This section details the various configuration changes that can be made to the Gateway's configuration file: ignition.conf. Before the Gateway starts, a wrapper service checks the configuration file for parameter values, and then attempts to start the Gateway using parameters. This means changes made to the configuration file will only occur on startup, and making changes to the configuration file while the Gateway is already running will not have any impact until a restart. 

Configuration File Location

The Gateway's configuration file can be found at:

See the Installing and Upgrading Ignition page for default installation directories.

Comments in the File

Many lines in the configuration file are commented out, either to provide some documentation in the file, or to omit certain parameters, such as some options under the Java Additional Parameters header. The "#" character is used to comment lines in the configuration file. 

# this line is commented
this line is not commented

Gateway Memory Allocation

On a standard installation, the Gateway is initially allocated a fixed amount of heap (memory). Increasing this allows the Gateway to utilize more of the server's memory. To determine if this is necessary, navigate to the Performance page under the Status section of the Gateway webpage. Generally speaking, if the Memory Trend shows a saw tooth pattern that peaks towards the maximum amount of memory, that's expected behavior. However, if memory usage usually floats around maximum allocated, and slow response events occur more than occasionally, then it may be time to consider increasing the maximum allocated memory, assuming the server has available memory. 

To increase the maximum amount of memory allocated to the Gateway, open the Gateway configuration file, and search for " ". It should look something like following:

# Maximum Java Heap Size (in MB)

The number at the end of the line represents the maximum amount of memory allocated to the Gateway (in megabytes). To change the amount of memory allocated to the Gateway, simply change this number, save the configuration file, and restart the Gateway. Once the Gateway starts up again, it will attempt to use the amount of memory specified. 

The new heap size shouldn't exceed the amount of memory available, nor should you allocate all of the server's memory to the Gateway because the server likely has other applications (including the host operating system) that also need to make use of the system's resources. 

Changing Java Additional Parameters

Adding or modifying parameters in the configuration file is considered an advanced configuration change. Most installations don't require any additional parameters, nor do they require modification to existing parameters. We generally discourage most users from making changes to parameters in the configuration file, as doing so could result some unintended behavior or security vulnerabilities. We list the parameters on this page for the sake of transparency. 

If you choose to add or modify parameters in the the configuration file, you do so at your own risk. 

A section of the configuration file contains a header stating "Java Additional Parameters". This section allows for a large number of configuration changes, and merits having some discussion on how to add new parameters. On install, the Java Additional Parameters section may look like the following:

# Java Additional Parameters,server=y,suspend=n,address=*:8000

When adding a new parameter, the "" prefix must be added to a new line. Each parameter contains a prefix (""), a key, and a value that the key will be set to. Generally speaking, each parameter in the file should follow the pattern below:

Uncommented parameters should be listed in ascending numerical order, based on the number at the end of the prefix, as shown below.

# Add parameters like this:,server=y,suspend=n,address=*:8000

# Avoid skipping commented numbers:,server=y,suspend=n,address=*:8000

Designer and Vision Client Parameters

Suppressing Error Message Details

By default, error messages in the Designer and Client report a stack trace, which provides granular information about the source of the error. However in some cases, these stack traces may include sensitive information from the Gateway. You can restrict the amount of information presented in these error messages with the following parameter:

Where %Value% is one of the following values:

NONEErrors are not suppressed at all. This is functionally the same as not specifying the parameter at all. (default behavior)
CLIENTError messages for client sessions will be suppressed, but not designer sessions. 
ALLError messages for both clients and the designer will be suppressed.

Gateway Parameters

Gateway Security HTTP Headers and Configuration

Gateways use more secure security headers. The default settings are listed below, along with their associated system properties. These parameters mainly impact Perspective sessions, as well as any pages hosted on Ignition's web server. 

HTTP headers used by the Gateway are configurable via the ignition.conf file in the Gateway's installation directory. In most cases there won't be a need to modify the new default values. However, if you're embedding a Perspective session inside of an iframe from another origin, and it stops working after upgrade, then take a look at this  Knowledge Base Article  for more details. 

Strict Transport Security

The following system properties interact with the Strict-Transport-Security header. Enabling the header involves setting the Dignition.https.sts.maxAge system property to a non-zero value. By default, the header is disabled. 

System PropertyDescription

Sets the maximum age of the Strict Transport Security header. The value should be set to an integer, representing a number of seconds.

Applies the includeSubDomains parameter. Expects a boolean value. If omitted, defaults to false.

This parameter allows websites to tell the browser to only connect using HTTPS.  It can be set to " true"  or " false"  to enable or disable the  preload  directive of the  Strict-Transport-Security  header. If omitted, defaults to false.  
Referrer Policy

The following system properties interact with the Referrer-Policy header: By default, the header is enabled with a value of  strict-origin-when-cross-origin.

System PropertyDescription

Allows you to enable or disable the Referrer-Policy header. Expects a true or false value. 


Sets the value of the Referrer-Policy.
X Content Type Options

The following system properties interact with the X-Content-Type-Options header: By default, the header is enabled with a value of nosniff .

System PropertyDescription

Allows you to enable or disable the X-Content-Type-Options header. Expects a true or false value. 


Determines the value of the X-Content-Type-Options. 
X Frame Options

The following system properties interact with the X-Frame-Options header: By default, the header is enabled with a value of SAMEORIGIN

System PropertyDescription

Enables or disables the X-Frame-Options header. 


Determines the value of the X-Frame-Options header
X XSS Protection

The following system properties interact with the X-XSS-Protection header. By default, the header is enabled with a value of 1; mode=block

System PropertyDescription

Enables or disables the X-XSS-Protection header.


Determines the value of the X-XSS-Protection header.; mode=block

HTTP Client Manager

The following system properties interact with the platform's HTTP Client. These settings allow you to configure how the IdP system and Perspective's HTTP Bindings parse cookies, handle idle HTTP connections, and respect proxy settings.

System PropertyDescription

Controls the cookie parsing behavior of the HTTP Client. This system property may take one of the following values:

  • default: Default cookie specification that picks up the best matching cookie policy based on the format of cookies sent with the HTTP response.
  • netscape: This CookieSpec implementation conforms to the original draft specification published by Netscape Communications. It should be avoided unless absolutely necessary for compatibility with legacy applications.
  • standard: Standard CookieSpec implementation that enforces a more relaxed interpretation of the HTTP state management specification (RFC 6265, section 5) for interoperability with existing servers that do not conform to the well-behaved profile (RFC 6265, section 4).
  • standard-strict: Standard CookieSpec implementation that enforces syntax and semantics of the well-behaved profile of the HTTP state management specification (RFC 6265, section 4).

When set to  true , HTTP connections issued from the HTTP Client will set the  SO_KEEPALIVE  flag on the underlying socket, enabling keepalive. Enabling keepalive maintains a connection between a client and the server, reducing the number of TCP and SSL/TLS connection requests. You must also enable and configure keepalive settings on the OS running the Gateway. See KeepAlive Configuration.

An integer representing the duration in seconds between each check for idle connections. This value is ignored when maxIdleConnectionTime is less than or equal to zero. If this value is undefined or less than or equal to zero, then the interval is set to match maxIdleConnectionTime.
An integer representing the number of seconds that connections in the HTTP connection pool may be idle (i.e. no data is sent or received on the socket) before it is evicted and closed. If set to any number less than or equal to zero or undefined, idle connection eviction will be disabled.
If set to true, the HTTP Client will respect the JVM's system default proxy settings. Default value if undefined is false.

KeepAlive Configuration

For Windows:

  1. Navigate to \HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters

    Modifying the registry can cause serious problems and impact your server's performance if done incorrectly. For information on how to back up and restore the registry in Windows, click here.

  2. If parameters for \KeepAliveTime and \KeepAliveInterval do not exist, create them.

  3. Click Edit>New>DWORD (32-bit) Value.

  4. Open the Registry Editor.

  5. Add the following parameters:

    NameData TypeRangeDefault value
    KeepAliveTimeREG_DWORD0x1–0xFFFFFFFF (milliseconds)0x6DDD00 (7,200,000 milliseconds = 2 hours)

    0x1–0xFFFFFFFF (milliseconds)

    0x3E8 (1,000 milliseconds = 1 second)
  6. Exit the Registry Editor.

  7. Restart the computer for changes to take effect. 

For Linux:

For Linux systems, there are three parameters to change:

NameDefault value
tcp_keepalive_time7200 (seconds)
tcp_keepalive_intvl75 (seconds)
tcp_keepalive_probes9 (number of probes)

  1. Edit /etc/sysctl.conf:

    # vi /etc/sysctl.conf
  2. Add the following settings:

    net.ipv4.tcp_keepalive_time = #newvalue
    net.ipv4.tcp_keepalive_intvl = #newvalue
    net.ipv4.tcp_keepalive_probes = #newvalue

Maximum Form Size

By default, the maximum size is kept low on the default installation to prevent DoS attacks. We do not recommend changing this, especially so if the Gateway isn't in a closed network. 

This parameter allows you limit the amount of data that can be posted back from a browser or other client, to the Gateway. Generally, this is useful to increase the maximum size for Web Dev POST requests. More information about this parameter can be found in Jetty's documentation

Internal Database Connection Timeout

The default maximum time that the Gateway will wait for a connection to an internal database is 30 seconds. This parameter allows you to override this setting and increase the maximum wait time.

Make this visible upon 8.1.23 release

Internal Database Maintenance Tasks (H3)

Internal Database VACUUM Operation (H4)

Starting in 8.1.23, a VACUUM operation is executed against the internal database upon Gateway startup by default. This operation reclaims unused disk space, trimming down on both the time it takes for auto-backups to complete, as well as the overall size of the internal database itself. This action can be disabled by using the following parameter.

Internal Database Legacy Tag Cleanup (H4)

Upon Gateway startup, you can conduct a cleanup task on old 7.X.X SQLTAG tables. This helps to reduce bloated internal databases, save disk space, and potentially improve Gateway performance. Using the following parameter will opt the Gateway in for performing this cleanup task.

Internal Database Project Table Cleanup (H4)

Upon Gateway startup, a cleanup task is conducted on old 7.X.X project tables. This helps to trim down internal databases, providing more space for other operations, and may improve Gateway performance. The following parameter will allow you to skip this cleanup operation.

Hosted Launcher Installers

Normally, each Ignition Gateway includes files for the various launchers. When you download a launcher from a Gateway, it simply streams its local launcher files. However, you can override this behavior, causing the Gateway to ignore it's local launcher files and instead download launchers from the internet. This is an uncommon configuration for most cases, as it was devised primarily to aid with systems where memory limitations are strict (such as physical devices that include preinstalled Ignition Gateways).  

Enabling Hosted Launchers

The following parameter (and value) enables the use of hosted launchers. While enabled, the Gateway will only ever attempt to retrieve the hosted launchers, meaning it will ignore the local launcher files.
Hosted Launcher Version

By default, enabling Hosted Launchers will cause the Gateway to retrieve launchers version appropriate launchers: 8.0.0 launchers for 8.0.0 Gateways, 8.1.0 launchers for 8.1.0 Gateways, etc. 

The parameter below can be used to explicitly state which launcher version to retrieve. Generally, this is not recommended, but can potentially be useful if you're looking for a specific launcher version.  It requires that -Dignition.hostedLaunchers  is set to "true".

Automatic Thread Dump Sample Rate

The following parameter can be used to override the default sample rate for Automatic Thread Dumps.

Ignition Edition

You can specify which edition of Ignition a Gateway should be set to with the parameter demonstrated below.

Ignition Gateway Licenses are matched to a specific edition. Changing the edition of an Ignition Gateway that is already licensed can result in the license becoming invalidated. It's recommended that you unactivate a license on a gateway before changing its edition. 

  • Standard Ignition - standard
  • Ignition Edge - edge
  • Ignition Maker - maker

Loading Unsigned Modules - "Developer Mode"

Normally, an Ignition Gateway will not allow unsigned module to be installed. This restriction can be disabled with the flag below. This is normally done in cases where a user is developing a custom module, and wants to install it without having the module signed.

Project Directory Scan Rate

This setting dictates how often the Ignition Gateway will scan its project directory for changes. As of Ignition 8.1.0 this was changed to a 300 second rate (from a 10 seconds rate), but it can be configured. This is useful in cases where project files are being modified from external sources and the gateway needs to be aware of theses changes in a more timely manner. The argument below expects an integer, which represents a number of seconds.

Ignored Project Directory Files

This setting allows users to specify a list of folders in the project directory that the Ignition Gateway will ignore when scanning for changes. By default, the Gateway will ignore changes to any files located within folders with the name ".git", ".svn", or ".hg". The argument below expects a list of additional folders to ignore, using the ':' character as a file separator.

By specifying a folder to ignore, note that any folder within the data/projects folder with the same name will be excluded, including any projects with that name. For example, if you exclude a folder called "test" and your project name is also "test" the project will be excluded as well.

Redundant Alarm Runtime Limit

In redundant systems, both alarm event and alarm shelf items wait in separate queues on the active node before they're transferred to the inactive node. Normally the active node sends recently changed alarm events and shelve events to the inactive node as they occur. However if the queue becomes full the active node will pause this behavior and send a full transfer to the inactive node, ensuring that the state of events on the inactive node is accurate.

System PropertyDescription
Determines the maximum size of the alarm events queue. Defaults to 2,000,000 if omitted. 
Determines the maximum size of the alarm shelf queue. Defaults to 2,000,000 if omitted.

Web Server

The following parameters are used to configure Ignition's default settings for web requests that are not configured in some other, more specific manner, such as Perspective Route Handling. These settings usually do not need to be modified, but a higher value may help mitigate issues on very busy systems.

System PropertyDescription
Determines the number of concurrent sessions allowed to acquire a lock per webserver route. The lock must be acquired within two seconds of an incoming request, or the request will return an error. Default is 5.
Leaving this note here for now, we're going to eventually need to add a parameter to the above table called something like -Dignition.routes.defaultTimeout or something once IGN-6728 is finished

Gateway Network Parameters

Proxy Depth

By default, gateway remote providers can only "hop" two gateways away. For example, assume the numbers below represent gateways, which are all connected over a gateway network. 

1 -- 2 -- 3 -- 4

Normally, gateway 1 only has access to gateway 2 and 3. Gateway 4 is too far away. However this can be changed by adding the following to Gateway 1's configuration file:

The Allow Proxying setting must be enabled for requests to be forwarded in this manner. 

GAN Queue Timeout

The Long Wait Queue timeout and Proxy Queue timeout can be adjusted if necessary for slower connections. These settings will mostly apply to EAM, but can also apply for more general GAN instances such as a GWBK transferring from a redundant master to a backup. 

System PropertyDescription


By default, the Proxy Queue will timeout after 60 minutes. This can be adjusted by setting the system property shown. 


This parameter will adjust the Long Wait Queue timeout setting. The Long Wait Queue defaults to handle messages that take up to an hour to deliver if left unchanged.

EAM Timeout

The following system properties interact with EAM. These settings allow you to configure the timeout settings for various possible actions in EAM.

System PropertyDescription


By default, the EAM Collect Backup task will timeout if the Agent takes longer than 60 minutes to transfer the backup to the Controller over the Gateway Network. This setting can be adjusted by adding the aforementioned parameter, which expects an integer value in milliseconds.


This parameter will allow for adjusting the timeout setting that checks if there is sufficient free space to perform the EAM Controller's save operations. Expects an integer value in milliseconds. Default value is 10,000 milliseconds (10 seconds).

Perspective Parameters

Session Caching 

Perspective Sessions cache assets (our CSS, JS, fonts, and images) to reduce load times after the first time opening the project. Sessions will cache assets, but some browsers will attempt to re-download assets on refresh. This is mostly controlled by the browser instead of Ignition so there are some important differences between browsers.

Chrome and Safari handle browser cache differently than Edge and Firefox when it comes to hitting the ‘refresh’ or ‘reload’ button. Edge and Firefox both seem to send a request for new copies of the resources with header of max-age=0 instead of pulling from the cache. Navigating via a 'back’ button or entering in the URL bar and pressing ‘enter’ will load from cache. This seems to simply be a design difference by these two browsers, in which both are working as intended.

Caching can be disabled via the following flag:

Alternatively the cacheControl flag can be used to modify aspects of the cache. You can learn more about cache control from the MDN documentation. The example below lists some default values:,max-age=2419400,no-transform

Perspective Session Route Handling

The following parameters are used to modify route handling for Perspective Sessions. Most systems will not need to modify these parameters. However increasing the values of these parameters may be helpful in cases where large project updates are sent out to active Perspective Sessions over a spotty network. A low timeout and concurrency in that scenario may result in browser timeouts. If these values are not set, Perspective will use the global routing values instead. See the Web Server section for more details on global routing.

System PropertyDescription

Determines the number of concurrency sessions. Defaults to 25.


Determines the timeout period when receiving project updates. Defaults to 5000 milliseconds.

Perspective Web Socket Compression

You can remove the compression header for perspective web socket connections.

This parameter is generally only used in cases where a Microsoft IIS based firewall is acting like a reverse proxy, and needs to be able to rewrite secure web socket messages.

Perspective Web Socket Message Size

The following parameter can be used to specify the maximum web socket message size. Most systems will not need to modify this parameter. Increasing the maximum message size may be helpful if your project includes very large Perspective views.

System PropertyDescription
Specifies the maximum message size in KB. Default value is 2048.

Perspective Threadpool Restrictions

Perspective has two primary threadpools:

  • A "worker" threadpool (used for long-running, "blocking" work)
  • A "queue" threadpool (used for short-duration internal tasks)

By default, each of these pools can have an unlimited number of threads with a 60 second keep-alive. The following parameters can be used to fix the number of threads or change the keep-alive period. This can be useful in troubleshooting scenarios when attempting to limit the number of threads. 

System Property (Worker)Description
Specifies the keep-alive period. Expects an integer, which represents an amount of seconds. When omitted, defaults to 60 seconds. Note that this setting is ignore if pool-size (listed below) is set. 
Specifies the maximum number of workers as an integer. When omitted, defaults to unlimited.

# These settings are mutually exclusive, so setting both will result in the keep-alive being ignored
System Property (Queue)Description
Specifies the keep-alive period. Expects an integer, which represents an amount of seconds. When omitted, defaults to 60 seconds. Note that this setting is ignore if pool-size (listed below) is set. 
Specifies the maximum number of workers as an integer. When omitted, defaults to unlimited.

# These settings are mutually exclusive, so setting both will result in the keep-alive being ignored

Perspective Cache and Share

Certain bindings and queries in Perspective will often pull data to see if any values have changed. You can influence whether Perspective pulls in cached data or issues a new query by setting the timeout threshold before Perspective executes a new query. In other words, if Perspective fetches data that is within that time frame, the cached value will be used instead of a new, queried value. This timeout value can be modified with the following system property:

System PropertyDescription
Controls how long Cache and Share will keep cached values alive for before Perspective polls for new data. Default is 1 minute.
# "####" is the timeout period for using cached data.

Store and Forward Parameters

It is possible to adjust the refresh rate of the System Tag Provider's System Tags. To do so, add the following system flag in the ignition.conf file:

Where "####" is the rate in milliseconds that the Tags should refresh at. Default refresh rate is 5000 milliseconds. 

Tag Historian Parameters

Tag Historian Query Syntax

The Ignition Tag Historian stores and queries data in a particular way. When a Tag has Tag History enabled on it, an entry is generated for this Tag inside the sqlth_te table in your database. This Tag's Tag path, along with other Tag attributes, are stored in this table. Every Tag entry in the sqlth_te table has a unique Tag id which is used by the Tag Historian to identify each Tag. Whenever we make any type of change to this Tag's historical configurations, such as its Tag Group for instance, the current sqlth_te table entry for this Tag becomes retired and a new, unretired entry for this Tag gets created with a new Tag id. Due to this dynamic, it is common for a Tag path in the sqlth_te table to be associated with more than one Tag id. When a Tag History query executes for a specific Tag, a check is made against the sqlth_te table for all the Tag id's that match this Tag's Tag path. These Tag id's are then used to build a dynamic SQL query like the one shown below:

SELECT "tagid", "intvalue", "floatvalue", "stringvalue", "datevalue", "t_stamp", "dataintegrity"
FROM sqlth_1_data
WHERE "t_stamp" >= 1580680800000 AND "t_stamp" <= 1581026400000
    AND ( "tagid" = 14568 OR "tagid" = 14571 OR "tagid" = 14572 )
ORDER BY "t_stamp" ASC, "tagid" ASC

When we query Tag history for a Tag with three Tag id's associated with its Tag path, the system uses repetitive OR clauses to account for all the Tag id's for this Tag. Additional OR clauses in this fashion can be hard for databases to optimize. For this reason, we changed the query generating mechanism to use the IN operator like so: 

SELECT "tagid", "intvalue", "floatvalue", "stringvalue", "datevalue", "t_stamp", "dataintegrity"
FROM sqlth_1_data
WHERE "t_stamp" >= 1580680800000 AND "t_stamp" <= 1581026400000
    AND "tagid" IN (14568, 14571, 14572)
ORDER BY "t_stamp" ASC, "tagid" ASC

The use of the IN operator allows for better database side query optimization. Users who want to change their historian to use the old query constructor with OR operators can do so by placing the following system flag in the ignition.conf file: