diff --git a/apps/emqx/src/emqx_schema.erl b/apps/emqx/src/emqx_schema.erl
index 8073e19b5..38566f3cb 100644
--- a/apps/emqx/src/emqx_schema.erl
+++ b/apps/emqx/src/emqx_schema.erl
@@ -2225,6 +2225,7 @@ common_ssl_opts_schema(Defaults) ->
                 #{
                     default => AvailableVersions,
                     desc => ?DESC(common_ssl_opts_schema_versions),
+                    importance => ?IMPORTANCE_HIGH,
                     validator => fun(Inputs) -> validate_tls_versions(AvailableVersions, Inputs) end
                 }
             )},
@@ -2235,6 +2236,7 @@ common_ssl_opts_schema(Defaults) ->
                 #{
                     default => <<"emqx_tls_psk:lookup">>,
                     converter => fun ?MODULE:user_lookup_fun_tr/2,
+                    importance => ?IMPORTANCE_HIDDEN,
                     desc => ?DESC(common_ssl_opts_schema_user_lookup_fun)
                 }
             )},
diff --git a/apps/emqx_bridge/src/schema/emqx_bridge_schema.erl b/apps/emqx_bridge/src/schema/emqx_bridge_schema.erl
index e5def2d64..4b9b7e3fe 100644
--- a/apps/emqx_bridge/src/schema/emqx_bridge_schema.erl
+++ b/apps/emqx_bridge/src/schema/emqx_bridge_schema.erl
@@ -137,7 +137,7 @@ namespace() -> "bridge".
 tags() ->
     [<<"Bridge">>].
 
-roots() -> [{bridges, ?HOCON(?R_REF(bridges), #{importance => ?IMPORTANCE_HIDDEN})}].
+roots() -> [{bridges, ?HOCON(?R_REF(bridges), #{importance => ?IMPORTANCE_LOW})}].
 
 fields(bridges) ->
     [
diff --git a/apps/emqx_conf/etc/emqx_conf.conf b/apps/emqx_conf/etc/emqx_conf.conf
index 86147bf25..a54894dcd 100644
--- a/apps/emqx_conf/etc/emqx_conf.conf
+++ b/apps/emqx_conf/etc/emqx_conf.conf
@@ -1,12 +1,7 @@
 ## NOTE:
-## Configs in this file might be overridden by:
-## 1. Environment variables which start with 'EMQX_' prefix
-## 2. File $EMQX_NODE__DATA_DIR/configs/cluster-override.conf
-## 3. File $EMQX_NODE__DATA_DIR/configs/local-override.conf
-##
-## The *-override.conf files are overwritten at runtime when changes
-## are made from EMQX dashboard UI, management HTTP API, or CLI.
-## All configuration details can be found in emqx.conf.example
+## The EMQX configuration is prioritized (overlayed) in the following order:
+## `data/configs/cluster.hocon < etc/emqx.conf < environment variables`.
+
 
 node {
   name = "emqx@127.0.0.1"
diff --git a/apps/emqx_exhook/src/emqx_exhook_schema.erl b/apps/emqx_exhook/src/emqx_exhook_schema.erl
index 708e164fc..f6cc896f3 100644
--- a/apps/emqx_exhook/src/emqx_exhook_schema.erl
+++ b/apps/emqx_exhook/src/emqx_exhook_schema.erl
@@ -32,7 +32,7 @@
 namespace() -> exhook.
 
 roots() ->
-    [{exhook, ?HOCON(?R_REF(exhook), #{importance => ?IMPORTANCE_HIDDEN})}].
+    [{exhook, ?HOCON(?R_REF(exhook), #{importance => ?IMPORTANCE_LOW})}].
 
 fields(exhook) ->
     [
diff --git a/apps/emqx_rule_engine/src/emqx_rule_engine_schema.erl b/apps/emqx_rule_engine/src/emqx_rule_engine_schema.erl
index 242c86c71..bc8cae07a 100644
--- a/apps/emqx_rule_engine/src/emqx_rule_engine_schema.erl
+++ b/apps/emqx_rule_engine/src/emqx_rule_engine_schema.erl
@@ -38,7 +38,7 @@ namespace() -> rule_engine.
 tags() ->
     [<<"Rule Engine">>].
 
-roots() -> [{"rule_engine", ?HOCON(?R_REF("rule_engine"), #{importance => ?IMPORTANCE_HIDDEN})}].
+roots() -> [{"rule_engine", ?HOCON(?R_REF("rule_engine"), #{importance => ?IMPORTANCE_LOW})}].
 
 fields("rule_engine") ->
     rule_engine_settings() ++
diff --git a/changes/ce/feat-10358.en.md b/changes/ce/feat-10358.en.md
deleted file mode 100644
index e6d05c84b..000000000
--- a/changes/ce/feat-10358.en.md
+++ /dev/null
@@ -1,2 +0,0 @@
-Hide `flapping_detect/conn_congestion/stats` configuration.
-Deprecate `flapping_detect.enable`.
diff --git a/changes/ce/feat-10381.en.md b/changes/ce/feat-10381.en.md
deleted file mode 100644
index 3ea11188f..000000000
--- a/changes/ce/feat-10381.en.md
+++ /dev/null
@@ -1 +0,0 @@
-Hide the `auto_subscribe` configuration items so that they can be modified later only through the HTTP API.
diff --git a/changes/ce/feat-10385.en.md b/changes/ce/feat-10385.en.md
deleted file mode 100644
index 667e01890..000000000
--- a/changes/ce/feat-10385.en.md
+++ /dev/null
@@ -1 +0,0 @@
-Hide data items(rule_engine/bridge/authz/authn) from configuration files and documentation.
diff --git a/changes/ce/feat-10391.en.md b/changes/ce/feat-10391.en.md
index a64b01221..f33757404 100644
--- a/changes/ce/feat-10391.en.md
+++ b/changes/ce/feat-10391.en.md
@@ -1 +1,7 @@
-hide exhook/rewrite/topic_metric/persistent_session_store/overload_protection from the docs and configuration file.
+Hide a large number of advanced options to simplify the configuration file.
+
+That includes `rewrite`, `topic_metric`, `persistent_session_store`, `overload_protection`,
+`flapping_detect`, `conn_congestion`, `stats,auto_subscribe`, `broker_perf`,
+`shared_subscription_group`, `slow_subs`, `ssl_options.user_lookup_fun` and some advance items
+in `node` and `dashboard` section, [#10358](https://github.com/emqx/emqx/pull/10358),
+[#10381](https://github.com/emqx/emqx/pull/10381), [#10385](https://github.com/emqx/emqx/pull/10385).
diff --git a/changes/ce/feat-10426.en.md b/changes/ce/feat-10426.en.md
new file mode 100644
index 000000000..8575347d6
--- /dev/null
+++ b/changes/ce/feat-10426.en.md
@@ -0,0 +1,4 @@
+Optimize the configuration priority mechanism to fix the issue where the configuration
+changes made to `etc/emqx.conf` do not take effect after restarting EMQX.
+
+More introduction about the new mechanism: [Configure Override Rules](https://www.emqx.io/docs/en/v5.0/configuration/configuration.html#configure-override-rules)
diff --git a/rel/emqx_conf.template.en.md b/rel/emqx_conf.template.en.md
index 8740e4319..bded20da6 100644
--- a/rel/emqx_conf.template.en.md
+++ b/rel/emqx_conf.template.en.md
@@ -7,20 +7,21 @@ and a superset of JSON.
 EMQX configuration consists of two layers.
 From bottom up:
 
-1. Immutable base: `emqx.conf` + `EMQX_` prefixed environment variables.<br/>
+1. Cluster configs: `$EMQX_NODE__DATA_DIR/configs/cluster.hocon`
+2. `emqx.conf` + `EMQX_` prefixed environment variables.<br/>
    Changes in this layer require a full node restart to take effect.
-1. Cluster overrides: `$EMQX_NODE__DATA_DIR/configs/cluster-override.conf`
+
 
 When environment variable `$EMQX_NODE__DATA_DIR` is not set, config `node.data_dir`
 is used.
 
-The `cluster-override.conf` file is overwritten at runtime when changes
+The `cluster.hocon` file is overwritten at runtime when changes
 are made from dashboard UI, management HTTP API, or CLI. When clustered,
 after EMQX restarts, it copies the file from the node which has the greatest `uptime`.
 
 :::tip Tip
 Some of the configs (such as `node.name`) are boot-only configs and not overridable.
-Config values from `*-override.conf` are **not** mapped to boot configs for
+Config values from `cluster.hocon` are **not** mapped to boot configs for
 the config fields attributed with `mapping: path.to.boot.config.key`
 :::
 
@@ -144,11 +145,10 @@ For example, this environment variable sets an array value.
 ```
 export EMQX_LISTENERS__SSL__L1__AUTHENTICATION__SSL__CIPHERS='["TLS_AES_256_GCM_SHA384"]'
 ```
-
-However this also means a string value should be quoted if it happens to contain special
+However, this also means a string value should be quoted if it happens to contain special
 characters such as `=` and `:`.
 
-For example, a string value `"localhost:1883"` would be 
+For example, a string value `"localhost:1883"` would be
 parsed into object (struct): `{"localhost": 1883}`.
 
 To keep it as a string, one should quote the value like below:
@@ -226,7 +226,7 @@ Arrays in EMQX config have two different representations
 Dot-separated paths with number in it are parsed to indexed-maps
 e.g. `authentication.1={...}` is parsed as `authentication={"1": {...}}`
 
-This feature makes it easy to override array elment values. For example:
+This feature makes it easy to override array element values. For example:
 
 ```
 authentication=[{enable=true, backend="built_in_database", mechanism="password_based"}]
@@ -322,4 +322,3 @@ ciphers =
     "PSK-AES128-CBC-SHA"
   ]
 ```
-
diff --git a/rel/emqx_conf.template.zh.md b/rel/emqx_conf.template.zh.md
index 9402760a2..916eed38d 100644
--- a/rel/emqx_conf.template.zh.md
+++ b/rel/emqx_conf.template.zh.md
@@ -7,18 +7,18 @@ EMQX的配置文件可分为二层，自底向上依次是：
 
 1. 不可变的基础层 `emqx.conf` 加上 `EMQX_` 前缀的环境变量。<br/>
    修改这一层的配置之后，需要重启节点来使之生效。
-1. 集群范围重载层：`$EMQX_NODE__DATA_DIR/configs/cluster-override.conf`
+2. 集群范围重载层：`$EMQX_NODE__DATA_DIR/configs/cluster.hocon`
 
 如果环境变量 `$EMQX_NODE__DATA_DIR` 没有设置，那么该目录会从 `emqx.conf` 的 `node.data_dir` 配置中读取。
 
-配置文件 `cluster-override.conf` 的内容会在运行时被EMQX重写。
+配置文件 `cluster.hocon` 的内容会在运行时被EMQX重写。
 这些重写发生在 dashboard UI，管理HTTP API，或者CLI对集群配置进行修改时。
 当EMQX运行在集群中时，一个EMQX节点重启之后，会从集群中其他节点复制该文件内容到本地。
 
 :::tip Tip
 有些配置项是不能被重载的（例如 `node.name`）。
 配置项如果有 `mapping: path.to.boot.config.key` 这个属性，
-则不能被添加到重载文件 `*-override.conf` 中。
+则不能被添加到重载文件 `cluster.hocon` 中。
 :::
 
 更多的重载规则，请参考下文 [配置重载规则](#配置重载规则)。