This guide explains how to add a MySQL/MariaDB database, create or modify users and how to find all the necessary parameters to configure your scripts and CMS on a Web Hosting.

Manage databases

To access the database management page of your hosting:

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the relevant product.
3. Click on Databases (or MariaDB if necessary) in the left sidebar:
   

Databases

Under the Databases tab, you can:

• Create a MySQL/MariaDB database by clicking the Add a database button.
• Import, export or restore a MySQL database by clicking on the dropdown arrow ‍ to the right of the Add button.

Users

Under the Users tab, you can:

• Create a MySQL/MariaDB database user by clicking the Add user button.

Configuration information

This is also where you will find the required information to configure CMS or web applications:

• The name of a database (for example XXXX_dbname)
• The username of a database (for example XXXX_username)
• The password for the database username (the one you chose when creating the MySQL/MariaDB user reset if you have forgotten it)
• The MySQL/MariaDB server for databases / the host name / hostname (for example XXXX.myd.infomaniak.com) with its version (5.7 for example)

User rights, shared servers & Cloud

• With read permissions: “SELECT”
• With write permissions: "INSERT, UPDATE, DELETE, CREATE TEMPORARY TABLES, LOCK TABLES"
• With admin rights: "CREATE, DROP, INDEX, ALTER, CREATE VIEW, SHOW VIEW, REFERENCES"
  • + "CREATE ROUTINE, ALTER ROUTINE, EXECUTE, TRIGGER, EVENT" on Cloud Server only (refer to this other guide for more information)
• With no rights: the user will not see the database appear in phpMyAdmin

Web application databases

• Refer to this other guide about WordPress.
• Refer to this other guide about Joomla.

This guide explains how to view information about visitors who have accessed your Web Hosting (traffic stats).

Introduction

• The result is presented in a simple format enhanced with graphs, allowing for easy interpretation.
• Annual, monthly, daily, and hourly statistics are displayed by site, HTTP address, referring site, country, etc.
• Refer to this other guide if you are looking for information about access logs.

Accessing visit statistics

To view the traffic statistics:

1. Click here to access the management of your product on the Infomaniak Manager (need help?)
2. Click directly on the name assigned to the product in question.
3. Click on Statistics in the left sidebar.

Then, the top section allows you to select:

• A: the site in question
• B: the type of desired statistics
• C: the period
• D: more details
  

The page accessible under "Details" also allows you to download the statistics to be interpreted by a third-party tool:

Explanations of terms

There is no distinction between humans and robots. You can also use tools like Matomo, Open Web Analytics, Google Analytics, etc.

Meaning of "Commercial (com)" in the list of countries

When you view the statistics under "Geographic Zones", you will notice that "Commercial" represents a significant portion of the traffic. This category includes users connected to the Internet via Internet Service Providers (ISPs) with a .com domain in their address. It is difficult to determine which country or countries are represented by .com because this extension is used by several ISPs from different countries. Moreover, the "Commercial" category may also include businesses using .com addresses regardless of their actual geographic location.

As for the "unresolved" addresses, they correspond to IP addresses that cannot be resolved to a specific geographic location. These addresses may result from various reasons such as ISP privacy settings or virtual private networks (VPN). They therefore remain undetermined in the geographic location statistics.

This guide explains how to add an additional website to an existing Infomaniak hosting plan.

Preamble

• The hosting can be on a shared web hosting plan or on a Cloud Server Infomaniak.
• The additional site can be either:
  • a second domain name (for example, domain2.xyz),
  • or a subdomain (for example, abc.domain.xyz) of a domain name you already own.
• In this multisite/multidomain management (virtual host), the total disk space and resources of your hosting are shared among your sites/subdomains.

Access site management

Prerequisites

• If the 20 website slots included in the web hosting plan are already in use, order additional websites.

To access a web hosting plan and add a site:

1. Click here to access the management of your products in the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the relevant product.
3. Click on the blue Add button:
   
4. Choose the optional content for the new site (A)‍‍ or other specific installation, blank space, advanced technologies (Node.js for example) (B)‍:‍
   
5. Click on Next.
6. Choose the domain type to assign to this new site:
   1. an already acquired domain name
   2. a subdomain created from an already acquired domain name
   3. an available domain name and to order
7. Enter the domain name (domain2.xyz, for example) or the subdomain.
   
8. Choose the optional advanced options, including:
   1. By default, the new site is added to the directory /sites/domain2.xyz on your FTP server.
   2. To manually set a different directory, check Set location manually and specify the path and name.
   3. Create a new folder if necessary:
      
9. Click on Continue.

This guide is for you if you encounter a 500 error that may have various causes generally related to the development of your site on a Web Hosting, particularly with the rewrites in your .htaccess files.

Preamble

• Apache2, in place on the servers, no longer supports certain modules such as mod_auth_anon, mod_auth_dbm, mod_authz_dbm, mod_cern_meta, mod_imap, mod_imagemap, mod_mime_magic
• Apache2 is strict about syntax errors and when it encounters syntax errors in a .htaccess file, this can result in 500 Internal Server Error errors or unexpected URL rewrite errors
   

Examples of syntaxes and correction

In this first example, the syntax error is that the rewrite rule does not specify the HTTP redirection response code to return.

RewriteRule ^articles/([0-9]+)/$ /article.php?id=$1 [L]

The correction adds the directive R=301 to specify that the redirection should return a 301 (permanent) code:

RewriteRule ^articles/([0-9]+)/$ /article.php?id=$1 [L,R=301]

In this second example, the syntax error is that the Options directive does not correctly specify the options to enable or disable.

Options -Indexes FollowSymLinks

The correction adds the sign "+" to specify that FollowSymLinks should be enabled rather than disabled:

Options -Indexes +FollowSymLinks

Fix these errors

• If the first page or another page displays a 500 error, rename the .htaccess file or comment out all lines with # and uncomment line by line until you find the problematic section.
• If the error occurs after a modification made to one of your pages, the simplest solution is to restore the previous version of the file.

This guide explains how to disable or configure HSTS for a website.

Introduction

• When HSTS is enabled for a website, the server instructs the site visitor (if their web browser is compatible) to replace all non-secure links with secure links.
• Example: http://www.exemple.com/une/page/ is automatically replaced by https://www.exemple.com/une/page/.
• After activating an SSL certificate on a website, HSTS is configured as follows: max-age=16000000.

Disabling HSTS...

… with a CMS (WordPress, Joomla, etc.)

Include the following line in all pages generated by the CMS:

header( 'Strict-Transport-Security: max-age=0;' );

For WordPress, it is possible, for example, to add this directive in the functions.php file of your theme:

add_action( 'send_headers', 'add_header_xua' );
function add_header_xua() {
header( 'Strict-Transport-Security: max-age=0;' );
}

More details about WordPress

… with a PHP site

Include the following line in all php pages:

header( 'Strict-Transport-Security: max-age=0;' );

To do this without having to modify each php page of a site, it is possible to use the directive auto_prepend_file in the .user.ini file of the site in question:

auto_prepend_file=/home/clients/xxxx/web/hsts_disable.php

... with the following hsts_disable.php file:

header( 'Strict-Transport-Security: max-age=0;' );

… with a static content (non-PHP) site

Include this header in a .htaccess file:

# BEGIN DISABLE HSTS
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=0; includeSubDomains;"
</IfModule>
# END DISABLE HSTS

Customize HSTS

header( 'Strict-Transport-Security: max-age=X; includeSubdomains; preload' );

includeSubDomains; is enabled by default and, as its name indicates, it will include subdomains in the "Strict Transport Security".

When the visitor goes to an unsecured subdomain, the browser will automatically redirect to HTTPS and cause a security error.

If this behavior is not desired, you need to remove this header.

Clear the browser's HSTS cache…

… on Chrome

1. In Chrome, type chrome://net-internals/#hsts
2. Enter the domain name in the text field of the "Delete domain security policies" section.
3. Click the Delete button.
4. Enter the domain name in the text field of the "Query HSTS" section.
5. Click on the Query button.
6. The response should be "Not found" (not found).

… on Safari

1. With Safari, start by closing the browser.
2. Delete the file ~/Library/Cookies/HSTS.plist.
3. Reopen Safari.

... on Firefox

1. With Firefox, close all tabs.
2. Open the Firefox menu and click on History / View History.
3. Search for the page whose HSTS preferences you want to delete.
4. Right-click on one of the corresponding entries.
5. Choose Forget this site.

This guide explains how to install a free SSL certificate from Let's Encrypt on a website hosted by Infomaniak.

Preamble

• Once the certificate is installed, your website will be accessible in http and https …
  • If necessary automatically redirect all your visitors to the secure https site.
• If you want to include an alias domain recently added to your site that already had a certificate, you need to update it.
• For multiple subdomains, refer to this other guide.
• Let's Encrypt limits certificate installation to:
  • 100 subdomains
  • 20 certificates for 7 days per registered domain
  • 5 failed requests per account per host name per hour

Install a free SSL certificate on a site

Prerequisites

• For the installation to be possible, the DNS of the domain name must be correctly configured to point to the site in question.
• If a change has recently been made at this level, some operations may not be functional immediately.

To access the websites to install an SSL certificate:

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the product in question:
   
3. Click on Configure under SSL Certificate:
   
4. Click the Install certificate button:
   
5. Choose the free certificate.
6. Click on the Next button:
   
7. Check or select the relevant domains.
8. Click on the Install: button:
   
9. Wait until the certificate is obtained on the site.

The BIMI standard (Brand Indicators for Message Identification, brand indicators for message identificationoffers companies the possibility to incorporate their logo into sent emails.

Preamble

• The Infomaniak applications (and other companies around the globe - read the chapter in case of issue below) are compatible with BIMI and will display the logos next to the received emails.
• Infomaniak Mail Services allow you to configure your email with your logo (be sure to read the prerequisites); the benefits are numerous:
  • increased trust: recipients can visually identify your emails, thus reducing the risk of phishing.
  • brand reinforcement: a clearly visible logo in inboxes enhances brand recognition.
  • better deliverability: emails compliant with DMARC have a higher chance of reaching the main inbox.

1. Create a logo

Create a logo in SVG (Scalable Vector Graphics) format. This format is required as it ensures optimal quality regardless of the device or display size.

To be imported into the Infomaniak interface (see below), it must not exceed 10 MB, but it can also be hosted on a publicly accessible secure server and you will simply need to provide its URL for the BIMI DNS record.

2. Obtain the VMC certificate

A verified logo certification (VMC) is required; it certifies that you are the legitimate owner of the logo. You can obtain this certification from recognized certification authorities such as DigiCert and Entrust.

When your VMC certificate is issued, you receive a PEM file containing the entity certificate. This PEM file includes your SVG format logo as well as the VMC.

3. Add the logo to Service Mail

Prerequisites

• All the indicators for Global Security of your Mail Service must be green (SPF + DKIM + DMARC)!

To access the Service Mail and set your company's logo:

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the product in question.
3. Click on Global Security in the left sidebar.
4. Click on the Create button (in the BIMI section):
   
5. Fill in the requested information based on the received documents (see chapter 2 above) and do not forget to save.

In case of trouble

• If the Create button in the BIMI box remains grey, make sure to check the informative messages: DMARC may exist but may not be at the required rejection percentage, so adjust the parameters according to the indications.
• When there are multiple domains linked to the Service Mail, you must ensure that you have a certificate for each linked domain if you want BIMI on them.
• Note that Microsoft Outlook, Apple Mail, Thunderbird, the Mail app from Samsung, among others, have not yet adopted BIMI.

Disable BIMI

To disable BIMI, simply go to the domain name management page linked to the Service Mail and delete the corresponding TXT record.

This guide explains how to order a DNS zone from Infomaniak.

Preamble

• Having the DNS zone at Infomaniak is useful if your domain name is registered elsewhere (third-party provider/registrar) and you want to easily link this domain with Infomaniak products.
• Indeed, it is not enough to have a site domain.xyz at Infomaniak and to indicate the 2 DNS addresses of Infomaniak at the registrar of the domain name (if it is not Infomaniak) for the site to display when you type domain.xyz in a browser.
• You must add a DNS zone in the same place as the hosting to make the site work easily.
• This will also be particularly useful if the provider managing your domain name does not offer DNS zone management.
   

Order a DNS zone

To do this:

1. Click here to access the Shop Infomaniak.
2. Start a search with the name of the domain registered elsewhere.
3. Click on the action menu ⋮ located to the right of the result obtained.
4. Select Order a DNS zone:
   
5. Complete the purchase.
6. Once added to your Manager, the zone can be edited.

This guide explains add a new domain name to a website Infomaniak.

Preamble

• When you add a new domain name to a website, we talk about related area but also of aliases.
• An alias domain in this case is an additional domain name, also linked to an existing site.
  • To make the website domain.xyz be reachable with a whole other domain name like private.abc e.g., add private.abc as the alias of the website.
  • Second example, so that the site domain.xyz can also be reached with www. domain.xyz, it must be added as an alias to the domain domain.xyz In this example, domain.xyz is the parent site of the alias www.domain.xyz In general, the alias www is already added automatically and now...

Add an alias to an existing site

Prerequisites

• If the domain name (intended to become alias) or its DNS area is managed by Infomaniak, everything is OK. If not:
  • Domain name registration A must point to Infomaniak.
  • To simplify, you canentrusting the management of the domain to Infomaniak.
• It is also necessary that the future alias is not already so, in which case it will have to be the disconnect from the current site in advance (i.e. synonym).

To add an additional domain that will be linked to your website:

1. Click here in order to access the management of your product on the Manager Infomaniak (Need help?).
2. Click directly on the nameallocated to the product concerned:
   
3. Then click on the chevron ‍ to develop the game Areas of this site.
4. Click on the button Add Domain:
   
5. Enter the domain name(s) to be added, separating them by the key Enter.
6. If the alias or its DNS area is managed by Infomaniak, it is possible to automatically update DNS entries In the opposite case, make any changes to your registrar or transfer domain name management to Infomaniak.
7. If you have an SSL certificate like Let's Encrypt e.g. you can ask the update here to include the new names.
8. Click on Validate to complete the procedure:
   

To define the alias as the main domain, take note of this other guide.

This guide explains how to redirect to a secure https (SSL) version all visitors to a site on Web Hosting Infomaniak.

Preamble

• This redirection is usually automatic with standard configuration and installation.
• For additional help contact a partner or launch a free tender — also discover the role of the host.

Manual redirection via .htaccess file

Prerequisites

• Have a valid and functional SSL certificate for the Infomaniak website.

Next, modify or add the following 3 lines to the .htaccess file of the relevant website so that all its visitors automatically access its secure https version:

RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule (.*) https://domain.xyz/$1 [R=301,L]

Replace the second line of the code above with RewriteCond %{HTTP:X-Forwarded-Proto} !https if you encounter any issues.

With a CMS

Most web applications like WordPress and Joomla have extensions/plugins that automatically redirect visitors to the secure https version of a site.

WordPress

If you use a content management system (CMS) like WordPress to create your site, we recommend installing an extension to perform this redirection:

1. Back up the site's files and database as a precaution.
2. Install the extension Really Simple SSL or similar from the WordPress console and activate it.
3. The visitors are now automatically redirected to the https version of the site.

Joomla

1. Find the line

   var $live_site ='';

   in the Joomla configuration file (configuration.php) on the server.

2. Replace with

   var $live_site = 'https://www.domain.xyz';

3. Add three lines to your .htaccess file on the server:

   RewriteEngine On
   RewriteCond %{HTTPS} OFF
   RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

4. Open the Joomla administration panel in "System - Configuration".
5. Click on the "Server" tab and under "Force SSL" select "Administration and site".
6. Save and visitors will now be automatically redirected to the https version of the site.

Prestashop

1. Access the general settings in the Prestashop back-office to activate SSL:
   1. < v1.7 click on "Preferences" then on "General"
   2. > v1.7 click on "Shop Parameters" then on "General"
2. Turn on the toggle switch "Enable SSL" to "YES
3. Click on "Save
4. In the same place, turn on the toggle switch "Enable SSL on the entire site" to "YES".
5. Click on "Save".

In the case where a security lock does not appear in the browser or a warning is displayed, you should check the template or modules as sometimes these are not perfectly compatible with SSL. Your Prestashop then loads elements (images, .css or .js files, fonts...) in "http" while these should now be loaded in "https".

Drupal

Read this article (in English) which explains how to switch a Drupal site from http to https.

Alternative solutions

In your .htaccess file, to force the site URL to be https:// but without www:

RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www. [NC]
RewriteRule (.*) https://domain.xyz/$1 [R=301,L]

In the case of a redirection loop, adjust the code above as follows:

RewriteEngine on
RewriteCond %{HTTP:X-Forwarded-Proto} !https [OR]
RewriteCond %{HTTP_HOST} ^www. [NC]
RewriteRule (.*) https://domain.xyz/$1 [R=301,L]

In your .htaccess file, to force redirection with www

with the subdomains:

RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} !^www. [NC]
RewriteRule (.*) https://www.domain.xyz/$1 [R=301,L]

In the case of a redirection loop, adjust the code above as follows:

RewriteEngine on
RewriteCond %{HTTP:X-Forwarded-Proto} !https [OR]
RewriteCond %{HTTP_HOST} !^www. [NC]
RewriteRule (.*) https://www.domain.xyz/$1 [R=301,L]

and without the subdomains:

RewriteEngine on
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^domain.xyz [NC]
RewriteRule (.*) https://www.domain.xyz/$1 [R=301,L]

In the case of a redirection loop, adjust the code above as follows:

RewriteEngine on
RewriteCond %{HTTP:X-Forwarded-Proto} !https [OR]
RewriteCond %{HTTP_HOST} ^domain.xyz [NC]
RewriteRule (.*) https://www.domain.xyz/$1 [R=301,L]

Common errors following an https redirection

To resolve common issues that may arise after redirecting your website to its secure https version, refer to this other guide.