This guide explains how to obtain one or more Infomaniak invoices before and after payment, view, download, and print all or part of the billing document history for your accounting.

Prerequisites

• Be Administrator or Legal Representative within the Organization…
  • … or a simple user account but with the permission to manage accounting activated:
    

Access invoice history

To go to the billing documents page:

• Click here to access the invoice history on the Infomaniak Manager:
  
• The table automatically displays the most recent billing documents.
• The top section allows you to filter documents based on the status Paid, Refunded, etc. and based on the desired period (start and end calendar):
  

Export one of the billing documents

To view one of these documents in PDF format and then obtain it on your device:

1. On the same page, click on the relevant invoice in the displayed table:
   
2. Click on the Download button or the dropdown arrow ‍ for other options:
   

Export a set of billing documents

To download a set of documents in a CSV file in .csv format or receive them by email:

1. On the same page, filter the documents based on the status Paid, Refunded, etc. and based on the period desired (start and end calendar).
2. Click on the button at the bottom according to the desired type of export:
   

Receive the (next) PDF invoice by email

For the invoice to always be attached in PDF format with each renewal email:

1. Click here to access the configuration / accounting page on the Infomaniak Manager (need help?).
   1. Access requires authentication with a user who has sufficient rights.
2. On this page, enable or disable the addition of PDF invoices:
   

Your preferences are automatically saved as soon as a change is made on the page.

Print a Pro Forma invoice

Pro Forma invoices have no legal, judicial, tax or accounting value:

1. Click here to access payment management on the Infomaniak Manager.
2. Select the products concerned.
3. Click on Generate a Pro Forma invoice at the bottom of the table
   ‍
4. Once displayed, it is then possible to download the Pro Forma invoice.

This guide explains how to easily set up a redirection of your domain name managed by Infomaniak.

Preamble

• A Web redirection allows you to redirect a domain name or subdomain to the Internet address of your choice.
• This procedure is only valid if the DNS of the domain is managed by Infomaniak and if Custom Brand is not activated.
  • Any addition/modification may take up to 48 hours to propagate.
• If necessary, create a redirection of your domain with and without the www (domain.xyz and www.domain.xyz).

Redirect a domain to the URL of your choice

To do this:

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the product concerned.
3. Click on Web Redirections in the left sidebar.
4. Click on the Add a redirection button:
   
5. Enter the destination address (under To).
6. Choose between a 301 or 302 type redirection.
7. The advanced options allow you to specify a redirection in the form of an iframe (invisible, but not recommended).
8. Click on the button to Confirm:
   

This guide explains how to display the absolute paths for certain web applications that need to know them.

Get the absolute path…

… of a web hosting

To do this:

1. Click here to access the management of your hosting on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the hosting in question.
3. Then click on the chevron ‍ to expand the Information section of this hosting.
4. The highlighted indication below is the location of the example site:
   

… of a website

To do this:

1. Click here to access the management of your site on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the site in question.
3. Then click on the chevron ‍ to expand the Information section of this site.
4. The highlighted indication below is the location of the example site:
   

To help you identify the kSuite offer that best suits your needs, refer to this other guide.

It is of course possible to subscribe to an Infomaniak Web Hosting from the same user account and/or the same Organization and to build your website with the tool of your choice such as WordPress or Site Creator.

To help you identify the hosting offer that best suits your needs, refer to this other guide.

This guide explains how to generate a certificate signing request (CSR) for a domain name and all its subdomains with a Web Hosting (excluding free hosting of type Starter).

Setting up a Wildcard Certificate

1. Add a domain alias with an asterisk *

To add an alias of type * to your website:

1. Click here to access the management of your site on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the site concerned:
   
3. Click on the chevron ‍ to expand the Domains section of this site.
4. Click on the Add a domain button:
   
5. Enter the domain name to add in this format:
   • *.domain.xyz (the asterisk is mandatory, followed by a dot, then the domain name of the website which is domain.xyz in this example)
6. Click on the Confirm button to complete the procedure:
   

2. Install or update an SSL certificate

Example of updating the existing certificate to include the wildcard subdomain *:

1. Click here to access the management of your site on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the site concerned.
3. Click on SSL Certificate in the left sidebar.
4. Click on the action menu ⋮ located on the right.
5. Click on Update Certificate:
   
6. Make sure the recently added subdomain is selected.
7. Click on the Install button at the bottom:
   
8. Please wait while the creation or update is in progress.

This guide covers the configuration and management of ModSecurity on Infomaniak servers. By understanding its limitations, restrictions, and effectively managing errors, you can optimize the security of your site while maintaining its functionality.

Default configuration

ModSecurity (mod_secure) is available and enabled by default on Infomaniak servers. This means that all HTTP requests will be subject to the security rules defined by ModSecurity.

It is not possible to disable ModSecurity on Infomaniak servers. The setting is global to the server where your site is hosted, which means that all defined security rules will be applied to your site.

Error management

If the error message ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. (...) appears regarding ModSecurity, you should check that a default language is correctly configured in your web browser. This error can sometimes be caused by incorrectly configured language settings in the browser.

Thank you for trusting Infomaniak with the hosting of your WordPress site.

Preamble

• As a reminder, the WordPress site creation tool can be:
  1. hosted by the WordPress.com infrastructure (paid) and in this case Infomaniak is not involved in the hosting
  2. installed freely but manually by the user thanks to the archive offered by WordPress.org, Infomaniak is then the web host but does not manage any updates and does not list the application in the Web Applications section of the Infomaniak Manager; you will be in this case if you migrate an external WordPress to Infomaniak
  3. installed automatically by the tool available on the Manager and in this case WordPress is maintained (in terms of security) largely by Infomaniak
• This third and final point is developed in this guide.
• The Infomaniak installer automates the installation and security updates of WordPress ...
  • If you encounter a problem with third-party software, contact its publisher or a Partner and consult the support policy as well as article 11.9 of the Infomaniak Terms of Service.

Install WordPress & Apps

Infomaniak simplifies the installation of the WordPress application (and other applications as well):

• Quickly install WordPress with the Infomaniak installer
• Access the WordPress management interface

Use WordPress

Although WordPress is one of the easiest CMS to use, it is necessary to get used to it. To help you with this process, here are external resources in several different languages to get started with WordPress:

• Essential basics to know to get started with WordPress
• WordPress francophone community help forum
• FAQ about backups/restorations
• Use an ElegantThemes theme or extension
• Free WordPress training provided by the site progresser-en-informatique.com. If you want to get to the essentials, focus on the following modules:
  • Understanding the administration interface
  • How to properly configure WordPress
  • Add content to your website

This guide explains what a Web host like Infomaniak is, and specifies its role, its scope of action, and the limits of its technical support.

Infomaniak, web host since 1996

According to Wikipedia, a Web host is a company that provides Internet hosting for computer systems to individuals or entities who do not wish to do so themselves.

Infomaniak, that’s also:

• … decades of experience in hosting and high-performance online solutions.
• … more than a million users in Switzerland and Europe trusting the management of their critical data.
• … a company certified ISO 27001, 9001, 14001, 50001 and committed to sustainable digital technology.
• … 100% of "Swiss made" technological expertise with data hosted in Switzerland in its own data centers.
• … a rich knowledge base and customer support available to guide you.

Responsibilities and limits of intervention

As a host, Infomaniak installs, secures, and keeps the server infrastructure up to date, evolves its management interfaces (Manager) and assists its customers in the optimal use of the tools provided. Infomaniak strives to offer solutions accessible to all; however, human support for free products is inherently limited to ensure the sustainability of these services.

Support is exclusively for Organization administrators. End customers or users benefiting from a contract via a Reseller Partner must contact their administrator or dedicated service provider first.

Scope of technical support

Technical assistance does not intervene for:

• Development and programming: debugging sites, correcting source code, personal scripts (PHP, JS, etc.)
• The use and integration of APIs.
• Application maintenance and webmastering: troubleshooting, updating, or managing content for third-party applications (e.g., CMS like WordPress, email clients like Outlook, etc.).
• Local and custom interventions: remote control, configuration of your own hardware, complex manual installations or migrations.

But support will be happy to assist you for:

• The infrastructure and the Manager: resolution of incidents related to the network, hardware, or Infomaniak management interfaces.
• The use of Infomaniak services: clarification of configuration processes and assistance in getting started with our native features.
• Documentation guidance: guiding you to the appropriate technical resources and guides to make you self-sufficient.

A Premium assistance and a migration service are available for more specific needs.

Find external help

For help with the content of your site, its programming, or the advanced organization of your mailboxes, use the Infomaniak tender platform which lists over 1000 verified professionals, or consult the directory.

This guide explains how to modify the PHP version used in the command line (PHP CLI) on an Infomaniak Web Hosting.

Preamble

• Useful for configuring a specific script or PHP command line (CLI) session.
• To modify the PHP version of the Web server (FPM/Apache) via the Manager, refer to this other guide.

Default PHP CLI version

The php command uses the default server version. Check the active version with this command:

# Check current PHP version
php -v

For the stability of your scripts, use an explicit path (e.g., php8.2) or modify your PATH variable.

Modify the PHP version in CLI

You can configure the PHP version automatically loaded in your SSH session via two main files.

1. Using .bashrc (Recommended)

The ~/.bashrc file is read when opening an interactive shell.

1. Open the file (or create it if it does not exist):

   touch ~/.bashrc
   nano ~/.bashrc

2. Add this line to define the desired version (example with PHP 8.3):

   export PATH="/opt/php8.3/bin:$PATH"

3. Refresh the configuration:

   source ~/.bashrc

4. Check the change:

   php -v
   which php

2. Using .profile (Alternative)

The ~/.profile file is read upon SSH connection (login mode).

1. Modify the file:

   nano ~/.profile

2. Add the export line:

   export PATH="/opt/php8.3/bin:$PATH"

3. Load .bashrc systematically

To apply the configuration to all types of sessions, add this code to your ~/.bash_profile or ~/.profile files:

# Load .bashrc if it exists
if [ -f ~/.bashrc ]; then . ~/.bashrc; fi

Run a specific version temporarily

To run a script with a specific version without changing your global environment, call the binary directly:

# Execute with a specific version
/opt/php8.2/bin/php my_script.php
/opt/php8.3/bin/php -v

Once these steps are completed, your SSH sessions and CLI scripts will use the selected PHP version by default.

This guide explains how to convert a free Web Starter offer to a more comprehensive and enhanced paid offer, such as Shared Web Hosting or Web Hosting on a Cloud Server.

Preamble

• By purchasing a domain name from Infomaniak, you can add 1 free email address and a basic 10 MB Web space.
• In a few clicks, it is possible to upgrade this offer to benefit from an enhanced experience.

Modify the Starter Offer - Basic Web Page

To upgrade this free offer:

1. Click here to access the management of your hosting on the Infomaniak Manager (need help?).
2. Click on the action menu ⋮ located to the right of the item concerned.
3. Click on Modify the Offer:
   
4. Follow the wizard to choose the new type of hosting, pay to complete the offer change.

This guide explains how to create a homepage on your Infomaniak website using the welcome page creation tool, a simplified aid for quickly and easily creating content. To create a more comprehensive site, there is Site Creator.

Prerequisites

• Have a website on Infomaniak hosting (even a simple Starter, the basic web page to activate if necessary).

Create a welcome page on an Infomaniak site

To access the simple creation tool:

1. Click here to access the management of your site on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the site in question.
3. Click on Page and Maintenance in the left sidebar:
   
4. Check or select the domain name of the site on which you want to install the web page.
5. Click on Create a homepage or Customize:
   

You can then choose a theme, define the text visible to your visitors, insert an image into the body of the page, manage the SEO content of your page, add a background image, specify social network usernames if necessary, etc. and all of this can be modified at any time.

Click on the blue button at the bottom of the page to save and publish your changes.

Note that the tool can be used in conjunction with FTP management of your web hosting if necessary.

Disable and delete the welcome page

To delete the homepage that has been automatically placed at the root of your website's directory:

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the product in question.
3. Click on Page and Maintenance in the left sidebar.

You can delete the welcome page using the trash can icon; this will permanently delete the content of the welcome page!

This guide explains how to access the configuration of an Infomaniak website to display technical information such as the PHP, Apache version, or the activated PHP extensions and modules.

View the website's technical information

To access the website management:

1. Click here to access your website management on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the site concerned:
   
3. Click on the Manage button under Advanced settings:
   
4. Take note of the website information under the General, PHP / Apache and PHP Extensions tabs.
5. Click on Databases in the left sidebar to get the MySQL version of the web hosting:
   

This guide explains how to run the open source dependency manager Composer 2 using an SSH command.

Preamble

• Composer is an open source dependency manager for PHP that allows you to define, install, and update the libraries required for a PHP project.
• Composer 1 has been obsolete since 2021 and will no longer allow the installation of new packages or updates as of 2025.
• Only version 2 of Composer is now supported and available on all PHP versions from 7.2 to 8.3.

Run Composer 2

Composer 2 is already pre-installed and accessible via SSH. Therefore, it is not necessary to install it manually.

Simple usage

Log in to your hosting via SSH, then use the following command:

composer

This command will automatically run version 2 of Composer compatible with the PHP version currently in use in your session.

Check the active version

You can check the available version of Composer with:

composer --version

Example output: Composer version 2.5.0 2022-12-20 10:44:08

Force a specific PHP version

If you want to run Composer with a specific version of PHP, aliases are available. For example:

composer_php8.1 --version

or:

composer_php7.4

These aliases allow you to run Composer 2 with the specified PHP interpreter, useful for testing or deploying a project on a target PHP version.

This guide concerns Laravel, an open-source web framework written in PHP following the model-view-controller (MVC) principle. Also refer to their documentation.

Prerequisites

• Have a Shared Web Hosting or Cloud Server with the latest MySQL/MariaDB.
• Site under PHP 8.2.
• Create an SSH access.
• Create a database.

Installation of Laravel 11

To do this:

1. Connect to the server via SSH (need help?).
2. Navigate to the site directory by running the command “cd path-to-site” (for example cd sites/laravel.domain.xyz).
3. Create a new project by running the command composer create-project laravel/laravel example-app.
4. Modify the .env file at the root of the hosting to update the connection parameters to the new database:
   • DB_CONNECTION=mysql
   • DB_HOST=xxxx.myd.infomaniak.com
   • DB_PORT=3306
   • DB_DATABASE= the name of the MySQL database (xxxx_newbdd)
   • DB_USERNAME= the MySQL user with rights to this database
   • DB_PASSWORD= their password
5. Navigate to the project directory and publish via SSH:
   cd example-app
php artisan migrate
6. Modify the target directory to point to the “public” subdirectory of the project, here /sites/laravel.domain.xyz/example-app/public.

This guide explains how to allow certain incoming and/or outgoing ports in the firewall (firewall) of a Web hosting or a Cloud Server.

Preamble

• On a shared Web hosting, it is only possible to open outgoing ports.
• On a Cloud Server, it is possible to open incoming and outgoing ports.
• Opening ports allows certain applications to function properly but can reduce the security of your hosting.

Access the tool and add a rule

To manage port opening from the Manager:

1. Click here to access the management of your hosting on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the hosting concerned.
3. Click on Security in the left sidebar.
4. Click on Port Opening in the left sidebar.
5. Click the Open a port button:
   

Open a port

It is only possible to set one port per rule, and only one IP / host per field:

By specifying an IP or a host, the connection will only be allowed in these cases:

• Incoming rule: if the connection comes from this IP or the specified host
• Outgoing rule: if the connection is made to this IP or this host

Same for the "Type" of connection, if the protocol used for the connection is not the one specified in the rule, the connection is not allowed.

Open the outgoing port 25 globally

You can open the outgoing port 25 from the manager if a destination host is specified.

With a Cloud Server, to open this port to the world, contact Infomaniak support and justify your request.

Default open ports

Once you have accessed the port opening tool, you will find the list of default open ports on the page.

With a Cloud Server, to exceptionally close some of the listed ports, contact Infomaniak support and justify your request.

The display may sometimes be spread over several pages:

MySQL ports

Regarding database ports, refer to these guides:

• Database access from another hosting
• Connect a Cloud Server to an external database

Check the activity of a port (Cloud Server)

On Cloud Server, to check if an application is listening on a particular port (1234 in the example below) and to know the name of the application in question, run in SSH:

netstat -anpe | grep "1234" | grep "LISTEN"

This guide explains how to move a shared web hosting to a Cloud Server while retrieving all its data, websites, databases, etc.

Preamble

• If you already have a Cloud Server, go directly to step 2 of this guide.
• To move a web hosting from one Cloud Server to another Cloud Server, refer to this other guide.
• To move a web hosting from a Cloud Server to a shared web hosting, refer to this other guide; note that this is a manual operation you will have to perform.
• Note:
  • Database names and database user names are preserved.
  • FTP accounts are preserved with the same names, but the host server changes to an address of type xxxx.ftp.infomaniak.com.
  • The IP addresses of the sites will change except for dedicated IPs.

1. Order a Cloud Server

To do this:

1. Click here to access the management of Cloud Servers on the Infomaniak Manager (need help?).
2. Click on Order, choose a managed Cloud Server and follow the wizard to complete the order:
   

2. Migrate the hosting to the Cloud Server

Once the Cloud Server is in service:

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click on the action menu ⋮ located to the right of the item concerned.
3. Click on Modify the offer:
   
4. Select the free transfer offer.
5. Select the Cloud Server to which to migrate your hosting:
   
6. Click on the Next button at the bottom of the page and complete the procedure entirely.
7. Wait for the hosting migration to complete, a service interruption will be felt during the process.

This guide explains how to backup or export a MySQL/MariaDB database via the Infomaniak Manager or via SSH.

Export a database via the Manager

To export an Infomaniak database:

1. Click here to access your site management on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the site concerned:
   
3. Click on the chevron to the right of Databases in the left sidebar menu.
4. Click on Databases in the left sidebar menu.
5. Click on the action menu ⋮ to the right of the object concerned in the table that appears.
6. Click on Export (or on Download a backup):
   
7. Click on the export method and choose the database to download from the dropdown menu.
8. Click on the Next button:
   
9. Click on any desired instructions:
   1. Compression Gzip
   2. Drop Table
   3. Create Table if not exists
   4. Insert ignore into
10. Click on the Export button.

Export a database via SSH

If you cannot export the database via the console or if the database is large:

1. If necessary, create an FTP SSH account.
2. Connect to the server via SSH (need help?).

3. Customize and run the following SSH command:

   # Usage: mysqldump --host=[hostname] -u [username] --password=[password] [database_name] --no-tablespaces > [output_file.sql]
   mysqldump --host=db_host -u db_user --password=db_password db_name --no-tablespaces > backup.sql

4. Wait for the SSH command to run (the terminal may freeze for a few seconds).
5. Connect to the server via an FTP software/client.
6. Download the generated SQL file.

Additional help

• Example of command to execute at step 3 of the second procedure:

  # Example with standard credentials
  mysqldump --host=abcd.xyz.infomaniak.com -u abcd_test --password=your_secret_password abcd_test --no-tablespaces > backup.sql

• Refer to this other guide if you are looking for information related to the MySQL server, database username and password.

This guide explains how to install a free SSL certificate from Let's Encrypt on a website hosted by Infomaniak.

Preamble

• Once the certificate is installed, your website will be accessible in http and https …
  • If necessary, automatically redirect all your visitors to the secure https site.
• If you wish to include an alias domain name recently added to your site that already had a certificate, you need to update it.
• For multiple subdomains, refer to this other guide.
• Let's Encrypt limits the installation of certificates to:
  • 100 subdomains
  • 20 certificates for 7 days per registered domain
  • 5 unsuccessful requests per account per hostname per hour

Install a free SSL certificate on a website

Prerequisites

• For the installation to be possible, the DNS of the domain name must be correctly configured to point to the site in question.
• If a change has just been made at this level, some operations may not be functional immediately.

To access the websites to install an SSL certificate on them:

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the product in question:
   
3. Click on Configure under SSL Certificate:
   
4. Click on the Install a certificate button:
   
5. Choose the free certificate.
6. Click on the Next button:
   
7. Check or select the domains concerned.
8. Click on the Install button:
   
9. Wait a few minutes until the certificate is obtained on the site.

This guide suggests solutions to resolve common issues and frequent errors that may occur when you try to display your website in https after activating an SSL certificate.

The web browser automatically displays the http version of the site when you try to access it in https

It is recommended to perform the following actions:

• Clear the cache of your applications or your site.
• Check that the pages and scripts of the site do not contain redirects to the http version of the site.
• Check that the site's .htaccess file does not contain redirects to the http version of the site.
• Set the site's https address as the default one:
  • with WordPress Infomaniak
  • for other cases

The website is displayed incorrectly (missing images, unsupported stylesheets, etc.) or displays a warning in the address bar

It is recommended to perform the following actions:

• Clear the cache of your applications or your site.
• Check that the pages and scripts do not point to external resources in http; the site whynopadlock.com can help you identify the unsecured elements of your site.
• Also refer to this other guide on this subject.

"This web page presents a redirection loop", "ERR_TOO_MANY_REDIRECTS"

If your web browser displays this error, it is recommended to perform the following actions:

• If the site works with a web application like WordPress or Joomla, disable the extensions one by one to identify the problematic one.
• Check that the pages and scripts of the site do not contain redirects to the http version of the site.
• Try to disable HSTS.
• If Prestashop is used, SSL must be activated on all pages:
  1. Add your SSL domain:
     • Go to Preferences > SEO & URLs.
     • In the "Store URL" section, enter your site's address in the "SSL Domain" field (without the https://, just www.domain.xyz).
  2. Activate SSL:
     • Go to Preferences > General settings.
     • At the top of the page, click on "Click here to use the HTTPS protocol before activating SSL mode."
     • A new page will open with your site in the secure HTTPS version.
  3. Force the use of SSL on the entire site:
     • Go back to Preferences > General settings.
     • Set the "Enable SSL" option to YES.
     • Also set "Force the use of SSL for all pages" to YES.

An old SSL certificate is displayed - clear the SSL cache

Web browsers cache SSL certificates to speed up navigation. Normally, this is not a problem. However, when you develop pages for your website or install a new certificate, the browser's SSL state can hinder you. For example, you might not see the padlock icon in the browser's address bar after installing a new SSL certificate.

The first thing to do in this case is to make sure that the domain points to the server's IP address (A and AAAA records) and if it is still the wrong SSL certificate that is returned, clear the SSL cache:

• Chrome: go to Settings and click on Settings. Click on Show advanced settings. Under Network, click on Change proxy settings. The Internet Properties dialog box appears. Click on the Content tab. Click on Clear SSL state, then click OK. Refer to other leads in this other guide.
• Firefox: go to History. Click on Clear Recent History then select Active Connections and click on Clear Now.

Loss of CSS formatting

If the website displays without CSS style, analyze page loading with the browser Console. There may be mixed content errors (mixed content) related to your styles .css, which you will need to resolve for them to be loaded correctly again.

Cloudflare

If you are using Cloudflare, refer to this other guide on the subject.

This guide explains how to disable or configure HSTS for a website.

Preamble

• When HSTS is enabled for a website, the server tells the site visitor (if their web browser is compatible) to replace all non-secure links with secure links.
• Example: http://www.domain.xyz.com/one/page/ is automatically replaced by https://www.domain.xyz/one/page/.
• After activating an SSL certificate on a website, HSTS is configured as follows: max-age=16000000.

Disable HSTS…

… with a CMS (WordPress, Joomla, etc.)

Include the following line in all pages generated by the CMS:

header( 'Strict-Transport-Security: max-age=0;' );

For WordPress, for example, it is possible to add this directive in the functions.php file of your theme:

add_action( 'send_headers', 'add_header_xua' );
function add_header_xua() {
header( 'Strict-Transport-Security: max-age=0;' );
}

More details on WordPress

… with a PHP site

Include the following line in all php pages:

header( 'Strict-Transport-Security: max-age=0;' );

To do this without having to modify each php page of a site, it is possible to use the auto_prepend_file directive in the .user.ini file of the site concerned:

auto_prepend_file=/home/clients/xxxx/web/hsts_disable.php

... with the following hsts_disable.php file:

header( 'Strict-Transport-Security: max-age=0;' );

… with a static content site (non-PHP)

Include this header in a .htaccess file:

# BEGIN DISABLE HSTS
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=0; includeSubDomains;"
</IfModule>
# END DISABLE HSTS

Customize HSTS

header( 'Strict-Transport-Security: max-age=X; includeSubdomains; preload' );

includeSubDomains; is enabled by default and as its name indicates it will include the subdomains in the "Strict Transport Security".

When the visitor goes to an unsecured subdomain, the browser will automatically redirect to HTTPS and cause a security error.

If this behavior is not desired, you need to remove this header.

Clear the browser's HSTS cache…

… on Chrome

1. In Chrome, type chrome://net-internals/#hsts.
2. Enter the domain name in the text field of the 'Delete domain security policies' section.
3. Click the Delete button.
4. Enter the domain name in the text field of the 'Query HSTS' section.
5. Click the Query button.
6. The response must be 'Not found' (not found).

… on Safari

1. With Safari, start by closing the browser.
2. Delete the file ~/Library/Cookies/HSTS.plist.
3. Reopen Safari.

… on Firefox

1. With Firefox, close all tabs.
2. Open the Firefox menu and click on History / View History.
3. Search for the page whose HSTS preferences you want to delete.
4. Right-click on one of the corresponding entries.
5. Choose Forget this site.