This guide shows how to modify the error_reporting() directive on your website.

Enable error reporting

Specify the following 2 pieces of information in your .user.ini file:

display_errors=on
error_reporting=E_ALL & ~E_NOTICE & ~E_STRICT

If your browser does not display any errors or warnings, then there are none.

Disable PHP error display

For WordPress, edit the file wp-config.php and replace the line:

define('WP_DEBUG', false);

by:

ini_set('display_errors','Off');
ini_set('error_reporting', E_ALL );
define('WP_DEBUG', false);
define('WP_DEBUG_DISPLAY', false);

Otherwise, you can add the following code to the .user.ini file:

display_errors=off

This guide helps you download all the data related to your website hosted by Infomaniak.

Preamble

• Automatic backups are performed daily on Infomaniak installations.
• However, you can download a clean and personal version of your website to secure it on your local installation, USB key, .zip archive on kDrive, etc.
• To download a site created with WordPress, refer to this other guide specific to 2 extensions allowing for local backup of information.
• With the exception of Site Creator, the data of a website hosted by Infomaniak are accessible and visible on the server via an FTP connection (which means that to create a backup of the data, you simply need to download the content of the parent folder on the server).
• All that will remain is to add a backup of the database of the site (which contains information that is not listed in the files accessible via FTP).

Site Location

When you arrive in the folder tree on the server, it will not always be easy to know where to go to download the information related to the site you are interested in.

Start by noting the exact location of the site you want to download, by going to manager.infomaniak.com on the site's dashboard within your Web Hosting:

The highlighted indication above is the location of the example site. Check yours!

Connecting to the server

To access the server, you need to use an FTP software/client or the quick Web FTP access which is suitable in most cases:

Site Download

When you arrive on the Web FTP, you need to go to the location noted in the first chapter above, and click on the download icon to the right of the folder corresponding to your site:

 

The download starts and you obtain a .zip archive with all the files making up your website (except for files beginning with a "." like .htaccess).

Downloading the database

In most cases, your site uses a database to function. You should therefore download it as well.

To do this:

1. Click on Databases in the left sidebar.
2. Click on the action menu ⋮ located to the right of your database name (if you are not sure which one to take, repeat the operation for each of them).
3. Click on Download:
   

You will need to confirm the download (or export) of the most recent correct file in the next step to obtain a .sql.gz file that corresponds to all the tables in your database, which you should keep safely. The download link is sent by email.

This guide concerns IonCube Loader, a PHP module that allows decoding PHP scripts that have been encoded with IonCube Encoder.

Preamble

• IonCube encoding is used to protect an application's source code and prevent its unauthorized modification or distribution.
• By using IonCube Loader, website owners can ensure the security of their code and content while allowing for secure and easy distribution of their applications.

Using ionCube Loader

With shared hosting it is no longer offered. You can check this from the dashboard:

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the relevant product:
3. Click on Manage under Advanced Settings:
   
4. Click on the PHP Extensions tab.
5. Click on ionCube Loader (if present in the list) to see the details:
   
   • Here you should consider a Cloud Server.

The module Apache "mod_rewrite" is enabled by default.

However, it is only supported at Infomaniak through a .htaccess file; moreover, care must be taken to ensure that the path regular expressions do not start with "/".

Regarding the virtual host (vhost), Infomaniak does not provide access to its configuration and makes no modifications.

This guide details the software libraries for handling the PDF format and compatible with the various web hosting offers.

Foreword

• PHP PDF extensions allow, among other things, to generate a PDF from dynamic data for creating customized invoices, for example.

PDF and Cloud Server

On Serveur Cloud, you can install apps like PDFtk …

• The PHP class FPDF is supported.
• PDFlib from the publisher Apryse is no longer offered on the most recent Serveurs Cloud because the PHP_PDF extension has become paid. If you obtain it, you will need to install it on VPS Cloud / VPS Lite or Public Cloud.
   

On shared hosting, ImageMagick is active and supports the EPDF, PDF and PDFA formats.

This guide concerns the configuration and management of ModSecurity on Infomaniak servers. By understanding its limitations, restrictions, and effectively managing errors, you can optimize the security of your site while maintaining its functionality.

Default configuration

ModSecurity (mod_secure) is available and enabled by default on the Infomaniak servers. This means that all HTTP requests will be subject to the security rules defined by ModSecurity.

It is not possible to disable ModSecurity on Infomaniak servers. The setting is global to the server where your site is hosted, which means that all defined security rules will be applied to your site.

Error management

If the error message ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. (...) appears regarding ModSecurity, you should check that a default language is properly configured in your web browser. This error can sometimes be caused by incorrectly configured language settings in the browser.

This guide details the "X-Frame-Options" header, which can be used to protect against clickjacking attacks. Note that the "X-Frame-Options" header may not be supported by all web browsers. It is therefore recommended to combine it with other methods to enhance the security of your website.

Possible values for the header

‍The "X-Frame-Options" header can be set to prevent a website from being loaded in a frame or iframe. There are three possible values for this header:

This guide provides information about the robots.txt file automatically created for Web hosting where this file is missing.

Preamble

• The robots.txt file acts as a guide for search engine crawlers
• It is placed at the root of a website and contains specific instructions for these robots, indicating which directories or pages they are allowed to explore and which they should ignore
• However, robots may choose to ignore these directives, making the robots.txt a voluntary guide rather than a strict rule

File Content

If the robots.txt file is missing from an Infomaniak site, a file with the same name is automatically generated with the following directives:

User-agent: *
Crawl-delay: 10

These directives tell robots to space out their requests by 10 seconds, which helps to avoid unnecessarily overloading the servers.

Bypassing the default robots.txt

It is possible to bypass the robots.txt by following these steps:

1. Create an empty robots.txt file (it will serve only as a placeholder so that the rules do not apply).
2. Manage the redirection of the URI (Uniform Resource Identifier) robots.txt to your chosen file using a .htaccess file.

Example

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_URI} /robots.txt$
RewriteRule ^robots\.txt$ index.php [QSA,L]
</IfModule>

Explanations

• The mod_rewrite module of Apache is enabled to allow redirections.
• The condition RewriteCond %{REQUEST_URI} /robots.txt$ checks if the request concerns the robots.txt file.
• The rule RewriteRule ^robots\.txt$ index.php [QSA,L] redirects all requests to robots.txt to index.php, with the option [QSA] that preserves the query parameters.

It is recommended to place these instructions at the beginning of the .htaccess file.

This guide details the file transfer protocols accepted on the Web Hosting and Cloud Server Infomaniak when connecting to ProFTPD servers.

Preamble

• With a Starter hosting (basic web page), only an FTP connection on port 21 (without SSL/TLS) is possible.
• When creating a website via Apache / PHP hosting, file access is possible through various protocols (FTP, SFTP, SSH).
• With a Node.js site, only SSH / SFTP are possible to access your environment.

FTP (File Transfer Protocol)

FTP connections in "active" and "passive" modes are supported (alternate between the two to try to resolve any potential issues).

Infomaniak opens passive ports on its side [PassivePorts 42000 44000] but only for connections to **its** FTP server. Passive FTP mode involves the use of remote ports defined by the remote server, as well as local ports that may vary depending on the FTP software/client used.

The passive mode is primarily useful when the FTP software/client is behind a firewall or a NAT router that blocks active FTP connections. However, active FTP connections are allowed within the Infomaniak infrastructure, which means that resorting to passive mode is generally not necessary.

As for PHP, it is not possible, by default, to manage this configuration in a centralized manner. Therefore, it is not feasible for Infomaniak to open all ports to support all remote configurations, as this would be neither practical nor secure.

Overall, the infrastructure does not fully support outgoing passive mode FTP connections. For a smoother file transfer experience, it is recommended to use active mode FTP or explore more modern technologies such as SFTP (read below).

SFTP (SSH File Transfer Protocol)

Creating SFTP connections ensures high security for file transfers. Make sure you have enabled SSH on your SFTP software/client and use port 22 for the connection: sftp://*****.

FTPES (FTP secure with TLS/SSL)

Use FTPES for secure file transfers with port 21 and SSL/TLS encryption. With the Filezilla software, for example, select "Explicit FTP over TLS" to configure your FTPES software/client: ftpes://*****.

FTP access

Access to the FTPaccess configuration is available.

What is not supported

Public/Anonymous User

It is not allowed to connect as a public or anonymous user. You must have a valid user account to access your hosting space.

FTPs (secure FTP on a custom port)

The FTPs protocol is not supported, which means that port 2121 is not open for this type of connection.

This guide explains how to install ownCloud (or Nextcloud which is an improved version of Owncloud) in a few clicks on the Web Hosting paid offers.

Preamble

• A cloud system (storage, synchronization, and file sharing) also exists independently of your hosting products: kDrive Infomaniak
• OwnCloud is part of the applications (not developed by Infomaniak) and allows the implementation of a file storage & sharing system within a "cloud" that you fully control (user management, permissions, quotas, associated mobile applications, etc.).
• Unlike other hosts, Infomaniak allows the use of ownCloud on its hosting:
  • Personal use is allowed on shared web hosting.
  • For intensive and professional use, it is recommended to opt for a Cloud Server to install ownCloud or Nextcloud.

Install ownCloud

Prerequisites

• Have a Infomaniak Web Hosting (order if necessary).
• Add a blank website to the Infomaniak hosting.
• Upgrade the Databases section if necessary (especially for Nextcloud)

To access Web Hosting and install an application:

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the relevant product.
3. Click on the Add an app button:
   
4. Choose the desired application (if necessary, filter and search).
5. Click on Select:
   
6. Click at the bottom of the page on Next.
7. Leave the default location or choose to install the app in a new folder that you can create using an icon visible to the right of point 8 in the image.
8. Optionally, choose to install an earlier version if necessary.
9. Click on the Next button:
   
10. Set the username and password.
11. Specify certain advanced settings if necessary (backup type, among others).
12. Review and accept the terms of use of the selected app.
13. Click on the Next button:
    
14. Confirm the installation of the application in the next step and wait:
    
    • Take note of any error message on the screen if, for example, the chosen installation folder is not empty or if the PHP version of the site on which you are attempting the installation is not compatible.