This guide explains how to optimize web resource caching using HTTP headers.

Preamble

• A good caching strategy can significantly improve your site's performance by avoiding the unnecessary retransmission of unchanged files.
• Web caching relies on two complementary mechanisms:
  1. The cache validity duration (via the Expires header) which indicates how long a resource can be reused without contacting the server.
  2. Conditional validation (via the Last-Modified/If-Modified-Since headers) which allows checking if a resource has changed before re-downloading it.

Configuring cache duration with Expires

The Expires header allows specifying a duration during which the browser can directly reuse resources from its local cache. Here's how to configure it in your .htaccess file:

1. Create or open the .htaccess file at the root of your site (usually in /web or /sites/domain.xyz).

2. Add the configuration of the expires module:

   <IfModule mod_expires.c>

3. Define the appropriate cache durations for each type of resource:

   ExpiresActive On
   ExpiresByType text/html "access plus 1 week"
   ExpiresByType image/jpeg "access plus 1 month"
   ExpiresByType text/css "access plus 1 month"
   ExpiresByType application/javascript "access plus 1 month"

   These directives mean that:

   • HTML pages will be cached for one week.
   • JPEG images, CSS files, and JavaScript will be kept for one month.

   Adjust these durations according to the update frequency of your resources.

4. Close the configuration section:

   </IfModule>

Conditional validation with Last-Modified

Even when a resource has expired in the cache, it is not always necessary to completely re-download it. The conditional validation mechanism allows the browser to check if its cached version is still up-to-date. This process works as follows:

1. The server automatically sends a Last-Modified header with each resource, indicating its last modification date.
   • Apache handles this natively for static files - no additional configuration is required.

2. When the browser requests the resource again, it sends an If-Modified-Since header containing the date it has in cache:

   GET /resource HTTP/1.1
   Host: www.example.com
   If-Modified-Since: Wed, 21 Oct 2015 07:28:00 GMT

3. The server compares this date with the actual file modification date:
   • If the file has not changed, it simply returns a 304 Not Modified code, thus saving bandwidth.
   • If the file has been modified, it returns the new version with a 200 OK code.

This guide explains how to view file activity on your Infomaniak hosting server.

FTP space activity logs

To know the activity of exchanges on your FTP space, contact Infomaniak support to request FTP logs by first authenticating with the credentials corresponding to the management of your web hosting.

Help reading logs: http://www.castaglia.org/proftpd/doc/xferlog.html

The owner "site1xxx" (e.g. site1152, site1163, site1184…) appears when the FTP user account that created the folders/files in question has been removed from the list of FTP user accounts.

To access these files again in order to modify them, you need to log in with a different FTP account in the FTP File Manager and change the owner of the files with the "Properties" button.

This guide explains how to configure PHP settings for Web Hosting directly from the command line when you run PHP scripts using PHP CLI (Command Line Interface).

Preamble

• This type of configuration can be useful when you need to temporarily modify certain parameters for a specific script or for a PHP session.
• These modifications will only be valid for the execution of the current script and will not modify the global PHP configuration.

Modify PHP CLI settings

For example, to temporarily modify the settings for a specific script without having to modify the global PHP configuration of the server, follow the method below; with the PHP CLI environment, you can specify multiple PHP parameters at the same time by separating them with spaces.

Using the -d parameter

When you run PHP from the command line, you can use the -d parameter to specify PHP configurations. This allows you to modify the PHP parameters for this specific execution. For example, to set the maximum execution time to 90 seconds, the memory limit to 256 MB, and disable safe mode, you can do it as follows:

php -d max_execution_time=90 -d memory_limit=256M -d safe_mode=Off -f test.php

This guide helps you find the public IP address of your device, which can be useful for certain support requests, among other things.

Display the public IP address on the connected device

Click here to obtain the public IP address of your device in IPv4 and IPv6 format.

Alternative methods

Visit ipinfo.io or ifconfig.me.

... on macOS

1. From a terminal application (command line interface, CLI) on your device, run the command curl ifconfig.me and press enter.
2. The displayed address is the public IP address of the computer.

To automate the search for the public IP address, use commands or scripts that query services such as api.ipify.org ...

This guide helps you protect against hotlinking on Infomaniak Web Hosting.

Preamble

• Hotlinking, also known as "leeching" or "bandwidth theft", occurs when a website directly integrates resources (such as images, videos, or audio files) hosted on another site without the latter's authorization.
• This means that the remote site is used to display content on the hotlinking site, which can result in unauthorized use of resources and bandwidth consumption for the remote site owner.

Preventing hotlinking

Content owners can implement measures to prevent hotlinking, such as rules in the .htaccess file at the root of the website to block requests from specific sites or to redirect to a replacement image:

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?infomaniak.com [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?google.com [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?bing.com [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yahoo.com [NC]
RewriteRule \.(jpg|jpeg|png|gif|svg)$ https://infomaniak.com/imagederemplacement.png [NC,R,L]

Replace "infomaniak.com" above with your site's address.
Remove the 3 lines google/bing/yahoo if you do not want these 3 sites to be allowed to display your images.

This guide explains how to add a dynamic trust seal to a secure site with a Sectigo SSL certificate.

Preamble

• Infomaniak, as a host, offers SSL certificates to secure its clients' websites
• Sectigo (formerly known as Comodo) is a recognized SSL certificate provider that offers different levels of security
• The "dynamic trust seal", or "Sectigo Trust Seal" / "Sectigo Trust Logo" is a visual that website owners can display on their pages to indicate to visitors that their connection is secure, a sign of trust that informs users that transactions and information exchanges made on the site are encrypted and protected by an SSL certificate issued by Sectigo.
• By using a Sectigo SSL certificate and displaying the dynamic trust seal, a website at Infomaniak therefore benefits not only from data exchange security, but also from increased user trust, essential for e-commerce and for the protection of personal information.

Adding a trust seal

Here's how a dynamic trust seal works:

1. Validation: to obtain such a seal, the site owner must first obtain a valid SSL certificate from Sectigo, which requires a validation process; depending on the level of certificate chosen (Domain Validation - DV, Organization Validation - OV or Extended Validation - EV), this validation may be more or less in-depth
2. Installation: once the SSL certificate is obtained and installed on the Infomaniak web server, the website is then able to establish secure HTTPS connections
3. Displaying the seal: Sectigo provides an HTML code or script that the site owner can then integrate into their website; this code allows the Sectigo dynamic trust seal to be displayed
4. Update: the seal is often updated in real time to reflect the current situation of the SSL certificate; if the certificate were to expire or be revoked, the seal would also reflect this, warning potential visitors that the site may no longer be secure
    

The trust seal consists of an image and an HTML code. The latter only works if a Sectigo certificate is installed on the site and in this case generates an interactive logo that displays the certificate data.

Save one of the images below

Right-click on the image to save, then click on Save image as...

• Small
• Medium
• Large

Upload the image to your site

Send the image to your web server (via FTP or your CMS) and note the URL to access this image for the next step (for example https://domain.xyz/wp-content/uploads/sectigo.png).

Get the code to integrate into your pages

Enter the full address of your image on the page https://www.trustlogo.com/install/index2.html to check if the image is accessible.

Click the Continue button on the same page to get the 2 codes to copy-paste into the header of your (or your) Web page(s):

Important:

• In the code, CL1 corresponds to a DV SSL certificate; replace CL1 with SC5‍ for an EV type SSL certificate.

This guide explains how to use PHP environment variables with Web Hosting that runs on php-fpm.

Preamble

Using environment variables

To use PHP environment variables:

1. Define the PHP environment variables in a .htaccess file:

   • SetEnv EXAMPLEVARIABLE hello

2. In your PHP file, the name of the variable to call corresponds to the same variable name defined in the environment variable:

   • <?php getenv('EXAMPLEVARIABLE');

In this example, the displayed result will be hello.

Going further with environment variables

It is possible to configure environment variables directly from the Manager for your entire website:

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the product concerned:
3. Click on Manage under Advanced settings:
   
4. Click on the PHP / Apache tab:
   
5. Click on the chevron ‍ to expand the Environment Variables section.
6. Click on the icon ‍ Add.
7. Enter the variable and its value.
8. Click the button to save:
   

This guide helps resolve issues related to special characters (accents, emojis, etc.) that do not display correctly or appear as symbols like ??, often due to incorrect encoding when connecting to MySQL.

Preamble

• By default, MySQL uses UTF-8.
• Recent MySQL servers are generally configured to use UTF-8 or UTF-8MB4 by default.
  • This is suitable for most cases, especially for international languages and emojis.
• Also refer to this other guide to learn how to avoid causing encoding issues with non-European characters and emojis in your developments.

Set the default MySQL / MariaDB charset (Cloud Server)

With a Infomaniak Cloud Server, it is possible to set the default charset (utf8 or utf8mb4):

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the relevant product.
3. Click on MariaDB in the left sidebar and then choose the default charset:
   

If you have not yet migrated to MariaDB, the principle is the same:

Force a specific encoding (e.g., latin1)

If you need to work with a database in latin1 (ISO-8859-1), you must explicitly set the encoding when connecting, depending on your environment.

For current offers, place the following code in a user.ini file located at the root of your hosting:

mysql.connect_charset = "latin1"
mysqli.connect_charset = "latin1"
pdo_mysql.connect_charset = "latin1"

or in PHP (MySQL API):

mysql_query("SET CHARACTER SET latin1");

On older hosting plans, force the MySQL connection to latin1 via the .htaccess file located at the root of your hosting:

php_value mysql.connect_charset latin1
php_value mysqli.connect_charset latin1
php_value pdo_mysql.connect_charset latin1

The possible indication information_schema does not concern you directly.

It is an internal database of MySQL that is a summary of the information from your own databases.

This guide explains how to manage interactions between your Infomaniak VOD/AOD space and any of your WordPress sites, using an extension developed by Infomaniak.

Preamble

• This WordPress extension allows you to retrieve and manage all your videos present on an Infomaniak VOD/AOD space, with automatic updates when new videos are added.
• It manages the automatic retrieval of existing Players and playlist management.
• You will be able to search for your videos when writing an article or a page or import media directly from the CMS administration.
• ⚠️ The use of the Infomaniak plugin must be done with the classic editor (Classic Editor):
  • The plugin is not compatible with Elementor, and therefore cannot be used with this site editor.
  • Incompatibility also with WordPress Multisite.
• In case of problems with the plugin activation, deactivate the following option in the Really Simple SSL plugin:
  
  • If problems persist, refer to this other guide.

Get the Infomaniak VOD extension

Go to your VOD space to get the information necessary for the WordPress external module:

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the product concerned.
3. Click on CMS Extensions/API in the left sidebar menu.
4. Click on CMS Extensions in the left sidebar menu.
5. Download the WordPress extension.
6. Configure the extension using the provided instructions:
   
   • It is recommended to create a new user in your Organization with only technical rights on the VOD/AOD product and then create the application password from this dedicated account.

A similar feature exists for Typo3 with the dedicated extension that you can find and install from its plugin library:

To help you identify the most suitable kSuite offer for your needs, refer to this other guide.

It is of course possible to subscribe to an Infomaniak Web Hosting from the same user account and/or the same Organization and to build your website with the tool of your choice such as WordPress or Site Creator.

To help you identify the most suitable hosting offer for your needs, refer to this other guide.

This guide details the specific rules to follow when using a password containing the "dollar" character $ to send an email via the SMTP Infomaniak in a script (PowerShell, Python, etc.).

Preamble

• If you encounter an authentication error (for example auth failed, invalid login or password) when sending an email via SMTP, even though the password is correct and works in software like Outlook, the issue may be due to the handling of the character $ in your script or configuration file.
• To ensure reliable execution of your SMTP scripts, it is strongly advised to avoid any special character with syntactic meaning, particularly $, in passwords used in scripts and configuration files.
• The issue may also occur when connecting to databases.

Rules to follow

The character $ is a special symbol in many languages and environments. When it is used in a password in a script or configuration file, it can be mistakenly interpreted as a variable or control character.

Here are frequent cases where you should not use the character $ in a password:

• PowerShell: $ is used to declare variables. A password containing $ can cause syntax errors or be truncated.
• Bash / Shell (Linux): $ is also a variable prefix. It can trigger unexpected substitutions.
• YAML files (for example Home Assistant, GitHub Actions, Docker Compose) : $ can be interpreted as an environment variable.
• Files .env, .ini, or other configuration files: the tools that read these files may attempt to interpret the variables.
• Commands or URLs with authentication: a password containing $ may be improperly encoded or fail during parsing.

To correct or prevent this type of error:

• Avoid using the character $ in passwords intended for use in scripts or automated systems.
• If you absolutely must use it, always enclose the password string correctly according to the language:
  • In PowerShell: use single quotes 'password$Test' if possible.
  • In Python: ensure the string is well enclosed in single or double quotes, without interpretation.
  • In Bash: escape the $ with a backslash \$.

This guide explains how to download or export an SSL certificate from the Infomaniak Manager.

Preamble

• The download of the certificate produces a file in .zip format.
• The archive contains the .key and .crt files (as well as _windows.pfx & .protected.key depending on the type of certificate):
  
• It is recommended to store this certificate and its private key in a secure location, as the latter could allow access to your encrypted data.

Export or download an SSL certificate

To access the management of your certificates:

1. Click here to access the management of your product on the Infomaniak Manager (need help?):
   
2. Filter your certificate types if necessary by clicking on the icon dedicated to this effect.
3. Display the different types of certificates such as Let's Encrypt, Sectigo DV & EV...
4. Add the certificates that need to be displayed.
5. Apply the filters:
   
6. The table now only displays the types of certificates you have selected.

Export a Let's Encrypt certificate

1. Click directly on the name assigned to the certificate Let's Encrypt in the list:
   
2. Click on the action menu ⋮ to the right of the object concerned in the table that appears.
3. Choose Export the certificate and follow the instructions to download the archive to your device:
   

Export a Sectigo certificate

1. Click directly on the name assigned to the certificate in the list of certificates.
2. Click on the Manage button.
3. Click on Download the certificate and follow the instructions to download the archive to your device:
   

Supervisor is not offered directly because systemd is recommended, better integrated with Debian, and available in Fast installer.

If you still need to install it, contact Infomaniak support in writing.

This guide details the possible actions to combat unwanted content that may appear on your WordPress site when it is not sufficiently protected.

Introduction

• When your WordPress site is not sufficiently protected or monitored, spam bots take advantage of the comment system to post thousands of messages (obviously containing links to their fraudulent activities).
• Any form (contact, voting, booking, etc.) can also be exploited for malicious activities if nothing is done in advance to protect against it.
• This will affect your site (no one will leave a serious comment), the reputation of the domain name, your activities and the server itself to the point of saturating it and impacting other sites on the same space.
• It is therefore crucial to take care of your site's health and ensure its proper functioning throughout its lifespan.

Fighting unwanted comments

First, carefully follow the solutions proposed by the WordPress codex. You will learn, for example, that disabling the comment system via the WordPress dashboard only affects future posts; it is therefore important to follow one of the alternative methods proposed by WordPress for a more radical deactivation.

If you still want to collect comments, you can for example limit them to registered users (refer to the official help regarding the comments settings page) but you will then need to monitor registrations.

Fighting spam submissions

An effective protection against automated comments and the exploitation of any form on your site involves implementing a captcha, or its alternative, the honeypot (honey pot). You will thus close the door to bots (robots programmed to browse the Web and exploit its vulnerabilities).

Akismet, developed by Automattic, the company behind WordPress, receives good reviews but becomes paid for commercial use.

By installing WordPress on your Infomaniak site via the automatic installation system, you will find the WP Armour – Honeypot Anti Spam extension already activated, to protect in its free version all types of forms, such as those of WP Comments, WP Registration, BBPress Forum, Contact Form 7, Gravity Forms, Elementor Forms, Divi Theme Contact Form, WooCommerce Reviews Pro, etc.

If you want an alternative dedicated solely to the contact form Contact Form 7, add its protective Honeypot extension.

Another extension receives many favorable reviews: La Sentinelle antispam !

The role of the hoster

You can learn more about the mechanisms put in place by Infomaniak to combat this issue through the article and the FAQ about the tools available if you have a website.‍

This guide explains how to change the URL of your website from the Joomla app installed on your Web Hosting Infomaniak (only in the case where you have installed Joomla via the dedicated tools offered by Infomaniak).

Prerequisites

• The domain name you wish to use must first be added as an alias to the main domain on the relevant site.

Change the domain name of Joomla

To change the address of the site created with Joomla to another domain name that is already in the same Organization:

1. Click here to access your site management on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the relevant product:
   
3. Click on the action menu ⋮ located to the right of the relevant Web Application.
4. Click on Settings for the application:
   
5. Click on Edit to the right of the Joomla:
   
6. Under Site URL, select the desired web address from the dropdown menu:
   1. If you have not followed the prerequisites above, the desired domain will not appear even if it is registered within the same Organization.
   2. If you have added the domain as an alias for the site, the desired domain will appear and you will be able to select it to replace the previous domain.
7. Click on the Save button:
   

Domain “…preview.infomaniak.website”?

Among the URLs present in the dropdown menu, the preview URL allows you to access your Joomla site in case the site's domain name is not yet correctly configured to point to your app.

Change the address or location of Joomla

Prerequisites

• Create an FTP account (need help?).
• Connect via FTP (need help?).

To modify the Joomla installation if it was done in a subfolder…

… and if the latter is visible in the site address each time it is consulted…

… here is how to proceed:

1. On the FTP, move up to the root (in the target folder of the website) all the files of your Joomla currently installed in a subfolder (folder /primary in the example below):
   
2. Delete the now-empty subfolder.
3. Modify the .htaccess file located at the root of your Joomla directory.
4. Replace RewriteBase /primary with RewriteBase /:
   
5. Save the changes.
6. Do not uninstall the Joomla Web Application but simply stop using it and connect directly to the management interface of your Joomla via the URL /administrator:
   

This guide explains how to view the disk space of an Infomaniak Web Hosting and display the size of directories.

Find large folders in a Web Hosting

To do this:

1. Connect to the server via SSH (need help?).

2. Run the following SSH command:

   ncdu

3. Navigate through the folder structure using the keyboard's directional arrows.
4. Exit with the key combination CTRL + C.

This guide helps you protect the reputation of your domain name, to maintain the trust of Internet users and service providers in your website or business, thereby facilitating the smooth operation of your email.

The web reputation

There are different types of reputation on the Internet, including personal reputation, corporate reputation, and domain reputation.

Domain reputation is essentially a score that determines how email systems decide what to let through to users' inboxes. Fundamentally, the reputation of your domain is a measure of the health and legitimacy of your domain. This reputation can be influenced by the security of your email and website.

For example, the reputation of a domain can decrease if…

• … the site visible at the domain address is hacked, leading to the mass sending of fraudulent emails,
• … the domain's email is exploited for the involuntary sending of spam.

If the reputation of your domain remains poor, your emails may be marked as spam and not reach their intended audience. This can harm email deliverability (see this other guide in English on this topic).

Improving domain reputation

By following these few tips, you can improve the reputation of your domain and, for example, boost all your email marketing efforts:

• Set up and verify SPF, DKIM, and DMARC records that help protect your domain from identity theft attacks.
• Check the reputation of your domain with tools such as Google Postmaster Tools, Sender Score, Microsoft SNDS, McAfee or Talos Intelligence and identify potential issues.
• Only send emails to users who have chosen to subscribe!
• Get trusted links or backlinks…

See this other guide about RBLs.

This guide details the creation of a GIT repository on your Web Hosting as well as on your Infomaniak Cloud Server.

Preamble

• GIT and GITHub are available by default on the two aforementioned supports.
• For additional help contact a partner or launch a free call for tenders — also discover the role of the host.

Creation of the GIT repository

Setup on the server:

• the GIT repository is on /git_depot
• the site is located in the folder /web/[project] (on your FTP server)

Commands to enter:

cd
mkdir git_depot
cd git_depot/
git init --bare [projet].git
cd [projet].git
git update-server-info

Sending the local repository to the server

To do on the local machine:

git init
git remote add origin ssh://user@[xxxxx].ftp.infomaniak.com:/home/clients/[123456789]/git_depot/[projet].git
git status
git add .
git commit -a -m "init"
git push --set-upstream origin master
git push

Cloning the site on the server directory

To do on the server:

cd
cd web
rm -r [projet]/
git clone /home/clients/[123465789]/git_depot/[projet].git [projet]/