This guide explains how to block access to certain directories of a Web Hosting for certain visitors / robots / crawlers by filtering and blocking their IP addresses or hostnames.

Implement .htaccess rules

Create a document .htaccess at the root of your site and enter the rules intended to block certain IP addresses or bots.

To block visitors based on, for example, the beginning of their IP address, use the directive "deny from":

Order Deny,Allow
Deny from 123.456.
Allow from all

This means that all requests from an IP address starting with "123.456." will be denied, while all other requests will be allowed. Blocked users will receive an HTTP 403 Forbidden error message.

Block a specific IP address

Order Allow,Deny
Deny from 123.456.789
Allow from all

This means that only one IP address, 123.456.789, is blocked and all other IP addresses can access the site.

Blocking multiple IP addresses

Order Allow,Deny
Deny from 123.456.789
Deny from 987.654.321
Allow from all

This means that two IP addresses, 123.456.789 and 987.654.321, are blocked and all other IP addresses can access the site.

Block a bot by its user-agent

SetEnvIfNoCase User-Agent "BadBot" BadBot
Order Allow,Deny
Deny from env=BadBot
Allow from all

This means that any bot identified with a user-agent "BadBot" will be blocked and all other users can access the site.

Block access to a specific folder

Order Allow,Deny
Deny from all

This means that all access to the folder "/folder" will be blocked, regardless of the IP address or user-agent. A similar assistant is available on your Infomaniak Manager.

mod_rewrite directives

You can also use the mod_rewrite directive to block certain IP addresses or bots in a .htaccess file.

Here are some examples:

Block a specific IP address

RewriteEngine on
RewriteCond %{REMOTE_ADDR} ^123\.456\.789\.
RewriteRule ^(.*)$ - [F,L]

This means that only one IP address, 123.456.789, is blocked and all other IP addresses can access the site.

Block several IP addresses

RewriteEngine on
RewriteCond %{REMOTE_ADDR} ^123\.456\.789\. [OR]
RewriteCond %{REMOTE_ADDR} ^987\.654\.321\.
RewriteRule ^(.*)$ - [F,L]

This means that two IP addresses, 123.456.789 and 987.654.321, are blocked and all other IP addresses can access the site.

Block a bot by its user-agent

RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} BadBot [NC]
RewriteRule ^(.*)$ - [F,L]

This means that any bot identified with a user-agent "BadBot" will be blocked and all other users can access the site. This can be useful to prevent unwanted robots from accessing certain pages or consuming resources unnecessarily.

Block access to a specific folder

RewriteEngine on
RewriteRule ^dossier/secret - [F,L]

This means that all access to the folder "/dossier/secret" will be blocked, regardless of the IP address or user-agent.

Block and redirect elsewhere

RewriteEngine On
RewriteCond %{REMOTE_ADDR} ^123\.456\.789\.
RewriteRule ^(.*)$ http://www.domain.xyz/blocked.html [L,R=301]

This means that all requests from the IP address 123.456.789 will be redirected to the page "blocked.html" on the site "www.domain.xyz". The last part of the line RewriteRule, [L,R=301] indicates that the redirection is permanent (R=301) and that this is the last rule to be applied (L).

You can add multiple conditions RewriteCond to block different IP addresses and redirect to different pages.

Also, refer to this other guide.

This guide explains why an FTP account (and most of the time Web Hosting as well) can suddenly become blocked.

Preamble

• Infomaniak uses an antivirus solution on all shared servers to combat the sending of viruses via FTP and scripts.
• The antivirus allows to detect:
  • possible FTP account hacks
  • the voluntary or involuntary sending of files (WordPress themes, fraudulent modules, etc.) containing malicious code lines or inclusions

Malicious file detection

The antivirus scans all files sent under 1 MB to prevent any upload of viruses/spam scripts/etc.

In case of detection of a suspicious element, the password of the FTP account is automatically changed and the incriminated files on the server are locked (FTPban).

The FTP server then sends a message to the FTP client of the type

550 Virus Detected and Removed: botnet.infomaniak.5.UNOFFICIAL

or

550 Virus Detected and Removed: winnow.botnet.ff.trojans.15900.UNOFFICIAL

What to do if the account is blocked?

If your FTP account is suddenly blocked, you will receive an email; follow the procedure indicated therein to unlock the situation. In particular:

• Clean your site and analyze what you intended to upload to the server.
• Check if the web applications and CMS you are using are up-to-date:
  • The cause of most hacks comes from a security deficiency in outdated web applications or weak passwords.

Solve the problem definitively

To prevent your site from being hacked and blocked again, perform the following actions:

• Update the web applications (WordPress, Joomla, etc.) and the extensions used.
• Delete unused web applications.
• Change the password for all your FTP accounts.
• Change the passwords to access the web applications (WordPress, Joomla, etc.).
• Change the password for MySQL database users.
• Delete the users of the MySQL databases that you do not use.
• Use a different, complex password each time, with a minimum of 8 characters.
• Run a manual antivirus scan on your hosting.
• Install and use an up-to-date antivirus (regardless of the operating system).
• Refer to this other guide if you are looking for information on monitoring and resolving vulnerabilities in hosted scripts.

This guide explains how to uninstall an SSL Certificate regardless of its type, initially installed from the Infomaniak Manager. If your certificate is a paid type and you wish to cancel the current offer instead, refer to this other guide.

Remove an SSL Certificate

To uninstall an Infomaniak certificate:

1. Click here to access the management of your product on the Manager Infomaniak (need help?).
2. Click directly on the name assigned to the product in question:
   
3. Click on the action menu ⋮ located to the right of the relevant item.
4. Click on Uninstall:
   
5. Confirm the uninstallation of the certificate.

This guide details the features available for managing relational databases on hosting.

Use of Views, Triggers, Stored Procedures and Routines

Regarding the management of relational databases, the views ("views") feature is available by default, allowing users to create views to simplify data management and presentation.

However, some advanced features, such as…

• “triggers”
• stored procedures
• routines
• and the creation of functions

… are only available on Cloud Servers.

These features allow for more precise and complex data manipulation, but they are not allowed on shared servers. This restriction is mainly due to potential risks to the stability of the infrastructure. Poor configuration or excessive use of these features could create infinite loops or significant overloads, affecting not only the performance of the server in question, but also the experience of all clients hosted on the same infrastructure.

This guide details the error "Database connection error: could not connect to mysql" which may occur during modifications around an Infomaniak hosting on which the Web app Joomla is installed.

Preamble

• To get the site working again, you need to check and update certain information in the Joomla configuration.php file:
  1. The name of the MySQL database — this is often a prefix that has been added in front of the existing database name and the username (for example bddname before, abcd_bddname after).
  2. The MySQL database host server (for example mysql.domain.xyz before, abcd.myd.infomaniak.com after).
  3. The username that accesses the MySQL database (for example userbdd before, abcd_userbdd after).
  4. The path of two directories /tmp and /logs:
     

Get the updated information

For points 1, 2 and 3 above:

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the concerned product.
3. Click on Database in the left sidebar.
4. Find and keep your current MySQL information (need help?).

For point 4 in the preamble above:

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the product in question.
3. Click on Manage under Advanced settings:
   
4. Under the PHP | Apache tab, under PHP Information click on Display Information.
5. On the line _SERVER['DOCUMENT_ROOT'] copy the path to the right:
   

Modify the Joomla configuration.php file

Prerequisites

• Create an FTP account (need help?).
• Log in via FTP (need help?).

Then edit the file configuration.php which is located in the root folder of your Joomla:

1. Find the relevant paragraph and update the 4 pieces of information from the preamble above.
2. Also replace the old path (including "www") with the new path:
    
3. Save the file; your Joomla will now connect to the correct database.

Check the changes made

On the Joomla interface, it is possible to check the paths of the folders /logs and /tmp:

• For the /logs folder: go to System / Configuration then System
• For the /tmp folder: go to System / Configuration then Server

This guide explains how to delete a site from a Web Hosting.

Introduction

• Once removed, the site will no longer appear on the Internet at its previous URL.
• The quota of sites available on your hosting will regain a free slot.

Removing a site from a paid Web Hosting

To access Web Hosting to remove a site:

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the relevant product.
3. Click on the action menu ⋮ to the right of the relevant item in the displayed table.
4. Click on Remove the site:
   

Unlinking a site from a free Starter hosting

A Starter hosting (basic web page) contains only one site that is specific to the domain name itself. Therefore, unlike paid offers, it is not possible to have multiple sites or remove one site to add another.

You can however follow the procedure above and a warning will offer you the termination of your Starter hosting:

You can also directly cancel the Starter hosting:

• This will only terminate your Starter Web hosting product, meaning the part concerning your website without affecting other products, email or domain name for example.
• You will need to confirm the cancellation request by email, otherwise no data will be deleted.
• A cancellation confirmation is sent to any other administrators of the Organization.
• Backups will be permanently deleted upon cancellation, making any restoration impossible.

To cancel:

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click on the action menu ⋮ located to the right of the relevant item.
3. Select the Terminate option:
   
4. Follow the procedure to the end.

This guide concerns the connection time limits for MySQL databases on Infomaniak Web Hosting in the context of a Web application using PHP to interact with the database.

MySQL database connection time

Limited to 30 real seconds

This means that when a connection is established between the PHP application and the MySQL database, it has 30 seconds to perform all necessary operations before the connection is automatically closed by the MySQL server.

This limit is generally set in the MySQL server configuration and can be adjusted according to the specific needs of the application.

PHP CPU time

Limited to 10 seconds

This limit refers to the CPU time allocated to the execution of PHP scripts on the server; when a PHP script is executed, the web server allocates a certain amount of CPU time to process this script... so if the script takes more than 10 seconds to execute, it will be automatically interrupted by the web server to avoid excessive consumption of the server's resources.

By combining these two limits, this means that for any operation involving a connection to a MySQL database from PHP, the application has 30 real seconds to establish the connection, execute queries, and process results, while respecting the 10 seconds of CPU time allocated to the execution of the PHP script.

If an operation exceeds one of these limits, it may be interrupted by the MySQL server or the web server, depending on the case, which can result in errors or unexpected behavior in the application.

This guide explains how to securely and easily transfer files between Web Hosting and/or Cloud Server.

Preamble

• The FXP (File Exchange Protocolis a method for transferring files directly between two FTP servers without the data passing through the local client.
• Using the FTP PORT and PASV commands, it allows for a connection to be established between the two servers for faster and more efficient file transfer, thus saving bandwidth.
• However, this method may present security risks if the connections are not secured by FTPS, and it requires a more complex configuration compared to traditional FTP transfers.

Transferring data between servers

For example, you can use CrossFTP, a multi-platform software that allows you to perform FXP (as well as FTP, SFTP, WebDav, S3, OpenStack Swift).

This guide explains how to change the WordPress management password or any other Web application (Joomla, Drupal, Typo3, PrestaShop, ownCloud, etc.) installed via Infomaniak tools included in the offersWeb hosting paid.

Preamble

• Some applications also allow a change of user password directly from their dedicated interface:
  • Example: WordPress (manage users, names, passwords, roles, etc.).

Change the password of a Web app

To change the password to the administration panel of your web application, perform the following actions:

1. Click here in order to access the management of your product on the Manager Infomaniak (Need help?).
2. Click directly on the nameallocated to the product concerned:
   
3. Click on the action menu ⋮ located to the right of the relevant Web Application.
4. Click on Parameters of the application:
   
5. Click on Edit to the right of the Application:
   
6. Under Password Enter the new password (for connection to the identifier indicated above):
   
7. Click on the button Save at the bottom of the page.

This guide explains how to enable the following functions on Web Hosting (in italics, Cloud Server only):

• proc_open
• popen
• exec()
• shell_exec()
• set_time_limit
• passthru
• system

Enable PHP functions

To access website management:

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the relevant product:
3. Click on Manage under Advanced Settings:
   
4. Click on the PHP / Apache tab.
5. Click on the toggle switches On/Off as desired:
   
6. Click on the Save button to confirm the changes.