This guide concerns you if you encounter a 500 error, which can have various origins generally related to the development of your website on a Web Hosting, especially with the rewrites in your .htaccess files.

Under What Circumstances Do These Errors Occur?

Apache2, in use on our servers, no longer supports certain modules like mod_auth_anon, mod_auth_dbm, mod_authz_dbm, mod_cern_meta, mod_imap, mod_imagemap, mod_mime_magic.

Furthermore, Apache2 is strict with syntax errors, and when it encounters syntax errors in an .htaccess file, it can result in 500 Internal Server Error or unexpected URL rewriting errors.

Examples of Incorrect Syntax in .htaccess and Correction

In this first example, the syntax error is that the rewrite rule does not specify the HTTP redirection response code to return. The correction adds the R=301 directive to specify that the redirection should return a 301 (permanent) status code:

RewriteRule ^articles/([0-9]+)/$ /article.php?id=$1 [L]

Correction:

RewriteRule ^articles/([0-9]+)/$ /article.php?id=$1 [L,R=301]

In this second example, the syntax error is that the Options directive does not properly specify the options to enable or disable. The correction adds the "+" sign to specify that FollowSymLinks should be enabled rather than disabled:

Options -Indexes FollowSymLinks

Correction:

Options -Indexes +FollowSymLinks

How to Resolve These Errors?

• If the first page or another page displays a 500 error, rename the .htaccess file or comment out all lines with # and uncomment line by line until you find the problematic section.
• If the error occurs after making changes to one of your pages, the easiest way is to restore the previous version of the file.

The Infomaniak Student Program provides free access to 1 Web Hosting and 1 kSuite Standard to enhance digital skills during higher education.

Introduction

• A domain name is required for the products to function properly and this remains a paid service
• Offer valid only in the following countries: Switzerland, France, Belgium, Germany, Italy, Austria, Spain, Canada
• Offer is reserved for new hosting orders (does not apply to ongoing or renewed orders)
• 1 Web Hosting (= storage for 20 websites on 250 GB of SSD space) and 1 kSuite Standard per person
• The student must be of legal age (or have parental permission)
• The student must be able to prove their status with a valid student ID and identification card:
  • Student card or school certificate: it must be up-to-date and show the school, current academic year, as well as your first and last name
  • ID card (front/back): it must be valid with a clear and readable photo
  • Your official student email address: provided by your school, e.g., firstname.lastname@your-school.com
• The duration of the offer depends on the validity period of the student ID and cannot exceed a total of 4 years

Get Free Online Hosting

To benefit from this offer, simply visit the offer page while preparing the required documents.

Discover other free Infomaniak services

This guide explains how to disable or configure HSTS for a website.

Preface

• when HSTS is enabled for a website, the server tells the visitor of the site (if their web browser is compatible) to replace all insecure links with secure links
• example: http://www.example.com/a/page/ is automatically replaced with https://www.example.com/a/page/
• after enabling an SSL certificate on a website, HSTS is configured as follows: max-age=16000000

Disable HSTS

1. with a CMS (WordPress, Joomla, etc.)

Include the following line in all pages generated by the CMS:

header( 'Strict-Transport-Security: max-age=0;' );

For WordPress, it is possible to add this directive in the functions.php file of your theme:

add_action( 'send_headers', 'add_header_xua' );
function add_header_xua() {
    header( 'Strict-Transport-Security: max-age=0;' );
}

More details on WordPress 

2. with a PHP site

Include the following line in all PHP pages:

header( 'Strict-Transport-Security: max-age=0;' );

To do this without having to modify each PHP page of a site, you can use the auto_prepend_file directive in the .user.ini file of the concerned site:

auto_prepend_file=/home/clients/xxxx/web/hsts_disable.php

... with the following hsts_disable.php file:

header( 'Strict-Transport-Security: max-age=0;' );

3. with a static content site (non-PHP)

Include this header in a .htaccess file:

# BEGIN DISABLE HSTS
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=0; includeSubDomains;"
</IfModule>
# END DISABLE HSTS

Customize HSTS

header( 'Strict-Transport-Security: max-age=X; includeSubdomains; preload' );

includeSubDomains; is enabled by default and, as its name indicates, it will include subdomains in the "Strict Transport Security".

When the visitor goes to an insecure subdomain, the browser will redirect to HTTPS automatically and cause a security error.

If this behavior is not desired, this header should be removed.

Clear the browser's HSTS cache

To do this:

1. in Chrome, type chrome://net-internals/#hsts
2. enter the domain name in the text field of the "Delete domain security policies" section
3. click on the Delete button
4. enter the domain name in the text field of the "Query HSTS" section
5. click on the Query button
6. the response should be "Not found"
7. with Safari, start by closing the browser
8. delete the file ~/Library/Cookies/HSTS.plist
9. reopen Safari
10. with Firefox, close all tabs
11. open the Firefox menu and click on History / Show History.
12. search for the page for which you want to remove HSTS preferences
13. right-click on one of the entries corresponding to it
14. choose Forget this site

This guide explains how to install a free SSL certificate from Let's Encrypt on a website hosted by Infomaniak.

Installing a Free SSL Certificate on a Website

To access Web Hosting and install an SSL certificate:

1. Log in to the Infomaniak Manager (manager.infomaniak.com) from a web browser like Brave or Firefox
2. Click on the ‍ icon at the top right of the interface (or navigate using the left sidebar menu, for example)
3. Choose Website (under Web & Domain)
4. Click on the name of the relevant object in the displayed table
5. Click on SSL Certificates in the left sidebar menu
6. Click the blue Install an SSL certificate button
   
7. Choose the site where the certificate should be installed
8. Select Free SSL Certificates and click Save
9. You will receive a confirmation email when the SSL certificate is installed

Once the certificate is installed, your website will be accessible via both http and https. If necessary, redirect all your visitors automatically to the secure https site.
 

If you want to include a recently added alias domain to your site that already had a certificate, you need to update it.
 

For multiple subdomains, refer to this guide (click here).

Limitations

Let's Encrypt limits certificate installations to:

• 100 subdomains
• 20 certificates per registered domain in 7 days
• 5 failed requests per account per hostname per hour

If You Encounter an Issue

If you encounter any issues, please read this guide (click here).

This guide explains what a web host like Infomaniak is and what its role is. For example, can the technical support help with designing a website or troubleshoot a bug that appeared on a user's computer?

Infomaniak, hosting provider since 1996

According to Wikipedia, a web host is a company that provides internet hosting services for various computing systems to individuals or entities who do not wish to do so by their own means.

Infomaniak is also:

• decades of experience: it is a recognized player worldwide in hosting & online solutions, who loves what it does and aims to offer high-end solutions at accessible prices while continuously improving its services based on market trends and customer needs
• over one million users in Switzerland and Europe; CHF 36.5 million in revenue in 2022 (22.43% growth in German-speaking Switzerland compared to 2021)
• company certified ISO 27001, ISO 9001, ISO 14001, ISO 50001... Infomaniak is 100% committed to sustainable and responsible development with concrete actions, such as creating the most ecological data center in Switzerland; it offsets the CO2 emissions generated by its activities and the energy used is renewable
• 100% Swiss-made technological expertise: all customer data is hosted on servers in Switzerland owned by Infomaniak; its solutions are systematically developed and maintained by hundreds of employees based in Geneva and Winterthur
• with over 1,000 articles and videos, the knowledge base allows customers to immediately find answers to the vast majority of questions, and it is always possible to contact Infomaniak support

Infomaniak's Responsibilities and Intervention Limits

As a web and mail host, Infomaniak's main activities are to install, secure, and keep servers up to date, particularly to protect them from malicious attacks.

Infomaniak also ensures to continuously evolve its web interfaces (Manager) and its infrastructure based on customer feedback, the latest technologies, and market needs. Finally, Infomaniak is also there to support its customers through the various stages of using its services.

However, Infomaniak does not intervene in server content or website development. Indeed, creating or maintaining a website is a different profession; Infomaniak employs webmasters and developers for its own site, its own applications & tools.

Technical Support Limits

In particular, the technical support department will not be able to help you with:

• solving issues related to website development (Fatal Error, etc.) or its updates
• setting up solutions (e.g., "hello, I want you to help me set up my entire Swiss Backup", “migrate my site”)
• manually installing WordPress
• remotely controlling your computer with TeamViewer or similar
  etc.

but it can assist you with:

• resolving issues related to infrastructure or the Manager
• clarifying certain processes
  etc.

A Premium support option exists for more demanding and recurring requests requiring additional time and resources from staff to assist you optimally.

Finding Help from a Webmaster

For external help related to your site's content or organizing your messaging systems, you can contact one of Infomaniak's partners.

Request a Quote

The Infomaniak quote platform lists over 1,000 verified companies in Switzerland, France, Belgium, Italy, and Spain. It is the fastest way to find a webmaster, UX designer, IT technician, web agency, or marketing and communication agency near you; or browse the directory.
 

This guide presents the DNS Diagnostic tool, which allows you to verify that the relationships between domain names and Infomaniak's Mail Service and/or Web Hosting are correct so that Mail/Web traffic is directed to the right place. This involves checking MX, A, CNAME, etc. records. The tool allows you to intervene in the configuration if needed.

You can thus detect and correct certain Mail or Web problems, especially if they are related to DNS (name servers, technical information that essentially determines where Web or Mail traffic should be directed) by acting at the level of your domain.

Diagnosing a DNS Problem

To access the DNS diagnosis of your domain name:

1. Log in to the Infomaniak Manager (manager.infomaniak.com) from a web browser like Brave or Firefox
2. Click on the icon at the top right of the interface (or navigate through the left sidebar menu, for example)
3. Select Domains (universe Web & Domain)
4. Click directly on the name of the relevant object in the displayed table
5. Click on DNS Diagnostic in the left sidebar menu
6. If DNS problems are detected, they will be indicated in red on the table
7. Correct each entry individually (1) or all entries at once (2), or if necessary and you are sure about it, ignore these warnings (3):
   

Also see the diagnosis of DNS records related to messaging.

This guide explains what you need to determine as a website visitor if you encounter a 403 error to resolve the issue.

What is a 403 error?

The HTTP 403 error code generally means that access to a resource is denied to the client by the server.

When does this error occur?

The user is not authenticated: the server requires the user to identify themselves to access the resource. This can be the case for private pages requiring authentication, for example.

The user is authenticated but does not have the necessary permissions: the server recognizes the user but does not grant access to the requested resource due to permission or role restrictions. This cause of the 403 error can be due to incorrect permissions on a folder or file. For a folder, the error message is "403 Forbidden", and for a file, it is "failed to open stream: Permission denied". In this case, you should check that the permissions of your folders/files are correct, which should be at least 644 for a file and 755 for a folder. Learn more

The user's IP address is blocked or restricted: the server may block access to a specific IP address for security reasons, protection against attacks... Learn more

The requested resource does not exist on the server: in this case, the server returns a 403 error instead of a 404 error to avoid disclosing sensitive information. If you are trying to access your homepage or a part of your site by entering an address like www.domain.xyz or www.domain.xyz/folder/, ensure that there is a homepage named "index.html or .htm or .php" placed in the correct location (at the root of your FTP space, in the /web directory, or in the /folder/ directory). Learn more

Additionally, ensure there are no uppercase letters in the file name; all file or folder names must be in lowercase, without accents or spaces.

Script-related error: if you were running a script, filling out a form, or uploading a file online and received this type of message:

Access forbidden!
You don't have permission to access the requested object.
It is either protected or unreadable by the server.
If you think this is a server error, please contact the site administrator.
Error 403

the cause may be a filter that prevents unwanted use of scripts by spammers. Indeed, Infomaniak's antivirus blocks file uploads via scripts or FTP. This means that when a hacker sends a file identified as a virus via a form, an unsecured script, or FTP, its upload is directly blocked, the file is not uploaded to the server, and the upload generates a 403 error.

In case of a false positive, contact Infomaniak support providing the URL of the page where you encounter this error message to accurately diagnose the problem.

However, there are many other cases where you might receive a "403 forbidden" message for various reasons (PHP scripts, perl, mod_security, .htaccess, etc.).

This guide explains how to order a DNS zone from Infomaniak.

Why Order a DNS Zone?

Owning the DNS zone with Infomaniak is useful if your domain name is registered elsewhere (third-party provider/registrar) and you want to easily link this domain with Infomaniak products.

Ordering a DNS Zone

1. Go to the Shop (shop.infomaniak.com)
2. Enter the name of the domain registered elsewhere
3. Click on the action button ⋮ on the right and select Order a DNS zone
   
   

Dieser Leitfaden erklärt, wie Sie einen neuen Domainnamen zu einer Infomaniak-Website hinzufügen.

Vorbemerkung

• Wenn Sie einen neuen Domainnamen zu einer Website hinzufügen, spricht man von einer verknüpften Domain oder auch von einem Alias.
• Ein Alias-Domainname in diesem Fall ist ein zusätzlicher Domainname, der ebenfalls mit einer bestehenden Website verknüpft ist.
  • Damit die Website „domain.xyz“ auch unter einem anderen Domainnamen wie „private.abc“ erreichbar ist, muss „private.abc“ als Alias der Website hinzugefügt werden.
  • Ein weiteres Beispiel: Damit die Website „domain.xyz“ auch mit „www.domain.xyz“ erreichbar ist, muss sie als Alias zur Domain „domain.xyz“ hinzugefügt werden. In diesem Beispiel ist „domain.xyz“ die Hauptdomain des Aliases „www.domain.xyz“. Der Alias „www“ wird im Allgemeinen bereits automatisch hinzugefügt und ist vorhanden…

Einen Alias zu einer bestehenden Website hinzufügen

Voraussetzungen

• Wenn der Domainname (der zum Alias werden soll) oder dessen DNS-Zone von Infomaniak verwaltet wird, ist alles in Ordnung. Andernfalls:
  • Der A-Record des Domainnamens muss auf Infomaniak verweisen.
  • Zur Vereinfachung können Sie die Domainverwaltung Infomaniak überlassen.
• Der zukünftige Alias darf auch nicht bereits ein Alias sein; in diesem Fall muss er zuvor vom aktuellen Standort getrennt werden.

Um eine zusätzliche Domain hinzuzufügen, die mit Ihrer Website verknüpft wird:

1. Hier klicken, um auf die Verwaltung Ihres Produkts im Infomaniak Manager zuzugreifen (Brauchen Sie Hilfe?).
2. Klicken Sie direkt auf den Namen des betreffenden Produkts:
   
3. Klicken Sie dann auf das Chevron-Symbol ‍, um den Abschnitt Domains dieser Website zu erweitern.
4. Klicken Sie auf die Schaltfläche Domain hinzufügen:
   
5. Geben Sie den oder die hinzuzufügenden Domainnamen ein und trennen Sie diese durch die Eingabetaste.
6. Wenn der Alias oder seine DNS-Zone von Infomaniak verwaltet wird, können Sie die DNS-Einträge automatisch aktualisieren. Andernfalls nehmen Sie die Änderungen bei Ihrem Registrar vor oder übertragen Sie die Domainverwaltung an Infomaniak.
7. Wenn Sie ein SSL-Zertifikat wie Let's Encrypt verwenden, können Sie hier eine Aktualisierung anfordern, um die neuen Namen einzuschließen.
8. Klicken Sie auf Bestätigen, um den Vorgang abzuschließen:
   

Um den Alias als Hauptdomain festzulegen, lesen Sie diesen anderen Leitfaden.

Questa guida propone soluzioni per risolvere i problemi comuni e gli errori frequenti che possono verificarsi quando si tenta di visualizzare il proprio sito web in https dopo aver attivato un certificato SSL.

Il browser web mostra automaticamente la versione http del sito quando si tenta di accedervi in https

Sono raccomandate le seguenti azioni:

• Svuotare la cache delle applicazioni o del sito web
• Verificare che le pagine e gli script del sito non contengano reindirizzamenti alla versione http del sito
• Verificare che il file .htaccess del sito non contenga reindirizzamenti alla versione http del sito
• Impostare l'indirizzo https del sito come predefinito:
  • con WordPress Infomaniak
  • per altre situazioni

Il sito web viene visualizzato male (immagini mancanti, fogli di stile non supportati, ecc.) o mostra un avviso nella barra degli indirizzi

Sono raccomandate le seguenti azioni:

• Svuotare la cache delle applicazioni o del sito web
• Verificare che le pagine e gli script non puntino a risorse esterne in http; il sito whynopadlock.com può aiutarti a identificare gli elementi non sicuri del tuo sito

"Questa pagina Web presenta un ciclo di reindirizzamento", "ERR_TOO_MANY_REDIRECTS"

Se il tuo browser Internet mostra questo errore, sono raccomandate le seguenti azioni:

• Se il sito funziona con un'applicazione web come WordPress o Joomla, disattivare le estensioni una alla volta per identificare quella che causa il problema
• Verificare che le pagine e gli script del sito non contengano reindirizzamenti alla versione http del sito
• Provare a disattivare HSTS
• Se viene utilizzato Prestashop, è necessario abilitare SSL su tutte le pagine (maggiori informazioni)

Visualizzazione di un vecchio certificato SSL - Svuotare la cache SSL

I browser web memorizzano nella cache i certificati SSL per accelerare la navigazione. Di solito, questo non è un problema. Tuttavia, quando si sviluppano pagine per il proprio sito web o si installa un nuovo certificato, lo stato SSL del browser può essere un ostacolo. Ad esempio, potresti non vedere l'icona del lucchetto nella barra degli indirizzi del browser dopo aver installato un nuovo certificato SSL.

La prima cosa da fare in questo caso è assicurarsi che il dominio punti all'indirizzo IP del server (record A e AAAA) e se il vecchio certificato SSL viene comunque restituito, svuotare la cache SSL:

• Chrome: vai su Impostazioni e clicca su Impostazioni. Fai clic su Mostra impostazioni avanzate. Nella sezione Rete, clicca su Modifica impostazioni proxy. Verrà visualizzata la finestra di dialogo Proprietà Internet. Fai clic sulla scheda Contenuto. Fai clic su Svuota stato SSL, quindi su OK. Altre indicazioni qui (clicca qui).
• Firefox: vai su Cronologia. Clicca su Cancella cronologia recente, quindi seleziona Connessioni attive e fai clic su Cancella adesso

Perdita di formattazione CSS

Se il sito web viene visualizzato senza stile CSS, analizzare il caricamento delle pagine con la Console del browser. Potrebbero esserci errori di contenuto misto (mixed content) relativi ai tuoi stili .css, che devono essere risolti affinché vengano caricati correttamente di nuovo.