warden_config.json
Complete reference for the main configuration file
This is for advanced self-hosted users. Most of these settings can be configured through the panel interface in Settings. Manual editing is only needed for initial setup or when the panel is not accessible.
The main configuration file is located at:
SCUMSERVER\SCUM\Binaries\Win64\Mods\WardenCore\configs\warden_config.jsonBelow is a complete reference of every field, organized by section.
Network
Controls network access, CORS, and rate limiting.
| Field | Type | Default | Description |
|---|---|---|---|
enableIPWhitelist | boolean | false | When enabled, only IPs listed in ipWhitelist can access the panel. |
ipWhitelist | string[] | [] | List of allowed IP addresses. Supports wildcard patterns with *. |
ipBlacklist | string[] | [] | List of blocked IP addresses. Always active regardless of whitelist. |
enableCORS | boolean | true | Enable Cross-Origin Resource Sharing headers. |
allowedOrigins | string[] | [] | Allowed CORS origins. Empty array allows all origins when CORS is enabled. |
enableRateLimit | boolean | true | Enable request rate limiting per IP. |
requestsPerMinute | number | 60 | Maximum API requests per minute per client (1–10000). |
Example:
{
"network": {
"enableIPWhitelist": false,
"ipWhitelist": [],
"ipBlacklist": [],
"enableCORS": true,
"allowedOrigins": [],
"enableRateLimit": true,
"requestsPerMinute": 60
}
}Security
Controls session management and command limits.
| Field | Type | Default | Description |
|---|---|---|---|
sessionTimeoutMinutes | number | 30 | Minutes of inactivity before a session expires (1–10080). Each request resets the timer. |
maxConcurrentSessions | number | 10 | Maximum number of simultaneous active sessions across all admins (1–1000). |
maxCommandLength | number | 1024 | Maximum allowed length in characters for a single RCON command (64–65536). |
Example:
{
"security": {
"sessionTimeoutMinutes": 30,
"maxConcurrentSessions": 10,
"maxCommandLength": 1024
}
}Log Parsing
Controls how WardenCore processes game log files.
| Field | Type | Default | Description |
|---|---|---|---|
backfillExistingLogs | boolean | true | When true, WardenCore parses existing log files on startup to populate the database with historical data. |
Example:
{
"logParsing": {
"backfillExistingLogs": true
}
}Backfill can take several minutes on servers with large log archives. During backfill, Discord log forwarding is paused to avoid flooding channels with old events.
Steam
Steam integration settings for player profile lookups.
| Field | Type | Default | Description |
|---|---|---|---|
apiKey | string | "" | Steam Web API key for fetching player profile data (avatar, bans, playtime). Get one at steamcommunity.com/dev/apikey. |
excludedSteamIds | string[] | [] | Steam IDs whose actions are hidden from logs and Discord forwarding. Useful for bot or test accounts. |
ipWhitelist | string[] | [] | IP whitelist specific to Steam integration. |
Example:
{
"steam": {
"apiKey": "",
"excludedSteamIds": [],
"ipWhitelist": []
}
}API Keys
An array of API key objects for external tool authentication. Keys are managed through the panel interface in Settings > API Keys.
| Field | Type | Description |
|---|---|---|
key | string | The API key string (auto-generated). |
name | string | A descriptive label (e.g., "Discord Bot"). |
createdAt | string | ISO 8601 timestamp of when the key was created. |
enabled | boolean | Whether the key is active. |
permissions | string[] | Permission levels: "read", "write", "admin". |
It is recommended to generate API keys through the panel interface rather than editing this section manually.
Full Example
A complete default warden_config.json:
{
"network": {
"enableIPWhitelist": false,
"ipWhitelist": [],
"ipBlacklist": [],
"enableCORS": true,
"allowedOrigins": [],
"enableRateLimit": true,
"requestsPerMinute": 60
},
"security": {
"sessionTimeoutMinutes": 30,
"maxConcurrentSessions": 10,
"maxCommandLength": 1024
},
"logParsing": {
"backfillExistingLogs": true
},
"steam": {
"apiKey": "",
"excludedSteamIds": [],
"ipWhitelist": []
},
"apiKeys": []
}