Frequently Asked Questions

This documentation is for older versions. If you have the latest version (v7 or newer) please check Github instead.

The installation of FileGator is very simple. Copy all files to server, login as admin (default password is admin123) add one or more users and you are ready to go. Note that web server must have read/write permissions to config/ and repository/ folders. Don't forget to change default admin password! If you want to use mysql database to store your users then update configuration.php file and create a table using provided database.sql script.

This script contains a single language file and can be easily translated. You can download language files from here:
Currently available languages: English, French, German, Dutch, Italian, Russian, Polish, Portuguese, Spanish, Swedish, Japanese, Persian, Serbian, Romanian, Korean, Finnish, Turkish, Catalan, Chinese, Czech, Arabic,

There is a simple variable in FileGator called max_filesize but this will only work within your server limits. If you need to increase server limits see below...

Maximum file upload size is controlled by your web server and PHP settings inside php.ini file.

Follow these steps to increase maximum upload file size to 200MB:

1. Locate your php.ini file. On windows look into c:\Program Files\php\ or c:\xampp\apache\bin\ or simply search for php.ini. Sometimes there are two or more php.ini files (on some xampp installations) so you must figure out which one is used.

2. Inside php.ini file set parameters to something similar:

upload_max_filesize = 200M ;this is 200 Megabytes
post_max_size = 205M ;this must be greater then upload_max_filesize

3. Restart your web server to apply new settings. Don’t forget this!

4. Change FileGator's configuration.php file around line 46:

'max_filesize' => 209715200, // This is 200 Megabytes

5. Refresh page in your browser and you’re done.

Here is a good link to explain this more deeply.


Note: If you don’t have your own server consult your hosting provider about this.

If you’re stuck with your server’s config you can enable ‘upload in smaller chunks’ feature as described below

* On some servers you must increase max_execution_time inside php.ini as well

** On Microsoft IIS requestFiltering settings can sometimes block large file uploads

*** For Nginx servers adjust client_max_body_size value in the http{} context

**** Apache 1.3.x or 2.0.x cannot work above the 2.0GB file limit, as this is something the webserver itself cannot handle due to 32bit register limits. Apache 2.2.x has changed this by using 64bit file registers so you must upgrade to that in order to handle >2GB files. Your LimitRequestBody should also be set to 0 (unlimited) after upgrading or you'll see 413 error.

***** File size is represented as integer value and the size of php ints is platform dependent, in other words files that are above 2GB can show inaccurate file size on some 32bit systems, windows php installations, 32bit php builds etc.

Note: This section is written for developers and advanced users. Feature or method described below is experimental and it’s not officially supported!

Yes, you can activate that feature by editing 3 files:

filegator/include/blueimp/js/jquery.fileupload.js (around line 101), Set chunk size here:
maxChunkSize: 50000,
filegator/include/blueimp/server/php/upload.calss.php (around line 39), Set this option to false:
'discard_aborted_uploads' => false,
filegator/include/file-gator.php (around line 1322), remove or comment this line so you can set filegator’s max_filesize option to higher value:
gator::error('Config param max_filesize is bigger than php server setting: post_max_size = '.$php_post_max_size.', upload_max_filesize = '.$php_upload_max_filesize);

Clear browser’s cache and you are ready to go. Note that upload in chunks is not available in Microsoft Internet Explorer.

If you're dealing with large directories with many files or if files are really big then your PHP might need more memory and longer execution time to finish those file operations before it gets killed by the server leaving you with blank page, partially zipped files or similar errors.

You can increase this by adding these two lines in Filegator's index.php file:

ini_set('max_execution_time', 300); //300 seconds = 5 minutes

This might not work on some shared hosting plans. Their servers are configured to ignore these settings. They can also limit resource consumption in other ways preventing your scripts from taking up too many memory or processor cycles.

This is a permissions problem, your web server cannot write to /config/config.json file and therefore cannot save users data. Change permissions or file ownership and try again.

You cannot download entire folder directly but you can zip a folder and download this zip archive instead. See this video tutorial.
Make sure you have zip feature enabled inside configuration.php ('use_zip' => true,) which is 'on' default.

You can filter files in the current folder using search box at the top. To find a file in other folders use the search box inside tree-view.

See this video tutorial:

Absolutely, you can create two (or more) different users on the same folder, one with full permissions and other with read&upload permissions for example.

Even better, you can create one user with full permissions and within this user’s home folder create other users each having one subfolder as a home, this way first user will act as superuser and he can see folders of other users while others cannot go up to superuser folder. See example:


In this case give your superuser access to /filegator/repository/ and he will also see John’s and Maria’s folders.

We do not offer customization services at the moment. However, you will receive full source code so you can change whatever you want. Please note that we will not provide support or fix errors caused by modification to the original files.

It will take some time to generate full tree if you have 50+ folders and it will fail if script execution time is set too low. You can disable simple_copy_move option (set to false inside index.php) and use cut/copy/paste model without folder structure tree. This can also happen if you don’t have standard PHP libxml extension installed because FileGator relies on DomDocument class to generate tree view.

Although nginx is not fully tested and supported, it has been reported that FileGator works on those servers just fine.

To increase upload max file size this must be added to nginx configuration:
client_max_body_size 100M;
Because nginx doesn’t use .htaccess rules, in order to prevent php script execution in repository folder – this must be added to nginx config at server section:
location ~* /filegator/repository {
deny all;
location ~* /filegator/config {
deny all;

You can change colors inside stylesheet CSS file located here:


For example you can change background color by editing 3rd line.

You can also change button colors by editing this CSS file:


Styles for buttons are between lines 602-693

All icons are stored into a single sprite file include/views/img/icons30px.png. You can download several different color schemes (black, green, red and blue) from here or use Photoshop's Hue-Saturation to tweak the colors.

Small code customization is required for this, inside include/blueimp/server/php/upload.class.php replace this:

$file_name = $this->upcount_name($file_name);
with this:

Yes, this feature is implemented and you only need to switch it on inside configuration file.

Yes, look for this line in filegator/include/blueimp/server/php/upload.class.php

move_uploaded_file($uploaded_file, $file_path);

and add you custom code after or before that line, something like this email notification:

mail('[email protected]', 'Subject', 'New file uploaded');

You can access current user’s parameters such as username, email, homedir or permissions via $_SESSION[‘simple_auth’] variable. See this example:

mail('[email protected]', 'Subject', 'New file uploaded by the user: '.$_SESSION['simple_auth']['username']);

More complex example using current SMTP configuration:

$gator = new gator();
$gator->sendEmail('[email protected]', 'Notification', 'New file uploaded by the user: '.$_SESSION['simple_auth']['username']); // admin
$gator->sendEmail($_SESSION['simple_auth']['email'], 'Notification', 'New file uploaded: '.$file->name); // user

To reset your admin password upload recoverpass.php from this archive to your filegator folder and point your browser there ( Remove this file from the server and login with defaut admin password admin123

To enable image preview mode by default open: include/views/main-filelist.php and change this:

<a <?php if($file['buffer']!=false) echo 'class="'.$file['buffer'].'"';?> <?php if(gatorconf::get('use_lightbox_gallery') && $file['type'] == 'image') echo 'rel="lightbox[images]"';?> href="<?php echo gatorconf::get('base_url')?>/?download=<?php echo $file['crypt']?>"><?php echo $file['name']?></a>
to this:
<a <?php if($file['buffer']!=false) echo 'class="'.$file['buffer'].'"';?> <?php if(gatorconf::get('use_lightbox_gallery') && $file['type'] == 'image') echo 'rel="lightbox[images]"';?> href="<?php echo gatorconf::get('base_url')?>/?download=<?php echo $file['crypt']?>"><?php if(gatorconf::get('use_lightbox_gallery') && $file['type'] == 'image') echo '<img class="image-preview" src="'.gatorconf::get('base_url').'/?download='.$file['crypt'].'" />'; echo $file['name']?></a>
and in include/views/main.php replace this:
<a class="image-size decrease" style="display:none"></a>
<a class="image-size increase" style="display:none"></a>
to this:
<a class="image-size decrease"></a>
<a class="image-size increase"></a>

Note: This section is written for developers and advanced users. Feature or method described below is experimental and it’s not officially supported! You must have allow_url_fopen enabled in your php.ini in order for file_get_contents to work.

Obtain you site key and secret key from

open include/views/login.php and after this line:

<input type="hidden" name="submit" value="ie_enter_fix">
add this code:
<script src="" async defer></script> 
<div class="g-recaptcha" data-sitekey="XXXX"></div>
replace XXXX with your actual recaptcha site key

Now open include/file-gator.php and after this line:
$user = gator::getUser($_POST['username']);
add this code:
$secret = "YYYY";
$response = $_POST["g-recaptcha-response"];
$ret = json_decode(file_get_contents("".$secret."&response=".$response."&remoteip=".$_SERVER['REMOTE_ADDR']), true); 
if($ret['success'] != true) $errors = lang::get("Wrong Captcha"); 
replace YYYY with your actual recaptcha secret key

Sorting in “folder structure” modal window is not possible due to PHP and RecursiveDirectoryIterator function limitations. It can be done with other functions but it would be very slow, especially when dealing with large and deep directory structures. In other words this is a compromise between speed and usability.

If you have very large or deep directory structures consider using cut-copy-paste model for managing files. Open configuration.php and set 'simple_copy_move' to false.

1. create skeleton/ folder inside your main repository folder and add your default files and folders there

2. open include/file-gator.php and search for this:
static function addUser($username, $data){
3. add this code after the line above:
$gator = new gator();
$gator->copyRecursively(gatorconf::get('repository').DS.'skeleton', $data['homedir']);

This sounds like a php session problem (server cannot issue/save cookie properly). Check your server configuration settings related to php session
Use this script to check if session works on your server:

If you cannot fix your session config, try adding this line to filegator's index.php file


Default sort is by ‘name’, ascending. If you want to change that open include/file-gator.php and search for this:

$_SESSION['sort']['by'] = 'name';
$_SESSION['sort']['order'] = 1;

you can replace ‘name’ with ‘date’ or ‘size’ and change order to -1 for descending.

You must log out and log in again to apply this changes.

Officially symlinks are not supported but they could work with a little tweak. Open filegator/file-gator.php and replace this line:

if (filetype($directory.DS.$file) == 'dir'){

with this line:

if (filetype($directory.DS.$file) == 'dir' || filetype($directory.DS.$file) == 'link'){

Symbolic links can be used on linux to simulate shared folders.

Although you can use any existing folder as a repository, including folders outside the web root, we do not provide support for this type of configurations. This is due to many different server and filesystem types, configuration variables, and permission combinations involved.

Allowing users to access your server and files can lead to security risks. That’s why FileGator has a whole set of security features implemented out of the box reducing that risk to minimum. These features include:

  • Users can login to system only if you grant them access.
  • You can grant read-only permissions and disable upload and write operations.
  • Special .htaccess file inside repository folder prevents users from executing php and other scripts. Check if this is working (see below).
  • Filesystem operations between browser and server can be encrypted with mcrypt function. This can be enabled with config parameter encrypt_url_actions.
  • Users cannot exit their own home folder.
  • In users database file passwords are encrypted. This file is protected with .htaccess and can be stored outside web root folder on secure location. You can also use database for this.

If for some reason you need very strong security you can improve security even more by following these security guidelines:

  • Always use the latest FileGator version.
  • Pick strong passwords for users and admin, disable changing passwords if necessary to prevent users from picking weak passwords.
  • Relocate config/config.json file outside web root folder or use database to store users info.
  • Check if users can execute php scripts by uploading test.php file to user repository. If 403 access forbidden error is thrown when user clicks on test.php file then this security feature is working. Beware that .htaccess works on Apache servers only.
  • Enable url encryption for filesystem actions in config section (encrypt_url_actions = true). When this function is enabled server will accept only encrypted filenames for all operations.
  • Grant access to the users you trust, not everyone.
  • Enable ssl on your server and accept only https connections. This way all communication between user and server will be encrypted. You may need to adjust base_url inside config.
  • Use repository folder outside web root (public server path)
  • Do not use shared hosting or shared servers.
  • Test everything with non-critical data.

And remember, you are solely responsible for your files, server and data. If you have very sensitive data do not use this or any other software or digital storage – store your data in safe-deposit box in a bank you trust.

Open configuration.php file and enable guest account:

'allow_guests' => true,

...then login as admin and give full access rights to the guest.

DO NOT use this setup on public servers since everyone could write to your filesystem

Open configuration.php and set ‘encrypt_url_actions’ to true.

FileGator respects session lifetime settings defined on your server.
If you wish to change that you can add your custom settings inside filegator/index.php

// session will expire after 1 hour
ini_set('session.gc_maxlifetime', 3600);
Clear your browser’s cookies and try it out.
More info:

- What are the main differences between the regular license and the extended license?
In simple terms, the main difference is that under the regular license, your end product (incorporating the item you've licensed) is distributed for free, whereas under the extended license your end product may be sold.

- What do you mean by item and end product?
The item is what you purchase from us. The end product is what you build with that item.

- Which license do I need for an end product that is freely accessible or freely distributed to users?
As long as the end users can freely access the end product, the regular license is fine. There can be more than one end-user (the person who uses the end product, such as the end consumer) as long as there is only one, unique end product.

- Which license do I need for an end product that is free, but has parts you need to pay to access?
If the item is used within the free part, the regular license if fine. If the item is used only in a part that requires payment to access, you need the extended license.

- Am I allowed to modify the item that I purchased?
Yes. You can customize our items to fit the needs of your end product.

- Can I re-distribute an item? What about under an extended license?
No. You can't license items and then make them available to others 'as-is' (that is, as a stand-alone item or as stock), regardless of which license you purchase.

- If I purchase the extended license, do I get a multi-use, multi-domain, multi-client or developer license?
No. The extended license is still limited to a single end product (one installation / one domain).

- Is my license transferable?
Generally, your license is not transferable. The exception is if you are a freelancer using the item for an end product for one client, or if you sell the single instance of an end product, such as a website installation. In those cases, point the client or buyer to the license terms and delete the item from your computer.

This faq is obsolete since direct links are now disabled by default.

Note: This section is written for developers and advanced users. Feature or method described below is experimental and it’s not officially supported!

Replace .htaccess file in your repository folder with the one from this archive.
In addition, open configuration.php and set both, ‘allow_file_links’ and ‘use_lightbox_gallery’ to false.

'allow_file_links' => false,
'use_lightbox_gallery' => false,

Note that this will not work on Microsoft IIS / Nginx servers.

Update instructions:

  • Backup everything.
  • Download the new version.
  • Replace all files and folders except "repository" and "config" folder.
  • Check if .htaccess need to be replaced inside "repository" and "config" folder.
Which version am I running? Look inside index.php file, you will find your current version number there.

Default configuration.php file for FileGator PRO looks something like this:

// language selection, available languages: english, french, polish, portuguese and serbian
'language' => 'english',

// mobile layout breakpoint in pixels. Set to 99999 for mobile-only layout
'mobile_breakpoint' => 667,

// user config file
// for more that 20 users please enable database storage below
'user_config_file' => getcwd().'/config/config.json',

// use database to store users? (true/false)
'use_database' => false,
'db_host' => 'localhost',
'db_username' => 'myUser',
'db_password' => 'myPassword',
'db_database' => 'myDatabase',

// main file repository
// this is also a repository for users without specific homedir
// you'll need to make sure your webserver can write here
'repository' => getcwd().'/repository',

// maximum file size in bytes when uploading
// The php.ini settings upload_max_filesize and post_max_size
// take precedence over the following setting
'max_filesize' => 2097152, // 2MB

// allow users to sign up (true/false)
'allow_signup' => false,

// use signup activation via email (true/false)
'signup_use_activation' => true,

// default permissions given to the users after initial signup
// notation: 'r' - read only, 'ru' - read & upload, 'rwu' - read, write & upload
'default_permissions_after_signup' => 'r',

// permissions given to the users after email activation
// notation: 'r' - read only, 'ru' - read & upload, 'rwu' - read, write & upload
'default_permissions_after_activation' => 'rwu',

// email configuration
'mail_from' => '[email protected]',
'mail_from_name' => 'info',
'mail_signature' => "\n\nBest Regards,\nThe Team",

// use smtp? (true/false)
// if false php mail() will be used
'use_smtp_protocol' => false,

// smtp mail protocol settings
'mail_smtp_host' => '',
'mail_smtp_username' => '[email protected]',
'mail_smtp_password' => 'mypassword',
'mail_smtp_connection_security' => 'tls', // 'tls', 'ssl' or '' for no security
'mail_smtp_debug' => false,

// recovery/activation email subject and link text
'account_email_subject' => 'Action Required',
'account_email_text' => 'Please click on the link below to proceed to your account: ',

// users can change their password (true/false)
'allow_change_password' => true,

// enable forgotten password procedure (true/false)
'enable_password_recovery' => false,

// allow clickable links on files (true/false)
'allow_file_links' => true,

// if your repository is outside filegator's main folder you need to set this
// this will serve as a base url/directory for all direct links
// example: 
// 'direct_links_baseurl' => '',
// 'direct_links_repository' => '/var/www/html/drupal',
'direct_links_baseurl' => '',
'direct_links_basedir' => '',

// use lightbox plugin to preview images (true/false)
'use_lightbox_gallery' => true,

// accepted file types when uploading or '*' for no restrictions
// example: 'accept_file_extensions' => array('gif','jpg','jpeg','png'),
'accept_file_extensions' => array('*'),

// max number of files on batch upload
'max_files' => 100,

// time/date format - see php date()
'time_format' => 'd/m/y',

// use simple copy-move instead of cut-copy-paste (true/false)
'simple_copy_move' => true,

// use zip functions (true/false)
// zip extension must be enabled on server (see
'use_zip' => true,

// files can be edited (true/false)
'allow_edit_files' => true,

// files/folders can be renamed (true/false)
'allow_rename_files' => true,

// show top-bar (true/false)
'show_top_auth_bar' => true,

// this restricted files will be hidden (no wildcards)
'restricted_files' => array('.htaccess'),

// mask directories up to the main file repository (true/false)
// set this to true if you don't want to use full path iside admin area
'mask_repository_path' => false,

// encrypt url actions (true/false)
'encrypt_url_actions' => false,

// allow guest account (true/false)
'allow_guests' => false,

// use authentication module (true/false)
// WARNING: if you set this to false anyone can see, change or delete your files without need to login
// this will also disable encrypt_url_actions
'use_auth' => true,