forked from prasathmani/tinyfilemanager
-
Notifications
You must be signed in to change notification settings - Fork 0
Home
Justin Hopper edited this page May 20, 2026
·
3 revisions
📌 This wiki reflects v3.3. Check the changelog for what's new. A lightweight, single-file PHP web file manager — fork of TinyFileManager with a focus on upgrade-safe configuration, security, and usability improvements.
Drop a single PHP file on any server and instantly get a full-featured file management UI in your browser. No install, no composer, no dependencies. MFM builds on TinyFileManager's solid foundation with significant improvements across security, configuration management, conflict handling, and privilege elevation.
| Topic | Description |
|---|---|
| Getting-Started | Installation, first login, basic setup |
| Configuration-System | External config, merging behavior, full settings reference |
| Login-and-Security | Login flow, brute-force protection, session security |
| Settings-Menu | Everything in the settings page explained |
| Help-Menu | Help section contents and links |
| Upload-System | Uploads, conflict resolution, batch processing |
| Privilege-Elevation | Edit root-owned files via the mfm-elevate daemon |
MFM adds the following on top of the upstream TFM codebase:
-
Upgrade-safe external config — all settings in
config.php, survives file replacement -
Privilege elevation — edit root-owned system files without giving
www-datasudo access - Brute-force login protection — IP-based lockout with configurable thresholds
- Security headers — X-Frame-Options, nosniff, Referrer-Policy, strips X-Powered-By
- Conflict resolution — upload, copy, and move operations show Overwrite / Rename / Cancel
- Upload conflict queue — batch resolution with "do this for all" option
- Write-permission awareness — read-only badge, disabled Save, specific error messages
- Configurable session timeout — 401 detection, auto-redirect to login on expiry
-
ACE editor config — theme and font size configurable via
config.php - Dark-mode file viewer — syntax theme auto-switches to match the UI theme
- Server local timezone — file timestamps display in the server's local timezone
Wiki current as of v3.3
Core
Advanced
Links