This guide details the "X-Frame-Options" header, which can be used to protect against clickjacking attacks. Note that the "X-Frame-Options" header may not be supported by all web browsers. It is therefore recommended to combine it with other methods to enhance the security of your website.

Possible values for the header

‍The "X-Frame-Options" header can be set to prevent a website from being loaded in a frame or iframe. There are three possible values for this header:

This guide provides information about the robots.txt file automatically created for Web hosting where this file is missing.

Preamble

• The robots.txt file acts as a guide for search engine crawlers
• It is placed at the root of a website and contains specific instructions for these robots, indicating which directories or pages they are allowed to explore and which they should ignore
• However, robots may choose to ignore these directives, making the robots.txt a voluntary guide rather than a strict rule

File Content

If the robots.txt file is missing from an Infomaniak site, a file with the same name is automatically generated with the following directives:

User-agent: *
Crawl-delay: 10

These directives tell robots to space out their requests by 10 seconds, which helps to avoid unnecessarily overloading the servers.

Bypassing the default robots.txt

It is possible to bypass the robots.txt by following these steps:

1. Create an empty robots.txt file (it will serve only as a placeholder so that the rules do not apply).
2. Manage the redirection of the URI (Uniform Resource Identifier) robots.txt to your chosen file using a .htaccess file.

Example

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_URI} /robots.txt$
RewriteRule ^robots\.txt$ index.php [QSA,L]
</IfModule>

Explanations

• The mod_rewrite module of Apache is enabled to allow redirections.
• The condition RewriteCond %{REQUEST_URI} /robots.txt$ checks if the request concerns the robots.txt file.
• The rule RewriteRule ^robots\.txt$ index.php [QSA,L] redirects all requests to robots.txt to index.php, with the option [QSA] that preserves the query parameters.

It is recommended to place these instructions at the beginning of the .htaccess file.

This guide details the use of DELIMITER to create MySQL functions on Serveur Cloud Infomaniak.

Preamble

• When creating functions or stored procedures in MySQL, it is crucial to understand the role of delimiters.
• The correct use of delimiters is essential to avoid syntax errors that can occur due to the presence of multiple SQL statements in a single function or procedure definition.

Understanding the Delimiter

A delimiter is a character or sequence of characters used to separate SQL instructions in a script. By default, MySQL uses the semicolon (;) as a delimiter. However, when creating functions, stored procedures, or triggers that contain multiple SQL instructions, it is necessary to temporarily change the delimiter to avoid syntax errors.

When you create a function, procedure, or trigger, you often need to use multiple SQL statements within the BEGIN...END block. Since the semicolon (;) is also used to terminate these internal statements, MySQL might interpret the first semicolon as the end of the function definition, resulting in a syntax error. To avoid this issue, you must change the delimiter during the function definition.

Create a simple function using custom delimiters

Before defining the function, you must tell MySQL that you will use a different delimiter. In the example below, $$ is used as the new delimiter:

DELIMITER $$

With the new delimiter in place, you can now define your function. The CREATE FUNCTION includes the body of the function, where you can use internal SQL statements separated by semicolons without any issues:

CREATE FUNCTION hello_world()
RETURNS TEXT
LANGUAGE SQL
BEGIN
RETURN 'Hello World';
END;
$$

In this example:

• CREATE FUNCTION hello_world() : declares the beginning of the definition of the function hello_world.
• RETURNS TEXT : specifies the data type that the function returns.
• LANGUAGE SQL : specifies that the language used for the function is SQL.
• BEGIN ... END: encapsulates the function code. Inside, the semicolon is used to separate SQL statements.
• RETURN 'Hello World'; : SQL statement that returns the string Hello World.

After defining the function, reset the delimiter to its default state (the semicolon). This allows you to continue executing the usual SQL instructions in your subsequent scripts:

DELIMITER ;

This guide explains how to securely and easily transfer files between Web Hosting and/or Cloud Server.

Preamble

• The FXP (File Exchange Protocolis a method for transferring files directly between two FTP servers without the data passing through the local client.
• Using the FTP PORT and PASV commands, it allows for a connection to be established between the two servers for faster and more efficient file transfer, thus saving bandwidth.
• However, this method may present security risks if the connections are not secured by FTPS, and it requires a more complex configuration compared to traditional FTP transfers.

Transferring data between servers

For example, you can use CrossFTP, a multi-platform software that allows you to perform FXP (as well as FTP, SFTP, WebDav, S3, OpenStack Swift).

This guide explains how to initialize your VPS Cloud / VPS Lite with Windows upon first connection.

Initializing a Cloud Server with Windows

You must change your Windows user password before you can connect via RDP (Remote Desktop Protocol) to your server, otherwise an error is returned (indicating that the password must be changed).

To do this, you must connect using the VNC console the very first time.

Once the user password has been changed (via VNC), it will be possible to connect without any issues via RDP. This protocol is already activated on the Infomaniak Windows images.

Login credentials

• Username:
  • for Windows 11 Professional = Infomaniak
  • for Windows 10 Professional = Infomaniak
  • for Windows Server = Administrator
• Password: the one you chose when ordering the server; if forgotten, please reset the server.
• IP Address: the one indicated on your server's dashboard.

Connect via RDP…

• … on Windows: Remote Desktop is a built-in feature.
• … on macOS: install the free desktop app Windows App (formerly Microsoft Remote Desktop).
• … on Linux: install the app Remmina.

This guide explains how to change the WordPress management password or any other Web application (Joomla, Drupal, Typo3, PrestaShop, ownCloud, etc.) installed via Infomaniak tools included in the offersWeb hosting paid.

Preamble

• Some applications also allow a change of user password directly from their dedicated interface:
  • Example: WordPress (manage users, names, passwords, roles, etc.).

Change the password of a Web app

To change the password to the administration panel of your web application, perform the following actions:

1. Click here in order to access the management of your product on the Manager Infomaniak (Need help?).
2. Click directly on the nameallocated to the product concerned:
   
3. Click on the action menu ⋮ located to the right of the relevant Web Application.
4. Click on Parameters of the application:
   
5. Click on Edit to the right of the Application:
   
6. Under Password Enter the new password (for connection to the identifier indicated above):
   
7. Click on the button Save at the bottom of the page.

This guide explains how to enable the following functions on Web Hosting (in italics, Cloud Server only):

• proc_open
• popen
• exec()
• shell_exec()
• set_time_limit
• passthru
• system

Enable PHP functions

To access website management:

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the relevant product:
3. Click on Manage under Advanced Settings:
   
4. Click on the PHP / Apache tab.
5. Click on the toggle switches On/Off as desired:
   
6. Click on the Save button to confirm the changes.

This guide explains why there is a folder /icons/ within the Web Hosting.

/icons/ folder on your Web Hosting

In some cases, a folder named /icons/ is present by default on your web hosting. This folder is generally accessible via HTTP, but is not visible in the FTP directory structure (www.domain.xyz/icons/).

This directory /icons/ is often used to store specific icons or images used to display directory lists. These icons are generally used by web servers to visually represent the different types of files in directories when they are viewed through a browser.

This guide provides precise information on the support for the ASP (Active Server Pages, aspx) development environment within the Infomaniak infrastructure.

ASP support

The Web hosting and Cloud Servers services are based on an Apache server architecture that does not natively support the Apache::ASP module.

However, it is possible to install and configure this ASP environment on VPS Cloud Infomaniak.

This guide explains how to access the VNC console with VPS Cloud / VPS Lite Infomaniak.

Preamble

• Initial access to the server is via SSH key; it is therefore necessary to assign a password to the root account or create another user before you can authenticate with the VNC console.
• Attention: you must use a US keyboard layout to use VNC properly!

Open the VNC console

To do this:

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the relevant product.
3. Click on Open the VNC console under Quick Actions.

If there is a display issue with the console, then from the VM:

In /etc/default/grub modify GRUB_CMDLINE_LINUX_DEFAULT, GRUB_GFXMODE and GRUB_GFXPAYLOAD_LINUX (the latter variable is likely missing and needs to be added):

GRUB_CMDLINE_LINUX_DEFAULT="biosdevname=0 net.ifnames=0 console=tty0 console=ttyS0,115200
earlyprintk=ttyS0,115200 consoleblank=0 systemd.show_status=true video=VGA-1:1280x1024"
GRUB_GFXMODE=1280x1024x16
GRUB_GFXPAYLOAD_LINUX=keep

Then update grub and reboot:

grub-mkconfig -o /boot/grub/grub.cfg

The resolution can be changed (1000x400 instead of 1280x1024 for example) to display the VNC console in the administration interface without opening a new tab.