This guide concerns the ODBC functions of PHP.

Open Database Connectivity functions

These are the functions used to interact with databases via the ODBC (Open Database Connectivity) interface, a standard for accessing data sources uniformly. Here are a few examples of using the ODBC functions of PHP:

• Being able to read data from an external database and display it on your website
• Insert or modify data in an external database
• Perform complex queries on an external database

You can however…

• … create a snapshot of the server (non-automated backup)
• … back up the server on Swiss Backup (automated backup)

This guide will help you if, for example, you want to deploy a package like pymysql and it requires a Python version higher than the one offered on your hosting.

Preamble

• Anaconda is a free and open-source distribution of the Python programming language. This distribution aims to simplify package management and deployment.
• It is recommended to use conda which comes with a recent version of python and installs in the user space, so there is no conflict with the system python (like in a virtual environment, which always requires a system installation of the desired version).
• Refer to the official documentation.
   

Download the installer

uid165116@od-12345:~$ wget https://repo.anaconda.com/miniconda/Miniconda3-py37_4.10.3-Linux-x86_64.sh
--2021-07-28 18:21:10--  https://repo.anaconda.com/miniconda/Miniconda3-py37_4.10.3-Linux-x86_64.sh
Resolving repo.anaconda.com (repo.anaconda.com)... 2606:4700::6810:8303, 2606:4700::6810:8203, 104.16.131.3, ...
Connecting to repo.anaconda.com (repo.anaconda.com)|2606:4700::6810:8303|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 89026327 (85M) [application/x-sh]
Saving to: ‘Miniconda3-py37_4.10.3-Linux-x86_64.sh’

Miniconda3-py37_4.10.3-Linux-x86_64.sh          100% [==============================================>]  84.90M   203MB/s   in 0.4s   

18:21:11 (100 MB/s) - ‘Miniconda3-py37_4.10.3-Linux-x86_64.sh’ saved [89026327/89026327]

Check the hash

uid165116@od-12345:~$ test $(md5sum Miniconda3-py37_4.10.3-Linux-x86_64.sh | awk '{print $1}') == "9f186c1d86c266acc47dbc1603f0e2ed" && echo "OK" 
OK

Launch the installation

uid165116@od-12345:~$ bash Miniconda3-py37_4.10.3-Linux-x86_64.sh -b
PREFIX=/home/clients/fc84cbbf6dcbd6dd76b15d3e56c1789f/miniconda3
Unpacking payload ...
Collecting package metadata (current_repodata.json): done                                                                                           
Solving environment: done

## Package Plan ##

environment location: /home/clients/fc84cbbf6dcbd6dd76b15d3e56c1789f/miniconda3

added / updated specs:
    - _libgcc_mutex==0.1=main
    - _openmp_mutex==4.5=1_gnu
    - brotlipy==0.7.0=py37h27cfd23_1003
    - ca-certificates==2021.7.5=h06a4308_1
    - certifi==2021.5.30=py37h06a4308_0
    - cffi==1.14.6=py37h400218f_0
    - chardet==4.0.0=py37h06a4308_1003
    - conda-package-handling==1.7.3=py37h27cfd23_1
    - conda==4.10.3=py37h06a4308_0
    - cryptography==3.4.7=py37hd23ed53_0
    - idna==2.10=pyhd3eb1b0_0
    - ld_impl_linux-64==2.35.1=h7274673_9
    - libffi==3.3=he6710b0_2
    - libgcc-ng==9.3.0=h5101ec6_17
    - libgomp==9.3.0=h5101ec6_17
    - libstdcxx-ng==9.3.0=hd4cf53a_17
    - ncurses==6.2=he6710b0_1
    - openssl==1.1.1k=h27cfd23_0
    - pip==21.1.3=py37h06a4308_0
    - pycosat==0.6.3=py37h27cfd23_0
    - pycparser==2.20=py_2
    - pyopenssl==20.0.1=pyhd3eb1b0_1
    - pysocks==1.7.1=py37_1
    - python==3.7.10=h12debd9_4
    - readline==8.1=h27cfd23_0
    - requests==2.25.1=pyhd3eb1b0_0
    - ruamel_yaml==0.15.100=py37h27cfd23_0
    - setuptools==52.0.0=py37h06a4308_0
    - six==1.16.0=pyhd3eb1b0_0
    - sqlite==3.36.0=hc218d9a_0
    - tk==8.6.10=hbc83047_0
    - tqdm==4.61.2=pyhd3eb1b0_1
    - urllib3==1.26.6=pyhd3eb1b0_1
    - wheel==0.36.2=pyhd3eb1b0_0
    - xz==5.2.5=h7b6447c_0
    - yaml==0.2.5=h7b6447c_0
    - zlib==1.2.11=h7b6447c_3

The following NEW packages will be INSTALLED:

  _libgcc_mutex      pkgs/main/linux-64::_libgcc_mutex-0.1-main
  _openmp_mutex      pkgs/main/linux-64::_openmp_mutex-4.5-1_gnu
  brotlipy           pkgs/main/linux-64::brotlipy-0.7.0-py37h27cfd23_1003
  ca-certificates    pkgs/main/linux-64::ca-certificates-2021.7.5-h06a4308_1
  certifi            pkgs/main/linux-64::certifi-2021.5.30-py37h06a4308_0
  cffi               pkgs/main/linux-64::cffi-1.14.6-py37h400218f_0
  chardet            pkgs/main/linux-64::chardet-4.0.0-py37h06a4308_1003
  conda              pkgs/main/linux-64::conda-4.10.3-py37h06a4308_0
  conda-package-han~ pkgs/main/linux-64::conda-package-handling-1.7.3-py37h27cfd23_1
  cryptography       pkgs/main/linux-64::cryptography-3.4.7-py37hd23ed53_0
  idna               pkgs/main/noarch::idna-2.10-pyhd3eb1b0_0
  ld_impl_linux-64   pkgs/main/linux-64::ld_impl_linux-64-2.35.1-h7274673_9
  libffi             pkgs/main/linux-64::libffi-3.3-he6710b0_2
  libgcc-ng          pkgs/main/linux-64::libgcc-ng-9.3.0-h5101ec6_17
  libgomp            pkgs/main/linux-64::libgomp-9.3.0-h5101ec6_17
  libstdcxx-ng       pkgs/main/linux-64::libstdcxx-ng-9.3.0-hd4cf53a_17
  ncurses            pkgs/main/linux-64::ncurses-6.2-he6710b0_1
  openssl            pkgs/main/linux-64::openssl-1.1.1k-h27cfd23_0
  pip                pkgs/main/linux-64::pip-21.1.3-py37h06a4308_0
  pycosat            pkgs/main/linux-64::pycosat-0.6.3-py37h27cfd23_0
  pycparser          pkgs/main/noarch::pycparser-2.20-py_2
  pyopenssl          pkgs/main/noarch::pyopenssl-20.0.1-pyhd3eb1b0_1
  pysocks            pkgs/main/linux-64::pysocks-1.7.1-py37_1
  python             pkgs/main/linux-64::python-3.7.10-h12debd9_4
  readline           pkgs/main/linux-64::readline-8.1-h27cfd23_0
  requests           pkgs/main/noarch::requests-2.25.1-pyhd3eb1b0_0
  ruamel_yaml        pkgs/main/linux-64::ruamel_yaml-0.15.100-py37h27cfd23_0
  setuptools         pkgs/main/linux-64::setuptools-52.0.0-py37h06a4308_0
  six                pkgs/main/noarch::six-1.16.0-pyhd3eb1b0_0
  sqlite             pkgs/main/linux-64::sqlite-3.36.0-hc218d9a_0
  tk                 pkgs/main/linux-64::tk-8.6.10-hbc83047_0
  tqdm               pkgs/main/noarch::tqdm-4.61.2-pyhd3eb1b0_1
  urllib3            pkgs/main/noarch::urllib3-1.26.6-pyhd3eb1b0_1
  wheel              pkgs/main/noarch::wheel-0.36.2-pyhd3eb1b0_0
  xz                 pkgs/main/linux-64::xz-5.2.5-h7b6447c_0
  yaml               pkgs/main/linux-64::yaml-0.2.5-h7b6447c_0
  zlib               pkgs/main/linux-64::zlib-1.2.11-h7b6447c_3

Preparing transaction: done
Executing transaction: done
installation finished.

Launch conda

uid165116@od-12345:~$ source <(~/miniconda3/bin/conda shell.bash hook)

Install pymysql (for example)

(base) uid165116@od-12345:~$ python3 -V
Python 3.7.10

(base) uid165116@od-12345:~$ pip3 install pymysql --user
Collecting pymysql
  Downloading PyMySQL-1.0.2-py3-none-any.whl (43 kB)
     |████████████████████████████████| 43 kB 892 kB/s 
Installing collected packages: pymysql
Successfully installed pymysql-1.0.2

This guide explains how to specify a file that will be loaded before the desired page or at the beginning of each PHP script executed on your server, included as if it had been called with the function require(), but more globally using the PHP directive auto_prepend_file.

Preamble

• For example, to declare the headers of a website, you can create a file called headers.php that contains PHP header() functions and that is prepended at the beginning of each PHP file…
  • … via a .user.ini file (specific to a folder),
  • … or via the site configuration of the Manager (global) as explained below.

Include a file globally from the Manager

To access website management:

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the product concerned:
3. Click on Manage under Advanced Settings:
   
4. Click on the PHP / Apache tab.
5. Fill in the relevant line by entering the path of the file to include.
6. Click the button to save:
   

After setting this directive, all PHP pages on your server will automatically include the specified file before executing their own code.

The headers defined in a .htaccess file are only valid for non-PHP (i.e., static) content.

Infomaniak uses php-fpm which receives the various headers via apache fast_cgi. In the RFC of cgi_www the header Strict-Transport-Security is not part of the headers passed via CGI and the Apache documentation confirms this. Refer to this other RFC.

The Infomaniak infrastructure does not pass virtualization instructions to VPS Cloud / VPS Lite; it is therefore not possible to do nested virtualization (virtualization that would run within an already virtualized environment) as this causes issues, notably during live migrations.

This guide concerns the creation of private networks between different Infomaniak hosting offers such as VPS Cloud / VPS Lite, Public Cloud, NAS Synology, etc.

Create a VLAN between VPS

It is not possible to create a private network (VLAN) between VPS Cloud / VPS Lite and other products, such as NAS Synology for example, because they are installed on separate networks.

However, it is possible to create a VLAN between at least 10 VPS Cloud / VPS Lite that you own (contact Infomaniak support) however a dedicated private network will not be able to communicate with another.

It is recommended to migrate to the **Public Cloud** offer to create such private networks between VM.

This guide concerns the installation of PHP extensions on Web Hosting Infomaniak.

Using Zend PHP extensions

• Zend Guard Loader is a PHP extension that allows you to run encrypted PHP scripts via Zend Guard.
  • Zend Guard Loader is pre-installed for PHP <= 5.6 on all web hosting and is not available for PHP versions >= 5.6.
• Since PHP 5.3.x, the Zend Optimizer module has been replaced by ZendGuardLoader
• The ZendOPCache extension requires a Serveur Cloud configured with PHP 5.5 minimum

To use Perl modules on an Infomaniak Cloud Server, it is necessary to install them in the user directory and to define the full path within the scripts.

You will thus be able to install and update your modules freely.

This guide concerns Redis, a PHP module for Serveur Cloud Infomaniak.

Preamble

• Redis is used with PHP to accelerate performance by serving as a cache for temporary data and managing user sessions, thus improving the efficiency of web applications.
• Redis also allows the implementation of queuing systems and temporary storage of data for asynchronous tasks or statistics.
   

Install Redis

Redis is installed via Fast Installer, applications available in a few clicks on Serveur Cloud:

• After installation, Redis is accessible via the IP/port localhost:6379 or 127.0.0.1:6379
• The password for Redis must be between 15 and 99 characters (inclusive).

This guide explains how to increase the max_children value on Serveur Cloud to increase the number of simultaneous PHP processes that can be used by your site. This will be very useful for resolving infinite page loading issues on your site.

Preamble

• By default, the limit for max_children is set to 20 for all hosting.
  • Although it is possible to increase this value from the Infomaniak Manager, the limit for max_children is automatically adjusted based on the configuration of your Cloud Server.
  • To increase this limit on shared hosting, migrate to Cloud Server.
• To understand how to calculate the max_children needed as accurately as possible, refer to this article on the subject.

Increase the max_children value

Prerequisites

• Ensure that you have the necessary resources on the Cloud Server.
• Ensure that all resources of the Cloud Server are not used; if it turns out that they are fully used, increasing the value of max_children will have no effect (Modify the resources of the Cloud Server).
• Monitor your server's resource usage, if your server's resources are maxed out, it will be necessary to check the optimization of your processes and site before considering increasing the max_children value.
• Check the PHP error reports from the /ik-logs folder (master process php logs - file name: php-fpm.log) to verify if the "max_children" limit has been exceeded... example of error: [05-Jul-2024 09:08:58] WARNING: [pool www.infomaniak.ch] server reached max_children setting (20), consider raising it

To access the management of PHP / Apache parameters for the site for which you need to increase the max_children value on Serveur Cloud, refer to this other guide.

You will be able to…

• … choose a new value for max_children:
  

Limits depending on the server

Limit of max_children based on the resources of the Serveur Cloud:

This guide explains how to modify the variables of the PHP-CLI extension, which is available by default on Serveur Cloud Infomaniak.

Modify the PHP_CLI variables

To access the PHP extensions of the Cloud Server:

1. Click here to access the management of your Cloud Server on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the relevant Cloud Server.
3. Click on PHP Extensions in the left sidebar.
4. Click on the action menu ⋮ to the right of PHP-CLI in the displayed table.
5. Click on Configure:
   
6. Modify the following variables: allow_url_fopen, allow_url_include, memory_limit, max_execution_time, short_open_tag, allow_local_infile
7. Click on the blue Save button.

This guide explains how to modify the value of the directive php_value include_path.

Modify the include_path

Like any other PHP parameter, include_path is defined in the .user.ini file.

Here is an example of path to use in the .user.ini file:

include_path = .:/home/clients/123456789a12345b12fc345d/web/www.domainetest.abc/public/abc/include

Check out this other guide about phpinfo to verify that your new directive has been applied.

This guide explains how to modify the configuration of a VPS Cloud / VPS Lite.

Change the storage size on VPS Cloud / VPS Lite

To access the VPS Cloud / VPS Lite:

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click on the action menu ⋮ to the right of the relevant item in the displayed table.
3. Click on Modify the offer:
   
4. Make the desired adjustments and complete the procedure below:
   
5. It is necessary to extend the volume after increasing the storage volume.

This guide explains how to allow certain incoming and/or outgoing ports in the firewall of a VPS Cloud / VPS Lite server.

Access the management tool

To manage the VPS Cloud / VPS Lite firewall:

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the relevant product.
3. Click on Firewall in the left sidebar:
   

Rule to allow ping on VPS Cloud / VPS Lite

To add a rule to the firewall:

1. Click the blue button to Add a rule.
2. Click on Manual Selection.
3. Select ICMP:
   
4. Validate at the bottom of the page.

Open the outgoing port 25 globally

The outgoing port 25 (SMTP Mail port) is blocked by default.

It is recommended to use an authenticated mail sending solution.

To open this port, contact Infomaniak support and justify your request.

Infomaniak does not offer virtual disk encryption on VPS Cloud / VPS Lite but provides a block device that you can format and encrypt if you wish.

This guide concerns swap on Serveur Cloud.

Swap and RAM

There can be swap even when RAM usage is low. Indeed, the system can use swap at any time if it deems it useful.

Swap is not a dedicated memory space to be used only when there is no free RAM, although that is often its main use.

If you want to know more, there is a parameter "swappiness" that allows you to define how the system will use the swap. The default value is 60 and it cannot be changed.

This guide explains how to connect to Elasticsearch after installing it on Magento from a Cloud Server Infomaniak.

Prerequisites

• Have a Infomaniak Cloud Server.
• Install Magento.
• Contact the Infomaniak support for the installation of Elasticsearch.

Connection Information

Once connected to your Magento space, you will need to provide the following information to start Elasticsearch:

• Hostname: localhost or 127.0.0.1
• Port :9200
• Prefix :magento2

This guide presents several examples of using Varnish on Cloud Server Infomaniak.

Varnish Configuration

After installation, configuring Varnish includes important rules for caching and purging. Be careful not to accidentally allow unwanted IP addresses.

Here is what a basic configuration file might look like with a few common cases and different actions/rules in one example:

vcl 4.0;
# Configuration du backend par défaut
backend default {
    .host = "127.0.0.80";  # Adresse IP du backend
    .port = "80";           # Port du backend
}
# Définition d'une liste de contrôle d'accès (ACL) pour les IPs autorisées à purger le cache
acl purge {
    "localhost";            # IP locale
    "1.2.3.4";              # IP de votre domicile
    "42.42.42.0"/24;        # Plage d'IP publique de votre entreprise
    ! "42.42.42.7";         # Exclusion d'une IP spécifique (ex : un collègue gênant)
}
# Traitement des requêtes à leur réception par Varnish
sub vcl_recv {
    # Autoriser les requêtes de purge
    if (req.method == "PURGE") {
        # Vérification si l'IP du client est autorisée à purger
        if (!client.ip ~ purge) {  # 'purge' fait référence à l'ACL définie plus haut
            # Retourne une page d'erreur si l'IP n'est pas autorisée
            return (synth(405, "Cette IP n'est pas autorisée à envoyer des requêtes PURGE."));
        }
        # Si l'IP est autorisée, purger le cache pour cette requête
        return (purge);
    }
    # Autoriser la purge de toutes les images via une requête PURGEALL
    if (req.method == "PURGEALL" && req.url == "/images") {
        if (!client.ip ~ purge) {
            return (synth(405, "Cette IP n'est pas autorisée à envoyer des requêtes PURGE."));
        }
        # Invalider tous les objets en cache correspondant à des images
        ban("req.url ~ \.(jpg|png|gif|svg)$");
        return (synth(200, "Images purgées."));
    }
    # Ne pas mettre en cache les pages avec une autorisation (header Authorization)
    if (req.http.Authorization) {
        # Passer la requête directement au backend sans la mettre en cache
        return (pass);
    }
}
# Traitement de la réponse du backend avant de la renvoyer au client
sub vcl_backend_response {
    # Mise en cache des images pour une durée de 1 jour
    if (beresp.http.content-type ~ "image") {
        set beresp.ttl = 1d;
    }
    # Si le backend indique que la réponse ne doit pas être mise en cache, respecter cette consigne
    if (beresp.http.uncacheable) {
        set beresp.uncacheable = true;
    }
}

Purge from the CLI interface

From there, the rules stated in the configuration above apply to all requests, so if the configured site is "domain.xyz", you can simply use the CLI tool "curl" and do the following:

# Envoyer une requête PURGE pour purger la page d'accueil de "domain.xyz"
$ curl -X PURGE https://domain.xyz/
# Réponse renvoyée par le serveur Varnish
<!DOCTYPE html>
<html>
<head>
    <title>200 Purged</title>
</head>
<body>
    <h1>Erreur 200 : Purge effectuée</h1>
    <p>La page a été purgée avec succès.</p>
    <h3>Guru Meditation:</h3>
    <p>XID: 2</p>
    <hr>
    <p>Serveur de cache Varnish</p>
</body>
</html>

And there, the homepage has been purged. Or to purge another URL, simply point the request to the latter:

# Envoyer une requête PURGE pour purger un fichier spécifique à "domain.xyz"
$ curl -X PURGE https://domain.xyz/some_path/some_file.html
# Réponse renvoyée par le serveur Varnish
<!DOCTYPE html>
<html>
<head>
    <title>200 Purged</title>
</head>
<body>
    <h1>Erreur 200 : Purge effectuée</h1>
    <p>Le fichier a été purgé avec succès.</p>
    <h3>Guru Meditation:</h3>
    <p>XID: 4</p>
    <hr>
    <p>Serveur de cache Varnish</p>
</body>
</html>

Or, as indicated in the VCL configuration, purge all images:

# Envoyer une requête PURGEALL pour purger toutes les images dans "domain.xyz"
$ curl -X PURGEALL https://domain.xyz/images
# Réponse renvoyée par le serveur Varnish
<!DOCTYPE html>
<html>
<head>
    <title>200 Purged images</title>
</head>
<body>
    <h1>Erreur 200 : Images purgées</h1>
    <p>Toutes les images ont été purgées avec succès.</p>
    <h3>Guru Meditation:</h3>
    <p>XID: 32770</p>
    <hr>
    <p>Serveur de cache Varnish</p>
</body>
</html>

Purge from a CMS

It is a bit more difficult to illustrate this case because there are many ways to manage caching from a backend. In the configuration example above, a control on the header "Uncacheable" is added, which disables caching. With this option, any CMS could simply set this header on the response to disable caching for this request, for example.

From any PHP code and with the configuration above, you can simply send an HTTP request and use this snippet to perform a PURGE of the cache:

<?php
if ($curl = curl_init("http://127.0.0.1/some_url")) {
    curl_setopt_array($curl, [
        CURLOPT_RETURNTRANSFER => true,
        CURLOPT_CUSTOMREQUEST => "PURGE",
        CURLOPT_HTTPHEADER => [
            "Host: {$_SERVER['HTTP_HOST']}"
        ]
    ]);
    curl_exec($curl);
    if (curl_getinfo($curl, CURLINFO_HTTP_CODE) == 200) {
        echo "Cache purged!";
    }
    curl_close($curl);
}
?>

Learn more

Useful links regarding the Varnish configuration language (VCL) to control request processing, routing, caching and several other aspects:

• VCL Tutorial
• VCL user guide
• VCL Reference

It is not possible to order and obtain more IP addresses on a VPS Cloud / VPS Lite.

The alternatives would be to use…

• … a hosting of type Public Cloud (it is possible to add as many IP addresses as desired),
• … the tool Newsletter according to your needs.