This guide explains how to import external data (files, folders, etc.) into your kDrive using the WebDAV protocol.

Preamble

• Refer to this other guide if you are looking for information on how to copy specific data from one kDrive to another when your user has access to both kDrive accounts.

Import external data via WebDAV

To access the import tool, where the data needs to be imported:

1. Click here to access the Web app kDrive Infomaniak (online service kdrive.infomaniak.com).
2. Click on the Settings icon ‍ at the top right.
3. Check or select the kDrive in question from the dropdown menu on the left sidebar.
4. Click on General in the left sidebar.
5. Click on Import external data:
   
6. Click the blue Start button.
7. Click on WebDAV.
8. Fill in the required information based on the source (especially the WebDAV address you have - obtained from the source).
9. Select the destination kDrive and the desired location to store the imported data.
10. Click on Start:
    

Example: copy data from an external kDrive to the Organization

To import a kDrive that would be outside of the Organization in which your destination kDrive is located, you must enter the following information at point 9 above (your credentials will be used exclusively to import your data; they will be immediately deleted at the end of the process):

• Username: email address to log in to the Infomaniak user account
• Password: application password if two-factor authentication is enabled or‍ the one from your Infomaniak user account if you have not enabled 2FA
• Entry point: direct access to kDrive (refer to this other guide regarding the kDrive ID for the connection URL)
  • It is possible to choose a subfolder as the source folder, by combining the kDrive ID and the desired folder by entering for example https://IDkDrive.connect.kdrive.infomaniak.com/My/Subfolder or https://IDkDrive.connect.kdrive.infomaniak.com/MykDrive/My/Subfolder

This guide explains how to protect your website and its visitors from malicious exploitation of MIME-Type sniffing.

Preamble

• MIME-Type sniffing, or MIME type detection, is a technique used by web browsers to determine the content type of a resource when the MIME type provided by the server is ambiguous, missing, or incorrect.
• While this can sometimes improve the user experience by making content accessible despite server configuration errors, this feature also introduces significant security vulnerabilities:
  • When a browser performs MIME-Type sniffing, it can interpret a text file as an executable script, thus opening the door to cross-site scripting (XSS) attacks; for example, a file intended to be treated as plain text could be interpreted as JavaScript, allowing an attacker to execute malicious code on the user's browser.
• By disabling MIME-Type sniffing, you protect visitors against the unauthorized execution of malicious scripts and also enhance the overall security of your website by reducing potential attack vectors.

Disable MIME-Type sniffing

To protect users and web applications from this type of vulnerability, it is possible to disable automatic resource type detection via the .htaccess file of your sites in order to instruct the browser to strictly rely on the MIME type specified by the server without attempting to guess it.

By placing the code below in your .htaccess file, you ensure that MIME-Type sniffing is disabled as long as the mod_headers module (which allows adding the header below) is enabled on your Apache server:

1. Open the .htaccess file for the relevant site from the FTP Manager or an FTP software/client.

2. Add the following code:

   <IfModule mod_headers.c>
       Header always set X-Content-Type-Options "nosniff"
   </IfModule>

3. Save the .htaccess file.

SafeMode, or secure mode, is a security measure that restricts certain server functionalities to prevent potential attacks.

It was abandoned starting with PHP 5.3.0 as it was considered ineffective in ensuring security and could cause compatibility issues with certain applications.

Infomaniak used the open_basedir constraints for its old hosting plans, which are no longer activated on current offers.

This guide details the creation of a GIT repository both on your Web Hosting and on your Cloud Server Infomaniak.

Preamble

• GIT and GITHub are available by default on the two aforementioned supports.
• For additional help, contact a partner or launch a free tender — also discover the role of the host.

Creation of the GIT repository

Setting up on the server:

• The GIT repository is located at /git_depot
• The site is located in the folder /web/[projet] (on your FTP server)

Commands to enter:

cd
mkdir git_depot
cd git_depot/
git init --bare [projet].git
cd [projet].git
git update-server-info

Sending the local repository to the server

To do on the local machine:

git init
git remote add origin ssh://user@[xxxxx].ftp.infomaniak.com:/home/clients/[123465789]/git_depot/[projet].git
git status
git add .
git commit -a -m "init"
git push --set-upstream origin master
git push

Cloning the site to the server directory

To do on the server:

cd
cd web
rm -r [projet]/
git clone /home/clients/[123465789]/git_depot/[projet].git [projet]/

The CGID module for Apache has been disabled on Infomaniak's shared web hosting offers.

If necessary, you should consider switching to a **Cloud Server** if you are currently on shared web hosting. This can be done seamlessly: refer to **this other guide** for more information.

This guide explains how to replace, within an Infomaniak Web hosting, the address of a site currently a subdomain (https://dev.domain.xyz for example) with the main domain (https://domain.xyz).

Preamble

• The operations in brief:
  1. We start with a site created and accessible via the URL of the main domain dev.domain.xyz.
  2. We add an alias domain.xyz.
  3. We swap the two types (the main domain becomes an alias and the alias becomes the main domain).
  4. We remove the old name dev.domain.xyz.
• Note that the site remains in the original folder on the server; the name of this location may be in the form /sites/dev.domain.xyz but this has absolutely no impact on the live site.
• Also, familiarize yourself with the last chapter of this other guide.

The operations in detail

To switch from a site with a subdomain address "dev.domain.xyz" to a direct address "domain.xyz":

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the product in question.
3. Click on the chevron ‍ to expand the Domains section of this site:
4. Click on the button Add a domain:
   
5. Add the desired new name, check the corresponding boxes.
6. Click on the button to Confirm:
   
7. Once the addition is complete, click on the action menu ⋮ located to the right of the relevant item.
8. Choose to set the item as the primary domain:
   
9. Confirm the operation to proceed with the domain swap.

This guide concerns the compatibility between Infomaniak hosting and the C# language / .NET framework along with the Mono implementation.

Technologies for software development

To use the C# language and the .NET framework, with the Mono implementation, to develop software applications that can be deployed and run on different platforms, outside the Windows ecosystem, consider offers such as:

• VPS Cloud / VPS Lite
• Jelastic Cloud
• Public Cloud

This portability and flexibility offered by these multiplatform software development technologies implies that a shared web hosting will not be compatible.

This guide concerns the MySQL Query Cache which, when activated, stores the results of already executed queries in memory.

Preamble

• MySQL Query Cache speeds up subsequent identical queries by avoiding re-execution.
• This can improve the overall performance of the database server by reducing the load and decreasing the response time for frequent queries.

query_cache_type ON or OFF?

On shared Web Hosting (therefore excluding Cloud Server) MySQL Query Cache is neither enabled nor can be enabled.

On Serveur Cloud, enable MySQL Query Cache via Fast Installer.

This guide is about "browscap.ini", a configuration file used by the PHP library "browscap" that contains information about web browsers and their characteristics, such as their name, version, compatible operating systems, browsing capabilities, etc.

File information

The file "browscap.ini" reflects the latest information on web browsers. It can be used with PHP scripts that require the "browscap" library.

phpinfo indicates where the browscap.ini file is located, namely:

/opt/php/lib/php/browscap.ini

You can retrieve the content of the file yourself via a PHP script, for example:

<?php
header("Content-type: text/plain");
print file_get_contents("/opt/php/lib/php/browscap.ini");
?>

Note that the "browscap" library is no longer widely used and that many developers prefer other solutions for browser detection, such as the native PHP function "get_browser()".

This guide explains how to enable PHP-FPM status to, for example, debug a slow site at the PHP level.

Preamble

• PHP-FPM status allows you to monitor in real-time the scripts that are executed as well as their execution time.
• This operation is only possible on Serveur Cloud.

Enable PHP-FPM status

To activate PHP-FPM on a site, contact Infomaniak support from an email address listed on your user account to authenticate your request.

In your request, please specify the source IP address that should be authorized.

Once PHP-FPM status is activated, the following URL links will display the necessary information:

• https://domain.xyz/fpm-status?json&full
• https://domain.xyz/fpm-status?html&full
• https://domain.xyz/fpm-status?xml&full

Warning: if your site contains rewrite rules including the path /fpm-status, you will likely need to make an exception for it.