Knowledge base
1000 FAQs, 500 tutorials and explanatory videos. Here, there are only solutions!
This guide details the "X-Frame-Options" header, which can be used to protect against clickjacking attacks. Note that the "X-Frame-Options" header may not be supported by all web browsers. It is therefore recommended to combine it with other methods to enhance the security of your website.
Possible values for the header
The "X-Frame-Options" header can be set to prevent a website from being loaded in a frame or iframe. There are three possible values for this header:
- "DENY": the website cannot be loaded in a frame or iframe
- "SAMEORIGIN": the website can be loaded in a frame or iframe only if the source of the frame or iframe belongs to the same domain as the website
- "ALLOW-FROM uri": the website can be loaded in a frame or iframe only from the specified URI
You can set this header by adding the following lines to your .htaccess file:
Header set X-Frame-Options "DENY"
or by using the header() function in PHP, as it is executed in FPM, in the same way as when disabling HSTS, for example:
header('X-Frame-Options: DENY');
Replace "DENY" with the desired value for this header.
This guide provides information about the robots.txt
file automatically created for Web hosting where this file is missing.
Preamble
- The
robots.txt
file acts as a guide for search engine crawlers - It is placed at the root of a website and contains specific instructions for these robots, indicating which directories or pages they are allowed to explore and which they should ignore
- However, robots may choose to ignore these directives, making the
robots.txt
a voluntary guide rather than a strict rule
File Content
If the robots.txt
file is missing from an Infomaniak site, a file with the same name is automatically generated with the following directives:
User-agent: *
Crawl-delay: 10
These directives tell robots to space out their requests by 10 seconds, which helps to avoid unnecessarily overloading the servers.
Bypassing the default robots.txt
It is possible to bypass the robots.txt by following these steps:
- Create an empty
robots.txt
file (it will serve only as a placeholder so that the rules do not apply). - Manage the redirection of the URI (Uniform Resource Identifier)
robots.txt
to your chosen file using a.htaccess
file.
Example
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_URI} /robots.txt$
RewriteRule ^robots\.txt$ index.php [QSA,L]
</IfModule>
Explanations
- The
mod_rewrite
module of Apache is enabled to allow redirections. - The condition
RewriteCond %{REQUEST_URI} /robots.txt$
checks if the request concerns therobots.txt
file. - The rule
RewriteRule ^robots\.txt$ index.php [QSA,L]
redirects all requests torobots.txt
toindex.php
, with the option[QSA]
that preserves the query parameters.
It is recommended to place these instructions at the beginning of the .htaccess
file.
This guide details the use of DELIMITER
to create MySQL functions on Serveur Cloud Infomaniak.
Preamble
- When creating functions or stored procedures in MySQL, it is crucial to understand the role of delimiters.
- The correct use of delimiters is essential to avoid syntax errors that can occur due to the presence of multiple SQL statements in a single function or procedure definition.
Understanding the Delimiter
A delimiter is a character or sequence of characters used to separate SQL instructions in a script. By default, MySQL uses the semicolon (;
) as a delimiter. However, when creating functions, stored procedures, or triggers that contain multiple SQL instructions, it is necessary to temporarily change the delimiter to avoid syntax errors.
When you create a function, procedure, or trigger, you often need to use multiple SQL statements within the BEGIN...END
block. Since the semicolon (;
) is also used to terminate these internal statements, MySQL might interpret the first semicolon as the end of the function definition, resulting in a syntax error. To avoid this issue, you must change the delimiter during the function definition.
Create a simple function using custom delimiters
Before defining the function, you must tell MySQL that you will use a different delimiter. In the example below, $$
is used as the new delimiter:
DELIMITER $$
With the new delimiter in place, you can now define your function. The CREATE FUNCTION
includes the body of the function, where you can use internal SQL statements separated by semicolons without any issues:
CREATE FUNCTION hello_world()
RETURNS TEXT
LANGUAGE SQL
BEGIN
RETURN 'Hello World';
END;
$$
In this example:
CREATE FUNCTION hello_world()
: declares the beginning of the definition of the functionhello_world
.RETURNS TEXT
: specifies the data type that the function returns.LANGUAGE SQL
: specifies that the language used for the function is SQL.BEGIN ... END
: encapsulates the function code. Inside, the semicolon is used to separate SQL statements.RETURN 'Hello World';
: SQL statement that returns the stringHello World
.
After defining the function, reset the delimiter to its default state (the semicolon). This allows you to continue executing the usual SQL instructions in your subsequent scripts:
DELIMITER ;
This guide explains how to securely and easily transfer files between Web Hosting and/or Cloud Server.
Preamble
- The FXP (File Exchange Protocolis a method for transferring files directly between two FTP servers without the data passing through the local client.
- Using the FTP PORT and PASV commands, it allows for a connection to be established between the two servers for faster and more efficient file transfer, thus saving bandwidth.
- However, this method may present security risks if the connections are not secured by FTPS, and it requires a more complex configuration compared to traditional FTP transfers.
Transferring data between servers
FXP is enabled by default on Serveurs Cloud and hébergements Web (excluding Starter).
For example, you can use CrossFTP, a multi-platform software that allows you to perform FXP (as well as FTP, SFTP, WebDav, S3, OpenStack Swift).
This guide explains how to initialize your VPS Cloud / VPS Lite with Windows upon first connection.
Initializing a Cloud Server with Windows
You must change your Windows user password before you can connect via RDP (Remote Desktop Protocol) to your server, otherwise an error is returned (indicating that the password must be changed).
To do this, you must connect using the VNC console the very first time.
Once the user password has been changed (via VNC), it will be possible to connect without any issues via RDP. This protocol is already activated on the Infomaniak Windows images.
Login credentials
- Username:
- for Windows 11 Professional =
Infomaniak
- for Windows 10 Professional =
Infomaniak
- for Windows Server =
Administrator
- for Windows 11 Professional =
- Password: the one you chose when ordering the server; if forgotten, please reset the server.
- IP Address: the one indicated on your server's dashboard.
Connect via RDP…
- … on Windows: Remote Desktop is a built-in feature.
- … on macOS: install the free desktop app Windows App (formerly Microsoft Remote Desktop).
- … on Linux: install the app Remmina.
This guide explains how to change the WordPress management password or any other Web application (Joomla, Drupal, Typo3, PrestaShop, ownCloud, etc.) installed via Infomaniak tools included in the offersWeb hosting paid.
Preamble
- Some applications also allow a change of user password directly from their dedicated interface:
- Example: WordPress (manage users, names, passwords, roles, etc.).
Change the password of a Web app
To change the password to the administration panel of your web application, perform the following actions:
- Click here in order to access the management of your product on the Manager Infomaniak (Need help?).
- Click directly on the nameallocated to the product concerned:
- Click on the action menu ⋮ located to the right of the relevant Web Application.
- Click on Parameters of the application:
- Click on Edit to the right of the Application:
- Under Password Enter the new password (for connection to the identifier indicated above):
- Click on the button Save at the bottom of the page.
This guide explains how to enable the following functions on Web Hosting (in italics, Cloud Server only):
proc_open
popen
exec()
shell_exec()
set_time_limit
passthru
system
These functions are disabled by default as they pose a significant security risk in case of a website hack. Only enable them if absolutely necessary (for a script or CMS such as ImageMagick, Typo3, CraftCMS, etc.).
Enable PHP functions
To access website management:
- Click here to access the management of your product on the Infomaniak Manager (need help?).
- Click directly on the name assigned to the relevant product:
- Click on Manage under Advanced Settings:
- Click on the PHP / Apache tab.
- Click on the toggle switches On/Off as desired:
- Click on the Save button to confirm the changes.
This guide explains why there is a folder /icons/
within the Web Hosting.
/icons/ folder on your Web Hosting
In some cases, a folder named /icons/
is present by default on your web hosting. This folder is generally accessible via HTTP, but is not visible in the FTP directory structure (www.domain.xyz/icons/
).
This directory /icons/
is often used to store specific icons or images used to display directory lists. These icons are generally used by web servers to visually represent the different types of files in directories when they are viewed through a browser.
This guide provides precise information on the support for the ASP
(Active Server Pages, aspx) development environment within the Infomaniak infrastructure.
ASP support
The Web hosting and Cloud Servers services are based on an Apache server architecture that does not natively support the Apache::ASP module.
However, it is possible to install and configure this ASP environment on VPS Cloud Infomaniak.
This guide explains how to access the VNC console with VPS Cloud / VPS Lite Infomaniak.
Preamble
- Initial access to the server is via SSH key; it is therefore necessary to assign a password to the
root
account or create another user before you can authenticate with the VNC console. - Attention: you must use a US keyboard layout to use VNC properly!
Open the VNC console
To do this:
- Click here to access the management of your product on the Infomaniak Manager (need help?).
- Click directly on the name assigned to the relevant product.
- Click on Open the VNC console under Quick Actions.
If there is a display issue with the console, then from the VM:
In /etc/default/grub
modify GRUB_CMDLINE_LINUX_DEFAULT
, GRUB_GFXMODE
and GRUB_GFXPAYLOAD_LINUX
(the latter variable is likely missing and needs to be added):
GRUB_CMDLINE_LINUX_DEFAULT="biosdevname=0 net.ifnames=0 console=tty0 console=ttyS0,115200
earlyprintk=ttyS0,115200 consoleblank=0 systemd.show_status=true video=VGA-1:1280x1024"
GRUB_GFXMODE=1280x1024x16
GRUB_GFXPAYLOAD_LINUX=keep
Then update grub and reboot:
grub-mkconfig -o /boot/grub/grub.cfg
The resolution can be changed (1000x400 instead of 1280x1024 for example) to display the VNC console in the administration interface without opening a new tab.