This guide details the ranges of public IP addresses used by Infomaniak; this facilitates, in particular, the configuration of security systems (firewall, filtering, whitelisting).

Preamble

• The addresses are indicated in CIDR format (example: 192.0.2.0/24), which groups several consecutive addresses.
• The format of the listing includes the IP ranges (ranges) used by the following products:
  • kuite: all kSuite products
  • vps: all VPS
  • public-cloud: all Public Cloud
  • all: covers all IP addresses in the Infomaniak network

IPv4 & IPv6 address ranges

The link to the JSON file listing the IPs is:

https://prefixes.infomaniak.com/json

This guide concerns OAuth2 applications to connect to your external services via your Infomaniak login ID.

Manage Infomaniak OAuth2 apps

To do this:

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click the blue button Create a new application:
   
3. Choose the type suitable for your current need and project.
4. Give a name to the application.
5. Enter the URL of the application according to the technical information available to you.
6. Click on the button to create the application:
   
7. Copy the information (Client ID, Client secret) to a safe place - they will no longer be accessible after that:
   

This guide explains how to delete a site from a Web Hosting.

Preamble

• Once removed, the site will no longer appear on the Internet at its previous URL.
• The site quota available on your hosting will regain a free space.

Remove a site from a paid Web Hosting

To access the Web Hostings to remove a site from them:

1. Click here to access the management of your hosting on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the hosting concerned.
3. Click on the action menu ⋮ to the right of the site concerned in the table that appears.
4. Click on Remove the site:
   

Unlink a site from a free Starter hosting

A Starter hosting (basic web page) contains only one site that is specific to the domain name itself, therefore, unlike paid offers, it is not possible to have multisite or remove a site to replace it with another.

You must therefore directly cancel the Starter hosting:

• This will cancel your Starter Web Hosting product only, i.e. the part concerning your website without impacting other products, such as messaging or domain name, for example.
• You will have to confirm the cancellation request by email otherwise no data will be deleted.
• A cancellation confirmation is sent to any other administrators of the Organization.
• Backups will be irrevocably deleted upon cancellation, making any restoration impossible.

To cancel:

1. Click here to access the management of your hosting on the Infomaniak Manager (need help?).
2. Click on the action menu ⋮ located to the right of the hosting concerned.
3. Select the option Cancel:
   
4. Follow the procedure to the end.

This guide explains how to add IP addresses to the whitelist of an Infomaniak website.

Preamble

• Allowing IPs on xmlrpc.php allows access to URLs that are blocked by default, as they are considered risky.
• This type of blocking is effective on all recent servers.
• Regarding WordPress, its XML-RPC feature is only available by default via Infomaniak services and JetPack for security reasons.

Add IP addresses to the xmlrpc.php whitelist

To access website management:

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the product concerned:
3. Click on Manage under Advanced settings:
   
4. Click on the PHP / Apache tab.
5. Complete the line concerned:
   
6. Click on the button at the bottom of the page to save.

This guide introduces Work Teams, a user management system for your Organization, available on the Infomaniak Manager.

Preamble

• To facilitate access and the addition of a collaborator within the Infomaniak ecosystem, the Work Teams feature allows you to create user groups and grant them access to the services they need with just a few clicks.
• A few examples:
  • You create a team for a new department: immediately associate its mailboxes, its kDrive organization folders, and its dedicated kChat discussion channels; each new collaborator added to the team will automatically receive all these accesses.
  • You are a web agency and you want to give your webmaster teams access to all of your web hostings: simply create a new group, choose all the hostings they will need access to, and invite them to the work team.
  • You own a kDrive: authorize access to a folder for a Team and adjust access based on users added to or removed from the team over time.
  • You use Streaming or Ticketing services and want to give your teams access: create a new team that will have access to these two products or two separate teams that will have access to the two products completely independently.
• It is entirely possible:
  • to associate resources (Mail, kDrive, kChat) upon creation of the team to automate onboarding,
  • to adjust individual access levels: for kDrive, individual access takes precedence over team access, while for Mail, access levels are cumulative.
  • to add the same user to multiple teams,
  • to invite external users to your Organization to one of your teams,
  • to add one or more users to a team at once,
  • to designate a team leader to easily identify a project manager or the point of contact.

Manage your teams

Managing teams now allows for complete centralization. No need to intervene in each tool separately: everything is controlled from the Infomaniak Manager for a smooth reorganization of your collaborators. Learn about the guides on this topic:

• Create a team
• Modify a team
• Delete a team

This guide presents the different actions that are possible on a MySQL table depending on the rights granted to a user.

Actions on tables according to user rights…

… on shared web hosting

Read + Write + Admin

GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER, CREATE TEMPORARY TABLES, LOCK TABLES, CREATE VIEW, SHOW VIEW

Read + Write

GRANT SELECT, INSERT, UPDATE, DELETE, CREATE TEMPORARY TABLES, LOCK TABLE

Read

GRANT SELECT

… on Cloud Server

Read + Write + Admin

GRANT ALL

Read + Write

GRANT SELECT, INSERT, UPDATE, DELETE, CREATE TEMPORARY TABLES, LOCK TABLES

Read

GRANT SELECT

This guide will assist you in installing n8n on Infomaniak, a powerful and extensible workflow automation solution.

Preamble

• Unlike tools such as Zapier or Make, n8n, a “fair-code” workflow automation tool, can be self-hosted, allowing you to maintain full control over your data while connecting hundreds of services via an intuitive visual interface.

Installing n8n

Prerequisites

• Have installed a blank Node.js site on Infomaniak Web Hosting or Cloud Server.
• Stop your Node.js application before proceeding with the installation!

To configure your hosting (via the Infomaniak Manager):

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the product in question.
3. Stop the application if necessary, then click on Manage under Advanced Settings:
   
4. Click on the Node.js tab to access the settings.
5. Select a recent version (e.g., 24 or higher).

6. Enter the following command, replacing https://domaine.xyz with the actual address of your site:

   N8N_RELEASE_TYPE="stable" NODE_ENV="production" N8N_EDITOR_BASE_URL="https://domaine.xyz" WEBHOOK_URL="https://domaine.xyz" GENERIC_TIMEZONE="Europe/Zurich" /srv/customer/node_modules/.bin/n8n start

7. Specify 5678 for the listening port.
8. Check the box "Set the build command".

9. Enter the following command:

   cd && npm install n8n@latest sqlite3

10. Click on Save:
    
11. Start the Build step by clicking the Start button under Application Build:
    
12. On the main page, click the Start (or Restart) button:
    
13. Wait a few minutes, then go to your site's URL (e.g., https://domain.xyz).
14. On your first connection, n8n will ask you to create an owner account to secure your instance.

Your n8n instance is now operational! You can start creating your automations.

If you encounter an error indicating that the port is already in use when starting:

1. Temporarily change the Node.js Version in the settings (e.g., switch from v24 to v23) and save. This forces a complete stop of the processes.
2. Set the desired version (v24) and save again.
3. Restart the application.

Update n8n

It is recommended to regularly update your n8n instance to benefit from the latest features and security fixes. Two methods are available to you:

Method 1: via the Infomaniak Manager (Recommended)

To update n8n, simply restart the application build process:

• First, check in the Advanced Settings that your build command uses the @latest tag:

  cd && npm install n8n@latest sqlite3

• Click the Launch button under the Application Build section.
• Important: do not delete the node_modules folder; the system will handle updating the existing packages to their latest version:
  

Method 2: via an SSH connection

If you prefer to use the command line, you can update n8n directly from the Node.js environment:

1. Connect to your server via SSH.

2. Navigate to the application directory and start the update:

   cd /srv/customer
   npm update n8n

3. Once the operation is complete, restart the application from the Infomaniak Manager to apply the changes.

This guide provides suggestions for improvement to reduce the response time of your Infomaniak Web Hosting.

Preamble

• TTFB, or *Time To First Byte*, is a unit of measurement used to evaluate the response speed of a web server.
• TTFB measures the time between an HTTP request from a user or browser and the receipt of the first byte of the page to be viewed.
• This delay is particularly important. It can be part of the SEO criteria taken into account by search engines like Google.

Suggestions for improving TTFB

To speed up the site and achieve a better TTFB value:

• Use a content delivery network (CDN).
• Optimize the site's code.
• Optimize database queries.
• Limit HTTP requests.
• Embed CSS and JavaScript in your HTML pages to avoid calling external resources.
• Use an RFPL (*Response First, Process Later*) caching system.

Refer to the article from Criticalcase (in English) for more information.

Test the server response speed

If you are unsure about the server response speed, you can create an index2.html file that will be saved at the same level as the index.html (or .php) file, and thus perform an optimization test (e.g., domain.xyz/index2.html) without the main site/CMS being taken into account.

If the response time is normal, this means that the slowness comes from the site and not the server.

To go further

Refer to the following resources:

• Google recommendations
• GTmetrix recommendations
• Test the response speed of your site from several countries
• Test the response speed of your site
• Optimize a site

This guide helps resolve an issue with the PrestaShop v9.x CMS regarding PDF invoice generation from the administration panel (Back Office), particularly when the French language is used.

The problem

When attempting to view or download a PDF invoice for an order in French, PrestaShop (version 9.x) returns a 500 Error. This malfunction is due to an incompatibility between the PDF generation library (TCPDF) using the default font (helvetica) and the hosting configurations.

Define a compatible font

The solution is to force the use of the more compatible font freesans via a custom configuration file.

To do this:

1. Access your PrestaShop 9.x installation via FTP or the File Manager.
2. Navigate to the /config/ directory.
3. Create a new file named defines_custom.inc.php.

4. Edit the file defines_custom.inc.php and add the following content:

   <?php
   /**
    * Avoid error PDF, force font 'freesans'.
    */
   define('PDF_FONT_NAME_MAIN', 'freesans');

5. Save the file and test the generation of a French invoice.

This guide explains how to rename a Web hosting present in the Infomaniak Manager within your Organization.

Preamble

• A Web hosting is, schematically, the storage space reserved for hosting one or more of your websites.
• By default, your Infomaniak hosting takes the name of the first site you add to this hosting:
  • You own the domain name "domaine.xyz" and want a site with this domain name…
  • You purchase a Web hosting that will be automatically named "domaine.xyz" even if you later add a second site "toto.com".
• The hosting can be renamed with a more generic name like "My Websites" to better reflect its actual content.
• This renaming is intended to improve the readability/understanding of the products listed in your Manager and has strictly no impact on the addresses of the websites: refer to this other guide to act on the domain name.

Rename a Web hosting

To access the Web hosting to perform the name change:

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the product concerned.
3. Click on the Manage button.
4. Click on Edit the name:
   
5. Enter the desired name.
6. Click on Save.

This guide covers data protection regulations in Switzerland and Europe and the measures taken by Infomaniak to secure your customer data and data within Web Hosting and Mail Services.

Understanding the difference between data security and data confidentiality

Data security aims to prevent any unauthorized access to your information. It relies on measures such as encryption, firewalls, or VPNs. A security breach can have disastrous consequences: imagine a hacker stealing your entire customer database and demanding a ransom to recover it. This type of attack – ransomware – can paralyze a company overnight.

Data confidentiality concerns who can access your information and how it is used. Even if your data is secure against hacking, it can be collected, analyzed, and resold… legally.

Example: you carefully store your customers' information, but unbeknownst to you, a service you use shares – anonymously – this data with third parties. Result? Your competitors can obtain valuable analyses of your market and target your own customers without ever needing to hack.

LPD & GDPR

In Switzerland, the LPD (Federal Data Protection Act) and nLPD (for the "new Law" in effect since September 2023) protect the confidentiality of residents by regulating the collection and processing of personal data by organizations.

On the other hand, the GDPR (General Data Protection Regulation) of the EU, in effect since May 2018, influences global companies processing the data of European residents, including in Switzerland. While the LPD applies to the data of Swiss residents, the GDPR concerns that of EU residents. Swiss companies managing European data must comply with the GDPR requirements, including the designation of a Data Protection Officer and the conduct of Impact Assessments in case of risky processing.

Your role as an Infomaniak Client

Regarding the hosted data that belongs to you — and especially if it contains personal data of your visitors, contacts, or customers — it is your responsibility to ensure its compliance.

When processing this personal data, it is essential to inform users about the purpose and methods of this processing. This is usually done through a privacy policy or a data processing agreement (DPA).

Agreement between data controller and processor

A DPA (Data Processing Agreement), called in German AVV (Auftragsverarbeitungsvertrag), in Italian ATD (Accordo di Trattamento dei Dati) and in Spanish CTA (Contrato de Tratamiento de Datos), translates to Data Processing Agreement or Personal Data Processing Contract.

It is a mandatory contract provided by the GDPR between a data controller and a processor. It defines the purpose, duration, nature of the processing, as well as the obligations and security measures. Its objective is to protect the personal data entrusted to a service provider.

This GDPR certificate (in PDF format) can be generated and downloaded from the Manager (accessible to organization users who are owners or administrators):

1. Click here to access DPA management on the Infomaniak Manager (need help?).
2. Click the Generate button to download the customized PDF document:
   

Here are some tips on this subject:

It is crucial to differentiate between the security of the infrastructures where your data is hosted and the management and implementation of your data on your side. As a host, Infomaniak acts as a subcontractor for your GDPR obligations. In this context, its privacy policies and cookie usage, as well as its terms and conditions, provide the necessary guarantees regarding its compliance as a subcontractor.

Infomaniak's Role

Like companies that work with user data, Infomaniak must comply with the LPD and, because some of its users are European citizens, the GDPR as well:

• the data privacy policy details the data that Infomaniak retains to provide and execute its services
• the policy related to the protection of your personal data describes Infomaniak's commitments as a subcontractor that hosts all of your data, including personal data

This guide details the resource limit errors that can be encountered when managing and visiting a website.

Preamble

• Resource limits are set to maintain the integrity, stability, and performance of the shared server, while ensuring a fair experience for all users.
• If a website or application requires significantly higher resources, it may be necessary to switch to a Cloud Server or another type of virtual hosting where resources are allocated more flexibly.

Error origins

Fatal error: Maximum execution time of 30 seconds exceeded

This error occurs when the server has set an execution time limit for scripts, usually to avoid tasks that take too long. For example, if a script attempts to resize many large images in a single operation, this can exceed the allowed execution time limit. The server imposes this limit to ensure a quick response to user requests. The path often mentioned in the error can indicate a more precise origin (for example Fatal error: Maximum execution time of 30 seconds exceeded in /home/www/1234567abc/web/wp-includes/media.php on line 123)

memory_limit exceeded

This error occurs when the script or application uses more memory than allocated. This can happen when a script processes a large volume of data or when there is a memory leak. For example, an image management script can consume more memory than allowed, resulting in this error.

Resolution tips

A few tips to resolve these errors:

• Check the scripts that make multiple connections to the server to display data.
• Optimize the affected script(s) so that they require fewer resources.
• Increase the limits of the affected site to allow the script to do everything it needs to and/or limit the number of simultaneous connections (especially on a Cloud Server where limits (RAM, execution time, simultaneous connections) can be significantly increased).
• Migrate your hosting to a Cloud Server.

Also refer to this other guide.

This guide helps you diagnose and resolve the error "Your connection is not private" (or NET::ERR_CERT_AUTHORITY_INVALID). This security alert can affect both visitors to a site and its administrators.

Preamble

• This alert is a protection mechanism of your browser. It indicates that a secure connection could not be established with the server for one of the following reasons:
  • The site does not have an SSL/TLS security certificate.
  • The installed certificate is expired or misconfigured.
  • The connection between your device and the server is intercepted or disrupted.
• Warning: On a site displaying this error, the data you enter (passwords, card numbers) are not encrypted and can be intercepted by third parties.

Solutions for visitors

If you encounter this error on a site you do not manage, the problem may sometimes come from your own configuration. Here are the points to check:

• Check the time on your device: If your computer or smartphone is not set to the correct date/time, the certificate validation will systematically fail.
• Test in private browsing: If the error disappears, clear the cache and cookies of your browser.
• Check your network: Avoid public Wi-Fi networks that may force their own login portals.
• Antivirus and Firewall: Some security software analyzes HTTPS connections and can cause false positives.

Solutions for Infomaniak site owners

If you are the site administrator, you must ensure that your SSL certificate is active and valid to cover all of your domain names.

1. Is the SSL certificate installed?

If your site is still in HTTP, you need to generate a certificate (free via Let's Encrypt or paid). Learn about the certificates available at Infomaniak.

Important: If you have added aliases (secondary domain names) to your site after installing SSL, you must update the certificate to include them.

2. Check validity and expiration

At Infomaniak, certificates are renewed automatically, but a technical issue may sometimes occur. To check the status of your certificate:

1. Click here to access the management of your certificates in the Manager (need help?).
2. Check the status and expiration date in the dashboard:
   

3. Force HTTPS and fix "Mixed Content"

If your certificate is valid but the error persists (or the padlock is not green), it is possible that your site is still loading elements (images, scripts) over HTTP. To fix this, refer to this other guide.