Knowledge base
1000 FAQs, 500 tutorials and explanatory videos. Here, there are only solutions!
This guide concerns the redirection of web traffic to a specific port, including when using a dedicated IP and a specific web application (such as Node or Varnish for example).
Prerequisites
- Add a site to your hosting.
- Install
HAProxyon the Cloud Server.
Redirect web traffic to a specific port
By default, on Serveur Cloud, web traffic is sent to Apache. To send requests to a Node script or another service (provided it "listens" on a port between 4000 and 4009), you need to go through HAProxy.
This applies notably to servers Express, Socket.IO, Meteor.js, Nuxt.js, Django, Flask, Ruby on Rails, even possibly Java (J2E), etc.
For this, you must ensure that the service is listening on a port between 4000 and 4009 (especially with server.listen(4000) for Express or a basic HTTP Node server, but depending on the type of project by other means, a configuration file, in the code or otherwise) and on all interfaces (0.0.0.0).
It will also be necessary to configure HAProxy as in the example below:
- Click here to access the management of your product on the Infomaniak Manager (need help?).
- Click directly on the name assigned to the relevant product.
- Click on Fast installer in the left sidebar.
- Click on the action menu â‹® located to the right of
HAProxy. - Click on Configure:
- Choose the desired information and save:
Retrieving the source IP of a request
When you redirect web traffic to your web application, the way requests are processed changes, and the request is first received by a reverse proxy (local to the server) which then forwards the request to the chosen port. Thus, due to the request forwarding, the methods usually used to retrieve the visitor's IP will return the IP of the reverse proxy instead of the visitor's.
In these cases, to retrieve the real source IP of the visitor, you need to consult an HTTP header named X-Forwarded-For, which will contain the source IPs accumulated during each redirection. This header will therefore contain last the original IP address of the client, allowing the real visitor to be identified.
Warning: It is important to note that HTTP headers can be manipulated, which presents security risks. To minimize these risks, it is recommended to verify that the request comes from a reliable server before trusting the content of the X-Forwarded-For header. This verification may involve ensuring that the request was transmitted by a trusted intermediary server, identified by a pre-established list of IP addresses. In the case where the site uses a dedicated IP, the trusted servers are:
- 83.166.133.15
- 83.166.133.17
- 83.166.133.16
- 84.16.92.5
- 84.16.92.43
- 10.2.32.255
- 10.2.34.164
The PHP extension JavaScript_Object_Notation is available. It is useful for processing JSON data in your PHP web applications, whether to exchange data with web services, store configurations, or communicate with front-end applications written in JavaScript.
This guide explains how to modify an existing Web Hosting plan to, for example, host additional websites if the maximum site quota is reached, or to obtain a more recent hosting solution to benefit from the latest versions of PHP & MySQL.
Modify the Web hosting offer to…
… order additional websites, disk space, or IPs
To access the Web hosting configurator:
- Click here to access the management of your product on the Infomaniak Manager (need help?).
- Click on the action menu â‹® located to the right of the relevant item.
- Click on Modify the offer:
- Increase the values you wish to modify.
- Click on the Next button to proceed to the payment for the changes made to the hosting:
… switch to a more recent server
To get a hosting solution on a more recent server and thus benefit from the latest versions of PHP & MySQL, you can either…
- … refer to this other guide and follow the indicated procedure to the end:
- … refer to this other guide and follow the procedure indicated until point 4 then click the button to update:
- If no information banner is displayed, it means you already have a recent hosting offer.
This guide details how to back up data from your Web hostings (shared or Server Cloud) using Acronis on Swiss Backup, the backup solution in an independent Swiss cloud.
Preamble
- This is a backup solution that allows you to automate the backup of your files if the backups offered by Infomaniak no longer meet your availability or security needs.
- It is also possible to back up other types of data.
- Backups are typically performed every 24 hours, depending on the Cloud agent's load.
- It is not possible to exclude files from the backup: all files will be backed up, which may generate warnings as some system files are protected and not accessible to the client; this is quite normal and common to all hosts.
- Make your life easier! If needed, **local partners referenced by Infomaniak can handle these procedures**. Launch a **free call for tenders**. They take care of everything, freeing you from technical details.
Creation of the backup space
Prerequisites
- Have a Swiss Backup Infomaniak space with an available device quota (minimum 1) for a Acronis website backup:
- If necessary, increase the device quota according to your needs.
- Add the device to the Infomaniak Manager to receive the login credentials.
- Familiarize yourself with the Acronis documentation on this topic: backup / restoration
- Use a Web hosting service.
- Know the information of the FTP+SSH user account:
- Know the information of the MyQSL/MariaDB user account, which must have maximum permissions (read/write/admin) on all the databases and tables you wish to back up:
To configure the backup of a website with Acronis:
- Click here to access the Acronis Console with the credentials obtained after adding the device (need help?).
- Click on the device addition button to add a device of type Site Web:
- Enter the information regarding the FTP type data:
- specify a name/description
- specify the FTP host
- leave port 22
- specify the FTP+SSH username
- specify the FTP+SSH account password
- Click on the Next button:
- Enter the information regarding the MySQL/MariaDB databases:
- select the radio button corresponding to SSH
- indicate the MySQL/mariaDB host
- leave the port 3306
- indicate the MySQL/mariaDB username
- indicate the password for the MySQL/mariaDB account
- Click on the Next button (or Skip if there is no data of this type to back up):
Back up the website data
Once the backup is configured and created, you will find it under **Sites** in the left sidebar:
Click on the name of your backup to set its recurrence, and start a first copy immediately if necessary.
Access the backed-up files and restore them
Refer to this other guide if you are looking for information about restoring (partially or completely) your data.
This guide covers data protection regulations in Switzerland and Europe and the measures taken by Infomaniak to secure your customer data and data within Web Hosting and Mail Services.
Understanding the difference between data security and data confidentiality
Data security aims to prevent any unauthorized access to your information. It relies on measures such as encryption, firewalls, or VPNs. A security breach can have disastrous consequences: imagine a hacker stealing your entire customer database and demanding a ransom to return it. This type of attack—ransomware—can paralyze a business overnight.
Today, it is estimated that more than 50% of companies victimized by a cyberattack close within two years.
Data confidentiality concerns who can access your information and how it is used. Even if your data is secured against hacking, it can be collected, analyzed, and resold... legally.
Example: you carefully store your customers' information, but unbeknownst to you, a service you use shares—anonymously—this data with third parties. Result? Your competitors can obtain valuable market analyses and target your own customers without ever needing to hack into your systems.
LPD & GDPR
In Switzerland, the LPD (Federal Data Protection Act) and nLPD (for the "new Law" in effect since September 2023) protects the confidentiality of residents by regulating the collection and processing of personal data by organizations.
On the other hand, the GDPR (General Data Protection Regulation) of the EU, in effect since May 2018, influences global companies processing the data of European residents, including in Switzerland. While the LPD applies to the data of Swiss residents, the GDPR concerns that of EU residents. Swiss companies managing European data must comply with the GDPR's requirements, including appointing a Data Protection Officer and conducting Data Protection Impact Assessments in case of risky processing.
Your role as an Infomaniak Client
Regarding the hosted data that belongs to you and if it concerns personal data of your visitors, contacts, and clients, it is up to you to ensure compliance.
When processing this personal data, it is important to inform users about how and why it is being processed. This is usually done through a privacy statement/charter.
A GDPR certificate (in PDF format) can be generated and downloaded from the Manager (accessible to organization users who are owners or administrators):
- Click here to access DPA management on the Infomaniak Manager (need help?).
- Click the Generate button to download the customized PDF document:
Here are some tips on this topic:
- Inform about all data processing, not just that related to the website.
- Ensure easy access to the privacy statement on the website, for example in the footer of each page.
- In general, it is not necessary to obtain the user's approval for privacy statements (e.g., for forms); it is sufficient to indicate where to find the statement (example Site Creator).
- Keep in mind that new, more in-depth information rules might require adjustments to existing privacy statements.
It is crucial to differentiate between the security of the infrastructures where your data is hosted and the management and implementation of data on your side. As a hosting provider, Infomaniak acts as a subcontractor for your RGPD obligations. In this context, its privacy policies and cookie usage, as well as its terms and conditions, provide the necessary guarantees regarding its compliance as a subcontractor.
The role of Infomaniak
Like companies that work with user data, Infomaniak must comply with the LPD and, because some of these users are European citizens, the GDPR as well:
- The data privacy policy details the data that Infomaniak retains to provide and execute its services
- The policy related to the protection of your personal data describes Infomaniak's commitments as a subcontractor that hosts all of your data, including personal data
These commitments are outlined in the general terms and conditions and specific terms and conditions as follows:
- store your data within data centers exclusively located in Switzerland and never transfer your information outside of these infrastructures
- apply strict security standards and constantly improve processes to ensure a high level of security across all services
- notify you promptly in case of a breach of your data
- ensure transparency with you when Infomaniak uses subcontractors that may process your data
- strengthen and develop physical security measures to prevent any unauthorized access to the infrastructures where your data is stored
- Implement physical and/or logical isolation systems (depending on the services) to separate the hosting of different clients; moreover, Infomaniak conducts annual penetration tests to ensure data integrity between clients
- demonstrate high reactivity in the secure updating of the systems under its responsibility
Manage the cookies of the site infomaniak.com
When you visit the page infomaniak.com a choice must be made regarding the acceptance of certain cookies. To modify this choice later, access your preferences from the footer of the site:
This guide explains how to rename a Web hosting present in the Infomaniak Manager within your Organization.
Preamble
- A Web hosting service is, schematically, the storage space reserved for hosting one or several of your websites.
- By default, your Infomaniak hosting takes the name of the first site you add to this hosting:
- You own the domain name "domaine.xyz" and want a site with this domain name…
- You purchase a web hosting that will be automatically named "domaine.xyz" even if you later add a second site "toto.com".
- The hosting can be renamed with a more generic name like "My Websites" to better reflect its actual content.
- This renaming is intended to improve the readability/understanding of the products listed in your Manager and has no impact whatsoever on the web addresses: refer to this other guide to act on the domain name.
Renaming a Web Hosting
To access the web hosting in order to change the name:
- Click here to access the management of your product on the Infomaniak Manager (need help?).
- Click directly on the name assigned to the relevant product.
- Click on the Manage button.
- Click on Edit name:
- Enter the desired name.
- Click on Save.
This guide concerns the ODBC functions of PHP.
ODBC functions in PHP are only supported on Serveur Cloud.
Open Database Connectivity functions
These are the functions used to interact with databases via the ODBC (Open Database Connectivity) interface, a standard for accessing data sources uniformly. Here are a few examples of using the ODBC functions of PHP:
- Being able to read data from an external database and display it on your website
- Insert or modify data in an external database
- Perform complex queries on an external database
The hosting platform for your sites *perso.ch, *.users.ch, *.geneva-link.ch is evolving and this guide presents the procedure to follow to connect to your FTP space.
Change of login credentials
The current hosting platform uses a prefix for your FTP username. It is in the following format: "persoch_"
So, if your username was infomaniak, you will now need to use the following user to connect via FTP: persoch_infomaniak.
This guide explains how to work without the PECL SSH2 client module, which is unavailable on Infomaniak Web Hosting and Cloud Servers, by using the phpseclib library instead, which runs in native PHP without requiring any specific extension.
Foreword
- Using
PECL SSH2 clientresults in errors such asNo compatible key exchange algorithms foundorUnable to exchange encryption keysin its latest available version. Phpsecliballows for:- SSH authentication via password or private key.
- Remote command execution.
- Secure file transfer (SFTP).
- SSH key management.
Using phpseclib
To integrate an SSH connection into a PHP script, use phpseclib as follows:
use phpseclib3\Net\SSH2;
use phpseclib3\Crypt\PublicKeyLoader;
$ssh = new SSH2('domain.xyz');
$key = PublicKeyLoader::load(file_get_contents('/path/to/private_key'));
if (!$ssh->login('utilisateur', $key)) {
exit('Authentication Failed');
}
echo $ssh->exec('ls -la');This guide details the specific rules to follow when creating a user password with mysqli_connect() that contains the “dollar” character $ on the Infomaniak platforms.
Preamble
- If you get the error message "Access denied for user" when using
mysqli_connect(), and your database user password contains a$sign, the issue may be due to the way strings work in PHP. - The issue may also occur with mail scripts.
Rules to follow
When the special character $ is used in a user password and is followed by any character other than a number, the variable name is not valid and the substitution does not occur correctly.
Here are some solutions to fix this:
- Enclose the password in single quotes:
'$******' - Ensure that a number directly follows the dollar:
"$2*****" - Use a backslash to "escape" the dollar sign in the password:
“\$****”