This guide concerns inbound and outbound traffic permissions between different hosts at the database level.

Access...

... to databases external to Infomaniak

From a Infomaniak Web hosting, it is possible to make MySQL queries to external servers without restriction.

... from the outside to the Infomaniak databases

Access to Infomaniak databases from outside the infrastructure is only allowed with a Cloud Server (you need to open port 3306 in TCP / inbound in the firewall).

Allow external connections on MongoDB

Regarding MongoDB, you need to disable the local_only option from Fast Installer:

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the relevant product.
3. Click on Fast Installer in the left sidebar.
4. Click on MongoDB.
5. Click on the action menu ⋮ to the right of the relevant object in the displayed table.
6. Click on Configure:
   
7. Disable local_only:
   
8. Save the changes.

This guide explains how to turn on or off the mode maintenance on a website of a Accommodation Infomaniak.

Preamble

• The maintenance mode allows you to display a personalized message to your visitors, e.g. during the resolution of a technical problem.
• It is also possible to specify IP addresses that can bypass this page.
• An e-mail is sent to the users of the Organization.

Enable maintenance mode

To activate a page that temporarily replaces your usual home page:

1. Click here in order to access the management of your product on the Manager Infomaniak (Need help?).
2. Click directly on the nameallocated to the product concerned.
3. Click the toggle switch button for enable the maintenance page:
   
4. Confirm the maintenance activation.

Customize the maintenance page

To set up a page with the message of your choice:

1. Click here in order to access the management of your product on the Manager Infomaniak (Need help?).
2. Click directly on the nameallocated to the product concerned.
3. Click on Page and Maintenance in the left side menu.
4. Click on ‍ Create Page or on the button Customize if it already exists:
   
5. Lay out the text of your choice.
6. Configure View using the elements on the right.
7. Click on Save so you won't lose your edits while editing.
8. Click on Save & Enable to publish the page:
   

Allow IP addresses

It is possible to display a site even with the maintenance mode. To do this, it is necessary to provide the IP addresses of computers that must be able to bypass the maintenance mode:

1. Activate the maintenance mode according to the above procedure.
2. Go to the maintenance page configuration page (see procedure above)
3. Under Maintenanceon the right, click on Insert my IP address to allow your computer to display the site without maintenance mode.
   • It is also possible to manually enter the IPs to be allowed.
4. Click on Save and Publish.

Disable maintenance mode

To disable the message that appears on your site during maintenance:

1. Click here in order to access the management of your product on the Manager Infomaniak (Need help?).
2. Click directly on the nameallocated to the product concerned.
3. Click either on the button Disable or on the toggle switch button for disable the maintenance page:
   
4. Confirm the deactivation of maintenance.

Alternative method for WordPress

It is not recommended to activate the Infomaniak maintenance page above to then work in WordPress.

It is recommended to install a WordPress extension (There are dozens of them.) dedicated to maintenance within CMS itself.

If not, you can add the code <?php $upgrading = time(); ?> in a new empty file named .maintenance (the point before the file name is important) placed on the server at the root of your site, which disable all your pages except the WordPress homepage.

This guide explains how‍ to create subdomains on an existing Infomaniak hosting, using a .htaccess file.

Preamble

• The hosting can be on a Shared Web Hosting offer or on a Cloud Server but this function is impossible with a Starter hosting.
• Subdomains can be added very easily to your current hosting since you have 20 sites per hosting (sites = subdomains) included in the base offer.
• If you do not wish to use this available site volume, you can follow the method below.
   

Create a subdomain as a shortcut

The subdomains created in this way help to organize a hosting. For example, the address vlog.domain.xyz will be a shortcut for the address domain.xyz/vlog. In other words, the address vlog.domain.xyz will redirect to the folder vlog which must be located at the root of the website domain.xyz. In this example, vlog is the subdomain of domain.xyz.

1. Add the subdomain as an alias for your website

To do this:

1. Follow the alias addition procedure but please read points 2 and 3 below.
2. In the field to add the linked domain, enter the full address of the subdomain (e.g. vlog.domain.xyz).
3. If your domain or its DNS zone is managed by Infomaniak, enable the following two options: Update the DNS records for this domain and Replace existing entries ; if that is not the case, create a A record with your registrar with the following information:
   • field: the full URL address of the subdomain (e.g. vlog.domain.xyz)
   • target: the IPv4 address (A record) of your site (refer to this other guide to find the A record of your site)

2. Modify the .htaccess file of your website

Using your FTP software/client or the FTP Manager, add and adapt the following code in the .htaccess file located at the root of your website:

RewriteCond %{HTTP_HOST} ^(.*)\.domain\.xyz [NC]
RewriteCond %{DOCUMENT_ROOT}/%1/ -d
RewriteCond %1::%{REQUEST_URI} !^(.*?)::/\1/?
RewriteRule "^(.*)$" "%{DOCUMENT_ROOT}/%1/$1" [L]

Explanation for the third line: https://stackoverflow.com/a/15981056

Replace on the first line:

• domain with your domain name
• xyz by the extension of your domain name (ch, fr, etc.)

Now, the address vlog.domain.xyz should display the content of the vlog folder located at the root of your website. If this is not the case, check that the vlog folder actually exists at the root of your website.

This guide can help you identify and correct most type 404 or page that remains white, website that does not appear, when you type the address of your site in the browser's address bar and it is impossible to reach the hosting.

To be checked imperatively

At your level, it is strongly recommended to...

• ... check the Internet connection: visit a site like https://www.ch.ch or https://www.microsoft.com and if these addresses are not visible via a browser then you should contact your ISP (Internet Service Provider) because the problem is at your Internet connection level
• ... clear the cache of your web browser in order to refresh the page that does not seem to want to be displayed and perhaps then it will become visible; learn more
• ... check if your site is visible by other people: ask knowledge outside your network to test access to your website on the Internet or use the site https://downforeveryoneorjustme.com which will tell you in English if the site is down (off-service) that for you, or for everyone
• ... use a proxy to connect to your website from another location on the planet
• ... verify that the domain name has not expired ; be careful to make the difference between the domain name and the hosting because these two entities are distinct from each other: you can have a fully functional hosting at Infomaniak (to make sure, connect to the Manager) and a domain name that has expired (for non-payment of invoice e.g.) so make a "WHEELS" and contact the domain name registrar if necessary
• ... view the configuration file your script/CMS if you have one to check the login information (name and address of the database - username and password); learn more

If a problem persists...

We have tocontact Infomaniak support in writing with at least the following information:

1. name of the hosted site
2. your public IP address at the time of testing (visible on https://www.infomaniak.com/ip)

This guide explains how to add or modify one or more A and AAAA type records in the DNS zone (of a domain name) managed on the Manager Infomaniak.

Introduction

• This type of record allows a domain name to point to a static IP address (usually a server), type A for IPv4 and AAAA for IPv6.
• This is the method generally used to redirect your domain name to the IP address of the web server where your website is hosted. Moreover, this type of pointing is used automatically to link your domain name with your website if both are in the same place and in the same Infomaniak Organization.
• You should only modify this type of record if you have a specific configuration to implement (e.g., pointing a subdomain to an external application).

Modify the DNS zone

Refer to this other guide to manage this type of record in a DNS zone.

This guide explains how to change the server configuration of a site on Web hosting Infomaniak.

Preamble

• Apache is the HTTP server.
  • It configures with a file .htaccess placed at the root of the website.
• PHP is a programming language used to create dynamic web pages via an HTTP server.
  • It is possible to customize PHP directives with a file .user.ini which will be effective in folders and subfolders of file location .user.ini.
• Be aware of this other guide about creating files .htaccess/.user.ini.

Edit the server configuration of a site...

... through the Manager

To change PHP configuration and most settings (max_input_vars, allow_url_fopen, memory_limit, post_max_size + upload_max_filesize , etc.):

1. Click here in order to access the management of your product on the Manager Infomaniak (Need help?).
2. Click directly on the nameallocated to the product concerned.
3. Click on Manage under Advanced Parameters:
   
4. Click on the various tabs General, PHP / Apache and PHP Extensions to make the desired adjustments:
   

Do not forget to save the changes at the bottom of the page.

Be aware of this other guide if you are looking for information about limit values and opportunities for release of the latter.

... through the file .user.ini

For PHP directives who are not present on the Manager side, it is necessary to define the desired values in the file .user.ini e.g.:

max_file_uploads = 20

The list of existing directives can be found on the PHP official website but the elements with the indication PHP_INI_SYSTEM in the column Modifiable and max_input_time, memory_limit and mysqli.default_socket are not usable.

... in CLI

To customize PHP directives when executing command line scripts (CLI) or CRON tasks, it is necessary to specify the desired values in a file.user.ini.

Then, to apply these configurations, the PHP executable is used with the option -c track path to file .user.ini.

P.ex to change the memory limit available for PHP at 1024M, you can create or modify the file .user.ini using the following command:

echo 'memory_limit = 1024M' > .user.ini

This command writes the memory_limit directive with the value 1024M in the file .user.ini.

Then, when running a PHP script on the command line or in a CRON task, the PHP command will be used with the option -c to specify the file .user.ini containing custom configurations.

The following example is active allow_url_fopen for the WP CLI tool (including the ability to recover extensions):

php -d allow_url_fopen=On ~/bin/wp package install trepmal/wp-revisions-cli

• php: PHP executable
• -d allow_url_fopen=On: the option -d allows you to define a PHP configuration directive (allow_url_fopen) with the value On
• ~/bin/wp: path to the executable WP CLI
• package install trepmal/wp-revisions-cli: the specific command to install the WP CLI package trepmal/wp-revisions-cli

This ensures that the option allow_url_fopen is activated during the execution of the specified WP CLI command. Activation of allow_url_fopen may be necessary for some operations that involve opening remote URLs, such as downloading extensions or packages. Make sure that this option is enabled in a secure manner and in accordance with best security practices.

This guide explains how…

1. … generate a CSR and private key to request a third-party certificate from a Certification Authority (CA),
2. … import this certificate for your Infomaniak site, using the CRT obtained from the CA.

Preamble

• Although Infomaniak offers all the SSL certificates you might need…
  • free Let's Encrypt certs for personal sites (only possible with sites hosted at Infomaniak),
  • DV certs from Sectigo for professional/private sites that are not registered in the trade register,
  • EV certs from Sectigo for companies registered in the trade register,
• It is also possible to install an SSL certificate obtained elsewhere (intermediate certificate from a certification authority of your choice), custom or self-signed certificates.

1. Generate a CSR (Certificate Signing Request)

A CSR (Certificate Signing Request or Certificate Signing Request) is an encoded file containing the information necessary to request an SSL/TLS certificate.

It must be generated on your side to ensure that the private key remains under your control, using for example OpenSSL.

Adapt and run the following command from a terminal application (command line interface, CLI) on your device:

openssl req -utf8 -nodes -sha256 -newkey rsa:2048 -keyout domain.xyz.key -out domain.xyz.csr -addext "subjectAltName = DNS:domain.xyz, DNS:www.domain.xyz"

Explanations

• newkey rsa:2048: Generates a new 2048-bit RSA key.
• keyout domain.xyz.key: Specifies the file where the private key will be saved.
• out domain.xyz.csr: Specifies the file where the CSR will be saved.
• addext “subjectAltName = ...”: Adds additional domains via the SAN (Subject Alternative Name) extension, necessary to include all desired domains in the certificate (the main domain domain.xyz + any other associated domain or subdomain, such as www.domain.xyz).

After generation, you can check the contents of the CSR with the following command:

openssl req -in domain.xyz.csr -noout -text

This allows you to verify that all domains listed in subjectAltName are correctly included.

Once the CSR is generated, you can send it to the certification authority (CA) to obtain your SSL/TLS certificate.

2. Import the external certificate

Once validated, the CA issues a certificate (domain.xyz.crt) and sometimes an intermediate certificate (ca_bundle.crt). To access SSL certificate management:

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the relevant product.
3. Click on SSL Certificates in the left sidebar.
4. Click the blue Install a certificate button:
   
5. Choose the custom certificate.
6. Click on the Next button:
   
7. Import your certificate and private key, either by importing the .crt and .key files or by copy-pasting.
8. Click on Complete:
   

Alternative command to generate a self-signed certificate (optional)

If you want a local certificate for testing purposes only or without going through a CA (not recommended for production), you can use this command:

openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout domain.xyz.key -out domain.xyz.crt -addext “subjectAltName = DNS:domain.xyz, DNS:www.domain.xyz”

This generates both a self-signed certificate (domain.xyz.crt) and a private key (domain.xyz.key). However, self-signed certificates are not recognized as valid by public browsers or systems. They are only suitable for internal or development environments.

Import an intermediate certificate

When adding a custom SSL certificate, it is possible to import the intermediate certificate (by importing the .crt file or pasting the data provided by the certification authority):

This guide presents commands that can be executed to test a connection or a network and thus further specify the potential source of error.

Perform a Telnet…

TELNET allows you to test the connection to a server without considering all the additional settings of a mail or FTP application in order to determine the source of a problem. If the connection does not go through on an SMTP server, for example, you will need to check if your firewall is not blocking port 587 or 465.

… on macOS

1. Look for Network Utility.
2. Go to the Ping, Lookup or Traceroute tab depending on what you want to test.
3. You can also use a terminal application (command line interface, CLI) on your device and, depending on what you want to test, enter:
   traceroute [server] 
nc [server] [port] 
   Replace [server] with the server name or its IP address, same for [port]…

… on Windows

Enable Telnet in advance if necessary.

1. Use a command-line interface (CLI) application like Terminal on your device, for example by typing Run then cmd.
2. In the window that opens, depending on what you want to test, type:
   tracert [server] 
telnet [server] [port] 
   Example: telnet mail.infomaniak.com 587 (allows you to test the SMTP port if your software/email client does not allow sending emails)…

… on Android

1. Use the application Simple Telnet Client which allows you to test very simply via 2 fields to fill in (for example mail.infomaniak.com and the port 143 or 993)…

Perform a PING

PING allows you to check if a machine is accessible via the Internet. You can also use this tool to ensure you are addressing the correct machine, for example during a DNS change, by checking the IP address obtained. It is possible to perform a ping on a domain name, a hostname or an IP address.

This guide details the security measures implemented for the Infomaniak email offers to detect abusive and abnormal use of an email address.

Preamble

• Upon written, justified and authenticated request, it is possible to modify these security rules for a specific paid email address.
• For sending emails to a large number of recipients, the Newsletter tool is the most suitable.
• These measures protect you from malicious use of your computer or your account.

Daily sending limits

The number of outgoing emails per 24 hours is limited to:

• my kSuite = 500‍‍ | my kSuite+ = 1440‍
• kSuite Standard 1 max. user = 100‍ | kSuite Standard 2 min. users = 1440‍‍ | kSuite Pro = 1440‍‍ | kSuite Entreprise = 1440‍‍‍‍
• Service Mail Starter = 100‍ | Service Mail 5 addresses min. = 1440‍‍‍
• Web Hosting (PHP Mail() function - unauthenticated sends) = 50‍ | Web Hosting (authenticated sends) = 1440‍‍

1 message sent to 2, 42 or 99 people in CC/BCC counts as respectively 2, 42 and 99 messages.
 

Other email limits

• Limits on the number of recipients per email sent
• Email size limits

Git and GitHub are available at Infomaniak with all accommodation offers on...

• … Shared Web Hosting
• … Managed Cloud Server

and of course the offer Jelastic Cloud which will allow you a integration in depth versioning.