Customers can configure Cloudmersive Private Cloud using advanced settings variables. Navigate to Cloudmersive Management Portal then Private Cloud then Configure Node then Settings Variables. Users can then click on Add or Manage... next to an existing setting.

Boolean settings should have an integer value of 1 for true, and 0 for false. Other settings should use the string value.

Below is a complete reference of customer configurable settings. After settings changes, customers can click on Push Configuration or they can apply the Update or Restart commands from the Management section of the Private Cloud page.
 

Validate API

ValidateApi_EmailValidation_DisplayName

Display-name string that appears as the sender when the Email Validation service dispatches test or confirmation e-mails.

ValidateApi_EmailValidation_FromAddress

The “From:” address used by the Email Validation service when sending outbound e-mail traffic.

---

Reverse Proxy

ReverseProxy_OriginTimeoutMs

Maximum time (ms) the proxy waits for a response from the upstream origin before aborting.

ReverseProxy_OriginFailedRequestRetryCount

Number of retry attempts the proxy makes when the origin returns an error or times out.

ReverseProxy_OriginFailedRequestDelayMs

Delay (ms) between successive retries to the origin.

ReverseProxy_OriginRequestVersion

HTTP version the proxy uses when forwarding requests to the origin (e.g., 1.1 or 2.0).

ReverseProxy_SkipTransformOnUriSubstringMatch

Comma-separated substrings; if any appear in the request URI, response/body transforms are skipped.

ReverseProxy_EnableCustomRootTrust_UsePEMFormat

When true, custom root-CA certificates are supplied in PEM format instead of PFX.

ReverseProxy_ConnectionTimeoutMs

Maximum time (ms) allowed to establish a TCP connection to the origin.

ReverseProxy_KeepAliveTimeoutMs

Idle keep-alive timeout (ms) for persistent connections back to the client.

---

Storage Protection

StorageProtect_IncrementalSiteDetection

Enables incremental scanning of SharePoint/OneDrive sites, processing only items that changed since the previous run.

StorageProtection_FileChangeDebounceThresholdMs

Minimum interval (ms) between consecutive change events on the same file.

StorageProtection_WebhookIncludeFileContents

Sends file bytes (not just metadata) when invoking webhook callbacks.

---

Virus API — General

VirusApi_DetailedResultLogging

Records full per-file detection details (file name, hash, rule ID) in the diagnostic logs.

VirusApi_ExecutionTimeout_Seconds

Hard wall-clock limit for any single virus-scan request.

VirusApi_HashSha1_AllowList

Semicolon-delimited list of SHA-1 hashes that should always result in a clean verdict.

VirusApi_HashSha1_BlockList

Semicolon-delimited SHA-1 hashes that should always be blocked, even if no malware is detected.

VirusApi_Vmdk_AllowMultipleDetections

Allows more than one malware hit inside the same VMDK image to be reported.

VirusApi_Vmdk_EnableHashEngineScan

Enables the lightweight hash engine for inner files inside virtual-disk (VMDK) containers.

VirusApi_BatchJob_ProcessIsolation

Runs multi-file batch jobs in isolated worker processes to reduce cross-job interference.

VirusApi_AzureStorageProtect_ProcessIsolation

Same as above but restricted to Azure Storage-Protect scan jobs.

VirusApi_ArchiveMaximumThreads

Upper bound on worker threads used to extract very large archives.

VirusApi_Block_BasicScanApi

Disables the Basic Scan endpoint in favour of the Advanced Scan endpoint.

VirusApi_Force_BasicScanApi_ToUseAdvancedScanApi

Forwards all Basic Scan requests internally to the Advanced Scan engine.

VirusApi_ConcurrencyLimit_AwsS3_StorageProtect

Limits parallel S3-based Storage Protect scan workers to avoid API throttling.

VirusApi_StorageProtect_NsfwRescanAdvanced

Forces files flagged as NSFW in a basic scan to be rescanned using the Advanced AI engine.

VirusApi_StorageProtect_Nsfw_TimeoutMs

Execution timeout for NSFW detection (ms).

VirusApi_CloudSeg_LimitBytes

Maximum number of bytes that will be transmitted to the Cloud Segmentation service for multi-stage analysis.

---

Virus API — Advanced Scan

VirusApi_AdvancedScan_Advanced_TimeoutMinutes

Overall timeout (minutes) for the advanced scanner.

VirusApi_AdvancedScan_JSON_MaxLength

Upper bound (characters) for JSON results returned by Advanced Scan.

VirusApi_AdvancedScan_UnsafeZip_SafeZipEntryThreshold

Number of benign entries below which a ZIP is marked “safe” even if it matches risk heuristics.

VirusApi_AdvancedScan_Cloud_CacheLocal

Caches cloud-retrieved sub-files on local disk to speed up repeated scans.

VirusApi_AdvancedScan_Cloud_VfsMaximumTimeoutMs

Fails a cloud VFS expansion if it exceeds this time (ms).

VirusApi_AdvancedScan_Cloud_VfsMaximumChildFileSize

Rejects individual extracted sub-files larger than this size (bytes).

VirusApi_AdvancedScan_Cloud_VfsMaximumThreads

Caps VFS extraction threads; helps prevent CPU starvation.

VirusApi_AdvancedScan_SubFiles_MultiScan

Enables independent scanning of each sub-file within an archive or container.

VirusApi_AdvancedScan_SubFiles_MaxCount

Maximum number of sub-files that will be individually scanned.

---

Virus API — Feature Toggles

VirusApi_Disable_ScanWebsiteApi

Disables the ScanWebsite endpoint.

VirusApi_Disable_ScanCloudStorageSharepointOnlineApi

Disables SharePoint Online scan endpoint.

VirusApi_Disable_ScanCloudStorageAzureBlobApi

Disables Azure Blob Storage scan endpoint.

VirusApi_Disable_ScanCloudStorageGcpStorageApi

Disables Google Cloud Storage scan endpoint.

VirusApi_Disable_ScanCloudStorageAwsS3Api

Disables Amazon S3 scan endpoint.

VirusApi_StorageProtect_NsfwRescanAdvanced

Forces NSFW-flagged files to be rescanned with the Advanced AI engine.

---

Image API

ImageApi_Nsfw_DisableVirusScan

Skips virus scanning on images when only NSFW detection is requested.

---

OCR API

OcrApi_ConcurrentAsyncJobLimit

Caps parallel asynchronous OCR jobs across the node.

---

Convert API

ConvertApi_DefaultDPI

Default resolution (DPI) when rasterising PDFs or images during conversion.

---

Global API Toggles & Diagnostics

AllApi_Disable_AdvancedVirusScan

Turns off advanced virus scanning for every API; basic scanning may still run.

AllApi_Disable_BasicVirusScan

Disables basic scan engine; requests relying on it will return an error unless advanced scan enabled.

AllApi_Disable_EnsureHtmlIsSafe

Skips sanitisation of raw HTML content.

AllApi_Disable_EnsureHtmlUrlIsSafe

Skips URL reputation checks when sanitising HTML.

AllApi_PrivateCloudRemoteDiagnosticsEnabled

Allows Cloudmersive Support to pull anonymised diagnostics from the node.

AllApi_PrivateCloudRemoteFullDetailedDiagnosticsEnabled

Grants Support access to full (non-anonymised) diagnostics.

AllApi_PrivateCloud_LocalDiagnosticLogging

Writes detailed logs locally, regardless of remote-diagnostics settings.

AllApi_LocalDiagnosticLogging

Master switch for local diagnostic log output.

AllApi_DiagnosticMode

If true, responses include extra timing and trace headers for debugging.

AllApi_Authentication_Basic

Enables Basic-Auth authentication across all APIs.

AllApi_Authentication_OAuth2_AzureAD

Enables Azure AD OAuth 2.0 JWT token validation.

AllApi_Authentication_OAuth2_AzureAD_TenantID

Tenant ID against which tokens must validate.

AllApi_Authentication_OAuth2_AzureAD_ClientID

App-registration (client) ID accepted in the aud claim.

AllApi_Tempstash_Endpoint

Endpoint for temporary-file storage.

AllApi_Disable_StatusPageIPAddressInfo

Hides the IP section on status pages.

---

ICAP Server

IcapServer_EnableTLS

Enables TLS on the ICAP listener.

IcapServer_EnableManagedInstanceHostedCertificate

Uses the platform-managed certificate instead of a custom one.

IcapServer_TLSCertificateID

Resource ID of a managed certificate.

IcapServer_TLSCertificateThumbprint

Thumbprint (SHA-1 hash) identifying the certificate to load.

IcapServer_TLSCertificatePath

Absolute path to a local PFX/PEM certificate file.

IcapServer_TLSCertificatePwd

Password for the certificate file (if encrypted).

IcapServer_ReceiveTimeoutSeconds

Socket receive timeout for ICAP requests.

IcapServer_ScanTimeoutMs

Maximum per-request scan duration (ms).

IcapServer_RequireAllEncapsulatiosnValid

Rejects requests that contain unknown or malformed encapsulated parts.

IcapServer_VerboseLogging

Enables detailed ICAP protocol logging (headers, bodies, previews).

IcapServer_PortNumber

TCP port on which the ICAP service listens.

IcapServer_LogRequestsToFile

Writes high-level request/response summaries to disk.

IcapServer_LogRawRequestsToFile

Stores full raw ICAP transactions for troubleshooting.

IcapServer_LogRawRequestsToFile_IfBlocked

Stores raw transactions only when the response is a block/virus verdict.

IcapServer_LogRawRequestsToFile_ShowSource

Includes annotations in raw log showing which content comes from client and from server.

IcapServer_ConnectionKeepAliveTimeoutMs

Idle timeout (ms) before the server closes persistent connections.

IcapServer_ScanChunkedTransfer

Enables virus scanning API calls using chunked transfer for large files.

IcapServer_ServerReadTimeoutMs

Read timeout for local disk or cloud object download during scan.

IcapServer_KeepAliveForceClose

Forces a TCP FIN after every response (no keep-alive).

IcapServer_KeepAliveForceClose_ResponseMessageLimit

Number of responses after which the connection is closed even if keep-alive enabled.

---

Endpoint Proxy

EndpointProxy_LogRequests

Enables request/response logging in the API endpoint proxy.

EndpointProxy_ClientIpWhitelist

Comma-separated list of CIDR blocks that are permitted to use the proxy.

EndpointProxy_EnableTLS

Enables TLS termination on the proxy.

EndpointProxy_TLSCertificatePath

Path to the proxy’s TLS certificate.

EndpointProxy_TLSCertificatePwd

Password for the proxy’s certificate file.

EndpointProxy_TLSCertificateThumbprint

Thumbprint of a certificate to load from the local store.

---

Miscellaneous / Installer

PrivateCloudOfflineInstall

If true, suppresses auto-updates and remote diagnostics for completely air-gapped deployments.