranges for both white and black lists. IP ranges must be expressed using standard CIDR Notation.
For example adding the range 192.168.1.1/24 to a white list means that all addresses from 192.168.1.1 to 192.168.1.255 will be allowed to connect. If the same range is added to a blacklist, all those addresses will be rejected by the server.
» Ban Manager tab
This tab collects the global banning settings. Ban rules can then be configured on a per-Zone basis by means of the Zone Configurator (Words Filter and Flood Filter tabs in the Zone configuration).
» Web Server tab
This tab allows to activate Apache Tomcat web server embedded in SmartFoxServer 2X and the HTML5 WebSocket protocol, both standard (WS) and secure (WSS). The websocket protocol is required in order to be able to connect an HTML5/WebGL application.
HTTP/WS and HTTPS/WSS protocols can be enabled and configured separately.
Activating the web server is mandatory in order to run the BlueBox service, for which a few advanced settings are also available here.
For more information on the protocols supported by SmartFoxServer 2X, check this document.
WSS connections also require an SSL certificate to be deployed to the server, as described in the Protocol Cryptography documentation. The Manage button opens a popup window allowing the certificate keystore to be uploaded to the embedded web server.
Additional information
- Make sure the HTTP/WS port and HTTPS/WSS port do not conflict with each other and the general TCP port (default: 9933).
- The keystore password provided in the SSL certificate manager popup is transmitted securely to the server. Also, the administration password is requested as an additional security measure.
- Tomcat users table can contain a dedicated set of credentials which gives access to the web server's native status console (see Dashboard module).
IMPORTANT
As this feature allows to upload any kind of file to the server, in order to improve the security a physical lock has been placed on the server preventing the usage until it is removed. This means that even if you forget to change the default access credentials for the AdminTool, a malicious user won't be able to take advantage of it.
To enable the feature you have to remove the UploadsLock.txt file contained in the server's config folder by accessing the server directly (via FTP or using a terminal/console window).
Please make absolutely sure to first setup a secure password before removing the lock file.
As the module leverages SmartFoxServer's file uploading feature, in addition to the above, the feature requires the internal web server to be already running and the HTTP protocol to be active.
» Adobe Flash Player tab
The settings in this tab are specifically targeted at Flash clients, which require Adobe's security restrictions to be met. Additional information can be found in the SmartFoxServer 2X troubleshooting guide.
» Mailer tab
Providing an SMTP server address and account details in this tab enables the SFS2X's Mailer service, allowing emails to be sent from within the Extensions without the need of external software.
The Mailer is also used by SmartFoxServer 2X itself to send warning emails to the license owner in case of license issues, so configuring it in production environments is highly recommended.
» Remote Admin tab
This tab allows configuring the users enabled to access the server's administration through the AdminTool. For additional security, a list of allowed IP addresses or IP ranges and the TCP communication port should be declared.
The ability to stop/restart the server and the list of disabled AdminTool modules
can be configured on a per-administrator basis.
Please note that unlike the other server settings, those grouped under this tab are applied immediately, as soon as the data is submitted (without needing a server restart).
Additional information
- Removing all the entries in the Administrators table will make the server's administration inaccessible.
- At least one administrator should have full permissions, otherwise some features could become inaccessible, requiring a manual intervention on the configuration files on the server.
- If the Allowed client IP addresses list is left empty, no restrictions on client IP addresses is applied (administrators can connect from any IP). Starting from SmartFoxServer 2X v 2.18.3, the list can contain IP ranges too, using the CIDR notation (i.e. 192.168.0.1/24).
- If the Administration TCP port is set to -1, no restrictions on connection ports is applied (administrators can connect to any port bound by SmartFoxServer).
- The Use encryption switch enables protocol encryption for the AdminTool client; check this page for more information.
» Analytics tab
In this tab it is possible to schedule the log analysis process which gathers data for the Analytics module.
Read the Analytics documentation for more information.
» Thread Pools tab
This tab can be used by advanced users to fine tune the System and Extension Controllers thread pools. As these settings can affect performance under heavy load noticeably, change them only if you know what you are doing!
Additional information
- Core thread is the default number of thread used to process incoming System and Extension requests.
- Backup threads is the number of additional threads added when the core ones can't keep up with the traffic and the queues start filling up; the other settings control how backup threads are called by the system.
- The Queue size parameter of each section sets the size of each queue.
» Geolocation DB tab
In order to provide basic user geolocation and the demographic view in the Analytics module, MaxMind's GeoLite2 Country database is used to identify the users location by means of their IP address (both IPv4 and IPv6 are supported).
The GeoLite2 database is licensed under the MaxMind GeoLite Commercial Redistribution License. This license allows Analytics customers to update their local database when a new version is made available by MaxMind on their website. Click on the Install latest release button to update the database.
Additional information
- The geolocation database is in binary format and it is located in the /data folder of SmartFoxServer, filename: GeoLite2-Country.mmdb.
» JVM Settings tab
This tabs allows advanced users and system administrators to configure additional settings to fine tune the Java Virtual Machine when the SmartFoxServer 2X process is launched. It is also possible to add classpath entries to load additional, external libraries to be used by the Extensions (even if the default entries should be enough for all purposes).
When the JVM settings are changed, the AdminTool takes care of re-generating the SFS2X startup scripts using specific templates. For this reason is not recommended to edit the startup scripts manually, or your changes could be overwritten in case you later make changes using this tab.
Additional information
- Common examples of parameters which can be added to the JVM options list are:
- -Xms and -Xmx to configure the heap memory size (for example -Xms512M and -Xmx2048M to start with 512MB of heap memory, up to 2048MB);
- -XX:+CMSClassUnloadingEnabled and -XX:+CMSPermGenSweepingEnabled to make the Garbage Collector (GC) sweep the PermGen too.
- For more information on the JVM options, check this link on the Oracle website.
- Important: do not to remove the -Dfile.encoding=UTF-8 option from the JVM options list and the ./, lib/*, lib/apache-tomcat/bin/* and extensions/__lib__/* entries from the JVM classpath list; doing this could break the SFS2X functioning.