Configuration

FoxServer configuration is stored in JSON files per project. WinFx can generate and edit them visually; you can also edit them directly.

Configuration file location

Each project has its own file at:

C:\Program Files\FoxServer\config\servers\{projectname}.json

Complete example

{
  "name": "salesapi",
  "description": "Sales management REST API",
  "type": "api",
  "active": true,
  "host": "0.0.0.0",
  "port": 8080,
  "prefix": "/api/v1",
  "issecure": false,
  "dllpath": "C:\\projects\\salesapi\\build\\Interop.salesapi.dll",
  "allowedorigins": "https://myapp.com",
  "allowedmethods": "GET,POST,PUT,DELETE,OPTIONS",
  "allowedheaders": "Content-Type,Authorization",
  "middleware": {
    "auth": {
      "enabled": true,
      "type": "jwt",
      "secret": "your-256-bit-secret-base64",
      "tokenexpirationseconds": 3600,
      "loginendpoint": "auth/login"
    },
    "logging": {
      "enabled": true,
      "path": "C:\\logs\\salesapi\\",
      "fileprefix": "salesapi",
      "format": "Detailed",
      "options": {
        "requests": true,
        "responses": true,
        "errors": true,
        "debug": false,
        "performance": true
      }
    }
  }
}

Server properties

Property	Type	Default	Description
`name`	`String`	`—`	Unique project/server identifier
`description`	`String`	`""`	Human-readable description
`type`	`String`	`api`	"api" for REST APIs, "web" for serving static files
`active`	`Boolean`	`false`	Whether the server loads on FoxServer startup
`host`	`String`	`127.0.0.1`	Bind address. 0.0.0.0 accepts all interfaces
`port`	`Number`	`8080`	HTTP listening port
`prefix`	`String`	`""`	URL path prefix (e.g. "/api/v1")
`issecure`	`Boolean`	`false`	Enable HTTPS/SSL
`dllpath`	`String`	`—`	Path to the compiled Interop DLL file (required)
`publicdir`	`String`	`""`	Static files directory (type: web only)

CORS

Configure allowed origins, methods and headers for cross-domain requests:

{
  "allowedorigins": "https://app.example.com,https://admin.example.com",
  "allowedmethods": "GET,POST,PUT,DELETE,OPTIONS",
  "allowedheaders": "Content-Type,Authorization,X-Requested-With"
}

Property	Type	Default	Description
`allowedorigins`	`String`	`*`	Allowed domains separated by comma, or "*" for any
`allowedmethods`	`String`	`GET,POST,PUT,DELETE,OPTIONS`	HTTP methods allowed from the browser
`allowedheaders`	`String`	`Content-Type,Authorization`	Headers the client can send

In production, always specify exact domains instead of "*" for better security.

HTTPS / SSL

To enable HTTPS you need a certificate in .pfx or .p12 format:

{
  "issecure": true,
  "certificatename": "mycert.pfx",
  "certificatepassword": "your-cert-password"
}

Never include certificate passwords in version control. Use environment variables or a secret manager.

Logging

Configure the server logging system:

Property	Type	Default	Description
`enabled`	`Boolean`	`false`	Enable / disable logging
`path`	`String`	`—`	Directory where log files are written (must exist)
`fileprefix`	`String`	`foxserver`	File name prefix. Result: "{prefix}_2026-04-11.log"
`format`	`String`	`Simple`	"Simple" (one line), "Detailed" (full info), "JSON"
`options.requests`	`Boolean`	`true`	Log incoming requests
`options.responses`	`Boolean`	`true`	Log outgoing responses
`options.errors`	`Boolean`	`true`	Log errors
`options.debug`	`Boolean`	`false`	Log debug messages (more verbose)
`options.performance`	`Boolean`	`false`	Log response times per endpoint

Next: Routing →