This document explains how to manage incoming and outgoing connections between several hosting environments, particularly for accessing databases.

Connecting to databases between hostings

From a shared hosting environment

If you are using a shared hosting (excluding the old v1 - 60 Go formula), you have the possibility to access databases located on:

• another shared hosting environment,
• a hosting based on a Cloud Server.

It is therefore possible to share a database, establish a remote connection, or even configure cross-access between hostings.

From a Cloud Server

With a Cloud Server, it is also possible to connect to databases hosted on another Cloud Server.

• In this case, make sure that port 3306 (TCP protocol) is open for incoming traffic in the firewall.

Note: Connections to databases hosted on a shared hosting are not possible from a Cloud Server.

From another hosting provider

This guide explains how to display absolute paths Infomaniak for certain web applications that need to know them.

Get the absolute path...

... of a web hosting

To do this:

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the product concerned.
3. Then click on the chevron to expand the Information section of this hosting.
4. The highlighted indication below is the location of the example site:
   

... of a website

To do this:

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the product concerned.
3. Then click on the chevron to expand the Information section of this site.
4. The highlighted indication below is the location of the example site:
   

This guide shows you how to modify the error_reporting() directive on your website.

Enable error reporting

Enter the following 2 pieces of information in your .user.ini file:

display_errors=on
error_reporting=E_ALL & ~E_NOTICE & ~E_STRICT

If your browser does not display any errors or warnings, then there are none.

Disable PHP error display

For WordPress, edit the wp-config.php file and replace the line:

define('WP_DEBUG', false);

with:

ini_set('display_errors','Off');
ini_set('error_reporting', E_ALL );
define('WP_DEBUG', false);
define('WP_DEBUG_DISPLAY', false);

Otherwise, you can add the following code to the .user.ini file:

display_errors=off

This guide helps you download all the data related to your website hosted by Infomaniak.

Preamble

• Automatic backups are performed daily on Infomaniak installations.
• However, you can download a clean and personal version of your website to secure it on your local installation, USB key, .zip archive on kDrive, etc.
• To download a site created with WordPress, refer to this other guide specific to 2 extensions allowing for local backup of information.
• With the exception of Site Creator, the data of a website hosted by Infomaniak are accessible and visible on the server via an FTP connection (which means that to create a backup of the data, you simply need to download the content of the parent folder on the server).
• All that will remain is to add a backup of the database of the site (which contains information that is not listed in the files accessible via FTP).

Site Location

When you arrive in the folder tree on the server, it will not always be easy to know where to go to download the information related to the site you are interested in.

Start by noting the exact location of the site you want to download, by going to manager.infomaniak.com on the site's dashboard within your Web Hosting:

The highlighted indication above is the location of the example site. Check yours!

Connecting to the server

To access the server, you need to use an FTP software/client or the quick Web FTP access which is suitable in most cases:

Site Download

When you arrive on the Web FTP, you need to go to the location noted in the first chapter above, and click on the download icon to the right of the folder corresponding to your site:

 

The download starts and you obtain a .zip archive with all the files making up your website (except for files beginning with a "." like .htaccess).

Downloading the database

In most cases, your site uses a database to function. You should therefore download it as well.

To do this:

1. Click on Databases in the left sidebar.
2. Click on the action menu ⋮ located to the right of your database name (if you are not sure which one to take, repeat the operation for each of them).
3. Click on Download:
   

You will need to confirm the download (or export) of the most recent correct file in the next step to obtain a .sql.gz file that corresponds to all the tables in your database, which you should keep safely. The download link is sent by email.

This guide provides information about the robots.txt file created by default for web hosting where this file is missing.

Preamble

• The robots.txt file acts as a guide for search engine crawler robots
• It is placed at the root of a website and contains specific instructions for these robots, indicating which directories or pages they are allowed to explore and which they should ignore
• However, note that robots may choose to ignore these directives, making the robots.txt a voluntary guide rather than a strict rule

File Content

If the robots.txt file is missing from an Infomaniak site, a file of the same name is automatically generated with the following directives:

User-agent: *
Crawl-delay: 10

These directives tell the robots to space out their requests by 10 seconds, which prevents unnecessarily overloading the servers.

Bypassing the Default robots.txt

It is possible to bypass the robots.txt by following these steps:

1. Create an empty robots.txt file (it will only serve as a placeholder so that the rules do not apply).
2. Manage the redirection of the URI (Uniform Resource Identifier) robots.txt to the file of your choice using a .htaccess file.

Example

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_URI} /robots.txt$
RewriteRule ^robots\.txt$ index.php [QSA,L]
</IfModule>

Explanations

• The mod_rewrite module of Apache is enabled to allow redirections.
• The condition RewriteCond %{REQUEST_URI} /robots.txt$ checks if the request concerns the robots.txt file.
• The rule RewriteRule ^robots\.txt$ index.php [QSA,L] redirects all requests to robots.txt to index.php, with the [QSA] option that preserves the query parameters.

It is recommended to place these instructions at the beginning of the .htaccess file.

This guide details the "X-Frame-Options" header, which can be used to protect against clickjacking. Note that the "X-Frame-Options" header may not be supported by all web browsers. It is therefore recommended to combine it with other methods to enhance the security of your website.

Possible values for the header

‍The "X-Frame-Options" header can be set to prevent a website from being loaded in a frame or iframe. There are three possible values for this header:

The module Apache "mod_rewrite" is enabled by default.

However, it is only supported at Infomaniak via a .htaccess file; in addition, care must be taken to ensure that the path regular expressions do not start with "/".

Regarding the virtual host (vhost), Infomaniak does not provide access to its configuration and makes no modifications.

This guide concerns IonCube Loader, a PHP module that allows decoding of PHP scripts that have been encoded with IonCube Encoder.

Preamble

• IonCube encoding is used to protect the source code of an application and prevent its modification or illegal distribution.
• By using IonCube Loader, website owners can ensure the security of their code and content while allowing secure and easy distribution of their applications.

Using ionCube Loader

With shared hosting it is no longer offered. You can check this from the dashboard:

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the product concerned:
3. Click on Manage under Advanced settings:
   
4. Click on the PHP Extensions tab.
5. Click on ionCube Loader (if present in the list) to view the details:
   
   • Here, you will need to consider a Cloud Server.

This guide details the software libraries that allow you to manipulate the PDF format and are compatible with the various Infomaniak web hosting offers.

Preamble

• PHP PDF extensions allow, among other things, generating a PDF from dynamic data to create customized invoices, for example.

PDF and Cloud Server

On a Cloud Server, you can install apps like PDFtk …

• The PHP class FPDF is supported.
• PDFlib from the publisher Apryse is no longer offered on the most recent Cloud Servers because the PHP_PDF extension has become paid. If you obtain it, you will need to install it on Cloud VPS / Lite VPS or Public Cloud.
   

On shared hosting, ImageMagick is active and supports the EPDF, PDF and PDFA formats.

This guide covers the configuration and management of ModSecurity on Infomaniak servers. By understanding its limitations, restrictions, and effectively managing errors, you can optimize the security of your site while maintaining its functionality.

Default configuration

ModSecurity (mod_secure) is available and enabled by default on Infomaniak servers. This means that all HTTP requests will be subject to the security rules defined by ModSecurity.

It is not possible to disable ModSecurity on Infomaniak servers. The setting is global to the server where your site is hosted, which means that all defined security rules will be applied to your site.

Error management

If the error message ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. (...) appears regarding ModSecurity, you should check that a default language is correctly configured in your web browser. This error can sometimes be caused by incorrectly configured language settings in the browser.

This guide explains how to uninstall an SSL Certificate regardless of its type, initially installed from the Infomaniak Manager. If your certificate is of the paid type and you wish to cancel the current offer instead, refer to this other guide.

Remove an SSL Certificate

To uninstall an Infomaniak certificate:

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the product concerned:
   
3. Click on the action menu ⋮ located to the right of the item concerned.
4. Click on Uninstall:
   
5. Confirm the uninstallation of the certificate.

This guide explains how to delete a site from a Web Hosting.

Introduction

• Once removed, the site will no longer appear on the Internet at its previous URL.
• The quota of sites available on your hosting will regain a free slot.

Removing a site from a paid Web Hosting

To access Web Hosting to remove a site:

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the relevant product.
3. Click on the action menu ⋮ to the right of the relevant item in the displayed table.
4. Click on Remove the site:
   

Unlinking a site from a free Starter hosting

A Starter hosting (basic web page) contains only one site that is specific to the domain name itself. Therefore, unlike paid offers, it is not possible to have multiple sites or remove one site to add another.

You can however follow the procedure above and a warning will offer you the termination of your Starter hosting:

You can also directly cancel the Starter hosting:

• This will only terminate your Starter Web hosting product, meaning the part concerning your website without affecting other products, email or domain name for example.
• You will need to confirm the cancellation request by email, otherwise no data will be deleted.
• A cancellation confirmation is sent to any other administrators of the Organization.
• Backups will be permanently deleted upon cancellation, making any restoration impossible.

To cancel:

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click on the action menu ⋮ located to the right of the relevant item.
3. Select the Terminate option:
   
4. Follow the procedure to the end.

This guide details the features available for managing relational databases on Infomaniak hosting.

Use of Views, Triggers, Stored Procedures, and Routines

Regarding the management of relational databases, the view functionality ("views") is available by default, allowing users to create views to simplify data management and presentation.

However, some advanced features that allow for more precise and complex data manipulation, such as…

• “triggers (triggers)
• stored procedures ("stored procedures")
• routines
• and the creation of functions

… are only available on Managed Cloud Servers.

This restriction is mainly due to potential risks to the stability of the infrastructure. Poor configuration or excessive use of these features could create infinite loops or significant overloads, affecting not only the performance of the affected server but also the experience of all clients hosted on the same infrastructure.

Resolving a MySQL/MariaDB dump import issue

When exporting and then re-importing a MySQL or MariaDB database via the Infomaniak hosting interface, it may happen that the operation fails due to errors related to the DEFINER of triggers or views. This occurs when the database objects were created with a specific user (called definer) who no longer exists at the time of import.

Concretely, the export and import process uses a temporary user, used only during these operations. After this user is deleted, the views or triggers defined with this account as DEFINER become invalid, causing errors of the type:

General error: 1449 The user specified as a definer ('xxxx_temp_1'@'%') does not exist

To avoid this problem, it is possible to correct the backup file (dump.sql or dump.sql.gz) before importing it by replacing the definer definitions with CURRENT_USER. This automatically attaches the triggers and views to the current user at the time of import.

Here is an example of a command to modify the dump before import:

sed -E 's/DEFINER=`[^`][^`]*`@`[^`][^`][^`]*`/DEFINER=CURRENT_USER/g' dump.sql > dump-corrected.sql

Once this replacement is done, the corrected file can be imported normally via the Infomaniak Manager. This behavior is known and related to the operation of temporary users during dump/restore. No changes to the export/import process are planned in the short term, but the subject remains under evaluation on the infrastructure side.

For more information about the CURRENT_USER variable, refer to the official documentation of:

• MySQL
• MariaDB

This guide details the file transfer protocols accepted on the Web Hosting and Cloud Server Infomaniak when connecting to ProFTPD servers.

Preamble

• With a Starter hosting (basic web page), only an FTP connection on port 21 (without SSL/TLS) is possible.
• When creating a website via Apache / PHP hosting, file access is possible through various protocols (FTP, SFTP, SSH).
• With a Node.js site, only SSH / SFTP are possible to access your environment.

FTP (File Transfer Protocol)

FTP connections in "active" and "passive" modes are supported (alternate between the two to try to resolve any potential issues).

Infomaniak opens passive ports on its side [PassivePorts 42000 44000] but only for connections to **its** FTP server. Passive FTP mode involves the use of remote ports defined by the remote server, as well as local ports that may vary depending on the FTP software/client used.

The passive mode is primarily useful when the FTP software/client is behind a firewall or a NAT router that blocks active FTP connections. However, active FTP connections are allowed within the Infomaniak infrastructure, which means that resorting to passive mode is generally not necessary.

As for PHP, it is not possible, by default, to manage this configuration in a centralized manner. Therefore, it is not feasible for Infomaniak to open all ports to support all remote configurations, as this would be neither practical nor secure.

Overall, the infrastructure does not fully support outgoing passive mode FTP connections. For a smoother file transfer experience, it is recommended to use active mode FTP or explore more modern technologies such as SFTP (read below).

SFTP (SSH File Transfer Protocol)

Creating SFTP connections ensures high security for file transfers. Make sure you have enabled SSH on your SFTP software/client and use port 22 for the connection: sftp://*****.

FTPES (FTP secure with TLS/SSL)

Use FTPES for secure file transfers with port 21 and SSL/TLS encryption. With the Filezilla software, for example, select "Explicit FTP over TLS" to configure your FTPES software/client: ftpes://*****.

FTP access

Access to the FTPaccess configuration is available.

What is not supported

Public/Anonymous User

It is not allowed to connect as a public or anonymous user. You must have a valid user account to access your hosting space.

FTPs (secure FTP on a custom port)

The FTPs protocol is not supported, which means that port 2121 is not open for this type of connection.

This guide explains how to block access to certain directories of a Web Hosting for certain visitors / robots / crawlers by filtering and blocking their IP addresses or hostnames.

Setting up .htaccess rules

Create a .htaccess document at the root of your site and enter the rules intended to block certain IP addresses or bots.

To block visitors based for example on the beginning of their IP address, use the directive "deny from":

Order Deny,Allow
Deny from 123.456.
Allow from all

This means that all requests from an IP address starting with "123.456." will be denied, while all other requests will be allowed. Blocked users will receive an HTTP 403 Forbidden error message.

Block a specific IP address

Order Allow,Deny
Deny from 123.456.789
Allow from all

This means that a single IP address, 123.456.789, is blocked and all other IP addresses can access the site.

Block multiple IP addresses

Order Allow,Deny
Deny from 123.456.789
Deny from 987.654.321
Allow from all

This means that two IP addresses, 123.456.789 and 987.654.321, are blocked and all other IP addresses can access the site.

Block a bot by its user-agent

SetEnvIfNoCase User-Agent "BadBot" BadBot
Order Allow,Deny
Deny from env=BadBot
Allow from all

This means that any bot identified with a user-agent "BadBot" will be blocked and all other users can access the site.

Block access to a specific folder

Order Allow,Deny
Deny from all

This means that all accesses to the folder "/folder" will be blocked, regardless of the IP address or user-agent. An assistant for a similar feature is available in your Infomaniak Manager.

mod_rewrite directives

You can also use the mod_rewrite directive to block certain IP addresses or bots in a .htaccess file.

Here are a few examples:

Block a specific IP address

RewriteEngine on
RewriteCond %{REMOTE_ADDR} ^123\.456\.789\.
RewriteRule ^(.*)$ - [F,L]

This means that a single IP address, 123.456.789, is blocked and all other IP addresses can access the site.

Block multiple IP addresses

RewriteEngine on
RewriteCond %{REMOTE_ADDR} ^123\.456\.789\. [OR]
RewriteCond %{REMOTE_ADDR} ^987\.654\.321\.
RewriteRule ^(.*)$ - [F,L]

This means that two IP addresses, 123.456.789 and 987.654.321, are blocked and all other IP addresses can access the site.

Block a bot by its user-agent

RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} BadBot [NC]
RewriteRule ^(.*)$ - [F,L]

This means that any bot identified with a user-agent "BadBot" will be blocked and all other users can access the site. This can be useful to prevent unwanted robots from accessing certain pages or from consuming resources unnecessarily.

Block access to a specific folder

RewriteEngine on
RewriteRule ^dossier/secret - [F,L]

This means that all accesses to the folder "/folder/secret" will be blocked, regardless of the IP address or user-agent.

Block and redirect elsewhere

RewriteEngine On
RewriteCond %{REMOTE_ADDR} ^123\.456\.789\.
RewriteRule ^(.*)$ http://www.domain.xyz/blocked.html [L,R=301]

This means that all requests from the IP address 123.456.789 will be redirected to the page "blocked.html" on the site "www.domain.xyz". The last part of the line RewriteRule, [L,R=301] indicates that the redirection is permanent (R=301) and that this is the last rule to be applied (L).

You can add multiple conditions RewriteCond to block different IP addresses and redirect to different pages.

Also refer to this other guide.

This guide explains how to install ownCloud (or Nextcloud which is an improved version of Owncloud) in a few clicks on the Web Hosting paid offers.

Preamble

• A cloud system (storage, synchronization, and file sharing) also exists independently of your hosting products: kDrive Infomaniak
• OwnCloud is part of the applications (not developed by Infomaniak) and allows the implementation of a file storage & sharing system within a "cloud" that you fully control (user management, permissions, quotas, associated mobile applications, etc.).
• Unlike other hosts, Infomaniak allows the use of ownCloud on its hosting:
  • Personal use is allowed on shared web hosting.
  • For intensive and professional use, it is recommended to opt for a Cloud Server to install ownCloud or Nextcloud.

Install ownCloud

Prerequisites

• Have a Infomaniak Web Hosting (order if necessary).
• Add a blank website to the Infomaniak hosting.
• Upgrade the Databases section if necessary (especially for Nextcloud)

To access Web Hosting and install an application:

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the relevant product.
3. Click on the Add an app button:
   
4. Choose the desired application (if necessary, filter and search).
5. Click on Select:
   
6. Click at the bottom of the page on Next.
7. Leave the default location or choose to install the app in a new folder that you can create using an icon visible to the right of point 8 in the image.
8. Optionally, choose to install an earlier version if necessary.
9. Click on the Next button:
   
10. Set the username and password.
11. Specify certain advanced settings if necessary (backup type, among others).
12. Review and accept the terms of use of the selected app.
13. Click on the Next button:
    
14. Confirm the installation of the application in the next step and wait:
    
    • Take note of any error message on the screen if, for example, the chosen installation folder is not empty or if the PHP version of the site on which you are attempting the installation is not compatible.

This guide explains why an FTP account (and most of the time Web Hosting as well) can suddenly become blocked.

Preamble

• Infomaniak uses an antivirus solution on all shared servers to combat the sending of viruses via FTP and scripts.
• The antivirus allows to detect:
  • possible FTP account hacks
  • the voluntary or involuntary sending of files (WordPress themes, fraudulent modules, etc.) containing malicious code lines or inclusions

Malicious file detection

The antivirus scans all files sent under 1 MB to prevent any upload of viruses/spam scripts/etc.

In case of detection of a suspicious element, the password of the FTP account is automatically changed and the incriminated files on the server are locked (FTPban).

The FTP server then sends a message to the FTP client of the type

550 Virus Detected and Removed: botnet.infomaniak.5.UNOFFICIAL

or

550 Virus Detected and Removed: winnow.botnet.ff.trojans.15900.UNOFFICIAL

What to do if the account is blocked?

If your FTP account is suddenly blocked, you will receive an email; follow the procedure indicated therein to unlock the situation. In particular:

• Clean your site and analyze what you intended to upload to the server.
• Check if the web applications and CMS you are using are up-to-date:
  • The cause of most hacks comes from a security deficiency in outdated web applications or weak passwords.

Solve the problem definitively

To prevent your site from being hacked and blocked again, perform the following actions:

• Update the web applications (WordPress, Joomla, etc.) and the extensions used.
• Delete unused web applications.
• Change the password for all your FTP accounts.
• Change the passwords to access the web applications (WordPress, Joomla, etc.).
• Change the password for MySQL database users.
• Delete the users of the MySQL databases that you do not use.
• Use a different, complex password each time, with a minimum of 8 characters.
• Run a manual antivirus scan on your hosting.
• Install and use an up-to-date antivirus (regardless of the operating system).
• Refer to this other guide if you are looking for information on monitoring and resolving vulnerabilities in hosted scripts.

This guide presents the DNS Diagnostic tool, which allows you to check that the relationships between…

• DOMAIN NAME at Infomaniak
  
  and
   
• WEB HOSTING at Infomaniak

… are correct, so that Web traffic goes to the right place.

Introduction

• To check, the tool verifies the A, CNAME records, etc.
• You will thus be able to detect and correct certain web issues, especially if they are related to DNS (technical information that, broadly speaking, determines where such and such web traffic should be directed) by acting at the level of your domain.
• Automatic correction is only possible when the domain name is present in the same Organization as the product to which it must be attached.
  • If this is not the case, then the correction will need to be done manually.

Diagnose a DNS issue

To access the DNS diagnostic for your domain name:

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the product in question.
3. Click on Web in the left sidebar.
4. Click on DNS Diagnostic in the left sidebar:
   
   • If DNS issues are detected, a red display on the table indicates this:
     1. Correct each error individually by clicking on the action menu ⋮ located to the right of the concerned element…
     2. … or all errors at once…
     3. … or, if necessary and you are sure, ignore these warnings.

Refer to this other guide regarding the same automatic verification process but for Mail Services.

This guide explains how to enable the following functions on Web Hosting (in italics, Cloud Server only):

• proc_open
• popen
• exec()
• shell_exec()
• set_time_limit
• passthru
• system

Enable PHP functions

To access website management:

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the product concerned:
3. Click on Manage under Advanced Settings:
   
4. Click on the PHP / Apache tab.
5. Click on the toggle switches On/Off as desired:
   
6. Click on the Save button at the bottom of the page to validate the changes.

This guide details the error "Database connection error: could not connect to mysql" that may occur when making changes around an Infomaniak hosting on which the Web app Joomla is installed.

Preamble

• To get the site working again, you need to check and update some information in the Joomla configuration.php file:
  1. The name of the MySQL database — this is often a prefix that has been added before the existing database name and the username (for example bddname before, abcd_bddname after).
  2. The MySQL database host server (for example mysql.domain.xyz before, abcd.myd.infomaniak.com after).
  3. The username that accesses the MySQL database (for example userbdd before, abcd_userbdd after).
  4. The path of two directories /tmp and /logs:
     

Obtain updated information

For points 1, 2 and 3 of the preamble above:

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the product in question.
3. Click on Database in the left sidebar.
4. Find and keep your current MySQL information (need help?).

For point 4 of the preamble above:

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the product in question.
3. Click on Manage under Advanced settings:
   
4. Under the PHP | Apache tab, under PHP Information click on Show Information.
5. At the line _SERVER['DOCUMENT_ROOT'] copy the path to the right:
   

Modify the Joomla configuration.php file

Prerequisites

• Create an FTP account (need help?).
• Connect via FTP (need help?).

Then edit the configuration.php file which is in the root folder of your Joomla:

1. Find the relevant paragraph and update the 4 pieces of information in the preamble above.
2. Also replace the old path (including "www") with the new path:
    
3. Save the file; your Joomla will now connect to the correct database.

Check the changes made

On the Joomla interface, it is possible to check the paths of the /logs and /tmp folders:

• For the /logs folder: go to System / Configuration then System
• For the /tmp folder: go to System / Configuration then Server