To edit the settings, follow these steps:

1. Navigate to the SillyTavern folder on your computer.
2. Locate the config.yaml file in the SillyTavern folder.
3. Right-click on the config.yaml file and select Open with > Notepad.
4. Make the necessary changes to the configuration options as described below.
5. Save the file by clicking File > Save in Notepad.

Authentication Settings

• autorun: true/false
• Toggles automatic opening of the SillyTavern URL page in your browser when the application is launched.
• basicAuthMode: true/false
• Toggles basic authentication mode, requiring users to provide a username and password to access the server. When enabled (true), users must authenticate to use the server.
• 
• basicAuthUser:
• username:
• The username required for basic authentication.
• password:
• The password required for basic authentication.
• enableUserAccounts: true/false
• Toggles user account management features. When enabled (true), user accounts can be created and managed. Allows for multiple users accounts. Changes the login screen from a HTTP Basic Authentication (a type of authentication that involves a browser-generated dialog box) to an embedded and stylized login screen. If listen: true you must set whitelistMode: true as well for the server to launch for security unless securityOverride: true is set.
• 
• enableDiscreetLogin: true/false
• Toggles discreet login mode. When enabled (true), login actions are less visible, enhancing privacy. enableUserAccounts must also be set to true for this option to work. Removes the show/select users from the login screen for stronger security.
• 

Proxy and Security Settings

• enableCorsProxy: true/false
• Toggles the CORS proxy feature, which is used to bypass Cross-Origin Resource Sharing (CORS) restrictions that prevent certain web pages from making requests to different domains. When enabled (true), the server can act as a proxy to bypass these restrictions.
• securityOverride: true/false
• Toggles security override, changing from default security settings. When enabled (true), certain default security measures such as whitelist and auth are bypassed, which can be useful for testing or specific use cases but may reduce overall security.
• allowKeysExposure: true/false
• Toggles exposure of API keys in the UI. When disabled (false), API keys are hidden after saving to prevent accidental exposure.
• 

Cookie and CSRF Protection Settings

• cookieSecret: FNFMyUR44q......8Q7Tjy7qyA==
• Specifies the secret key used for signing cookies. This key ensures the integrity and authenticity of cookies.
• disableCsrfProtection: true/false
• Toggles CSRF (Cross-Site Request Forgery) protection to prevent attacks where unauthorized commands are submitted from a user that the web application trusts. When enabled (true), CSRF protection is active, enhancing security by ensuring that requests are made intentionally by the user. NOT RECOMMENDED to disable.

Whitelist Settings

• whitelistMode: true/false
• Toggles whitelist mode, restricting connections to clients specified in the whitelist. When enabled (true), only clients with IP addresses or domains listed in the whitelist can connect. If you turn this off, make sure to turn on basicAuthMode or anyone can connect and view your SillyTavern data.
• whitelist:
• Contains the list of whitelisted IP addresses or domains if whitelistMode is enabled.
• enableForwardedWhitelist: true/false
• Toggles forwarding of whitelisted requests through proxies. When enabled (true), whitelisted requests are allowed to be forwarded through proxies.
• whitelistImportDomains:
• localhost
• cdn.discordapp.com
• files.catbox.moe
• raw.githubusercontent.com
• Lists the domains from which content can be imported when whitelist mode is enabled. Only content from these domains will be accepted if the whitelist mode is active.

• dataRoot: ./data
• Specifies the root directory where all user data and server files will be stored. The default directory is ./data.
• disableThumbnails: true/false
• Toggles thumbnail generation for images. When disabled (false), thumbnails will be generated for images.
• thumbnailsQuality: 95
• Sets the quality of generated thumbnails on a scale from 0 to 100, with 100 being the highest quality.
• avatarThumbnailsPng: true/false
• Toggles PNG format for avatar thumbnails. When enabled (true), avatar thumbnails will be generated in PNG format instead of the JPG (preserves transparency but increases file size by about 100%). Changing this only affects new thumbnails. To recreate the old ones, clear out your ST/thumbnails/ folder.
• skipContentCheck: true/false
• Toggles content checking for new content and seeds it for all users. When enabled (true), the content is not checked and added to all users.
• disableChatBackup: true/false
• Toggles automatic backup of chat logs. When enabled (true), chat logs are not backed up automatically. This will automatically save copies of all chats inside of the SillyTavern/backups folder that will remain even if you delete the main chat file.

• openai:
• randomizeUserId: true/false
• Toggles randomization of the user ID for OpenAI API requests. When disabled (false), the same user ID is used for each request, which can be useful for maintaining session continuity.
• captionSystemPrompt: ""
• Specifies a custom system prompt for generating captions with OpenAI. This can be customized to provide specific instructions to the OpenAI model.
• deepl: This setting allows you to control the tone and style of the translated text, making it suitable for different contexts such as professional or casual communication.
• formality: default
• default: Uses the default formality level.
• more: Produces more formal translations.
• less: Produces less formal translations.
• prefer_more: Prefers a more formal style but not as strict as more.
• prefer_less: Prefers a less formal style but not as casual as less.

• enableExtensions: true/false
• Toggles support for server-side extensions, which can add extra functionality to the server. When enabled (true), extensions can be used.
• enableServerPlugins: true/false
• Toggles server-side plugins, which can add additional features or modify server behavior. When enabled (true), plugins can be used.
• requestOverrides: []
• Contains custom request overrides for specific endpoints. This allows specific modifications to be applied to requests. API Request Overrides (for KoboldAI and Text Completion APIs) Note: host includes the port number if it's not the default (80 or 443)
• Format is an array of objects:
• hosts:
• example.com
• headers:
• Content-Type: application/json
• 127.0.0.1:5001
• headers:
• User-Agent: "Googlebot/2.1 (+http://www.google.com/bot.html)"

• disableAutoDownload: true/false
• Toggles automatic downloading of required models and resources. When disabled (false), necessary models and resources are downloaded automatically.
• classificationModel: Cohee/distilbert-base-uncased-go-emotions-onnx
• Specifies the model used for text classification.
• captioningModel: Xenova/vit-gpt2-image-captioning
• Specifies the model used for image captioning.
• embeddingModel: Cohee/jina-embeddings-v2-base-en
• Specifies the model used for generating text embeddings.
• promptExpansionModel: Cohee/fooocus_expansion-onnx
• Specifies the model used for prompt expansion.
• speechToTextModel: Xenova/whisper-small
• Specifies the model used for speech-to-text conversion.
• textToSpeechModel: Xenova/speecht5_tts
• Specifies the model used for text-to-speech conversion.