This guide explains how to change the WordPress management password or any other Web application (Joomla, Drupal, Typo3, PrestaShop, ownCloud, etc.) installed via Infomaniak tools included in the offersWeb hosting paid.

Preamble

• Some applications also allow a change of user password directly from their dedicated interface:
  • Example: WordPress (manage users, names, passwords, roles, etc.).

Change the password of a Web app

To change the password to the administration panel of your web application, perform the following actions:

1. Click here in order to access the management of your product on the Manager Infomaniak (Need help?).
2. Click directly on the nameallocated to the product concerned:
   
3. Click on the action menu ⋮ located to the right of the relevant Web Application.
4. Click on Parameters of the application:
   
5. Click on Edit to the right of the Application:
   
6. Under Password Enter the new password (for connection to the identifier indicated above):
   
7. Click on the button Save at the bottom of the page.

This guide explains why there is a folder /icons/ within the Web Hosting.

/icons/ folder on your Web Hosting

In some cases, a folder named /icons/ is present by default on your web hosting. This folder is generally accessible via HTTP, but is not visible in the FTP directory structure (www.domain.xyz/icons/).

This directory /icons/ is often used to store specific icons or images used to display directory lists. These icons are generally used by web servers to visually represent the different types of files in directories when they are viewed through a browser.

This guide concerns the synchronization of servers via the NTP (Network Time Protocol) and the configuration of the timezone on Infomaniak servers.

Precise server synchronization via NTP

All Infomaniak servers are synchronized via the NTP protocol. The company provides its own public-accessible stratum-1 NTP servers for flexible use.

To integrate these servers into your settings, use the following entry: pool.ntp.infomaniak.ch.

The default timezone configuration is set to UTC. However, PHP functions are designed to accommodate different timezones according to specific needs.

To adjust the timezone in your PHP scripts, use the function date_default_timezone_set('UTC').

MySQL: time specifics

Infomaniak's infrastructure supports features for working with time data precisely and efficiently, taking into account time zones, which is crucial for many modern applications:

• MySQL uses a time zone database to store and manage time zone information.
• The table mysql.time_zone contains time zone data, including information about time offsets, time zone names, etc.
• The function CONVERT_TZ is used to convert a time from one timezone to another in MySQL with the following syntax: CONVERT_TZ(dt, from_tz, to_tz), where:
  • dt is the date/time to convert.
  • from_tz is the source timezone.
  • to_tz is the target timezone.
• Example: CONVERT_TZ('2024-05-14 12:00:00', 'UTC', 'America/New_York') will convert the time 12:00:00 UTC to local time in New York.

This guide provides precise information on the support for the ASP (Active Server Pages, aspx) development environment within the Infomaniak infrastructure.

ASP support

The Web hosting and Cloud Servers services are based on an Apache server architecture that does not natively support the Apache::ASP module.

However, it is possible to install and configure this ASP environment on VPS Cloud Infomaniak.

This guide explains how to add IP addresses to the whitelist of an Infomaniak Web site.

Preamble

• Allowing IP addresses on xmlrpc.php enables access to URLs that are blocked by default due to being considered risky.
• This type of blocking is effective on all recent servers.
• Regarding WordPress, its XML-RPC feature is only available by default through Infomaniak services and JetPack for security reasons.

Add IP addresses to the xmlrpc.php whitelist

To access the website management:

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the relevant product:
3. Click on Manage under Advanced Settings:
   
4. Click on the PHP / Apache tab.
5. Complete the relevant line:
   
6. Click the button to save.

This guide helps resolve an error of type "Invalid query: MySQL server has gone away".

Preamble

• This type of error often originates from keeping a MySQL connection open without submitting requests for a period of time beyond which the connection is closed: http://dev.mysql.com/doc/refman/5.7/en/gone-away.html
• The variables wait_timeout and interactive_timeout that control this disconnection are set to 30 seconds: http://dev.mysql.com/doc/refman/5.0/en/communication-errors.html

Solutions

To avoid the "MySQL server has gone away" error, here are several possible approaches:

Verification and automatic reconnection

Before executing a query, it is recommended to test if the MySQL connection is still active. If the connection has been closed, you can automatically re-establish it before proceeding with your query. Here is an example in PHP:

if (!mysqli_ping($connexion)) {
mysqli_close($connexion);
$connexion = mysqli_connect($host, $user, $password, $database);
}

The function mysqli_ping() checks if the connection is still valid. If it is not, the script closes the connection and opens a new one.

Regular "Ping" sending

Another method is to run a script that regularly sends a "ping" to the database to keep the connection active. For example, you could create a scheduled task (cron job) that sends a light query, such as SELECT 1; at regular intervals.

Adjusting MySQL parameters (Cloud Server)

With a Cloud Server, you can increase the values of the variables wait_timeout and interactive_timeout from the MySQL menu of your server to extend the duration of the connection before it is closed.

This guide explains how to set up a WordPress network to manage multiple sites from a single WordPress installation, with URLs like site1.domain.xyz, site2.domain.xyz, or even domain1.com, domain2.com, etc.

WordPress multisite installation

To begin:

1. Install WordPress via Infomaniak on your hosting space with a main domain name:
   
   • This first WordPress site must be reachable and function correctly:
     
2. Log in via FTP.
3. Edit the wp-config.php file of this first WordPress site concerned.
4. Above the line "/* That's all, stop editing! Happy blogging. */" (#94) copy and paste the code define('WP_ALLOW_MULTISITE', true);:
   
   
    
5. Save your changes.
6. Then log in to the administration of your WordPress site.
7. Temporarily disable all WordPress plugins:
   
8. Go to the TOOLS menu to create a Network:
   
9. Choose the method for creating your different WordPress sites (on subdomains)…
10. Click on the installation button:
    
11. Add the instructions displayed on the screen to the wp-config.php and .htaccess on the server.
12. After reconnecting to your WordPress, you will get a new menu "My Sites" where you can add and manage your different sites on the same network:
    
13. In the Manager, add an alias to your site in the form *.your-domain-here (the asterisk allows you to create a wildcard alias) with DNS update so that the correct CNAME is automatically added to the zone:
    
14. Install or update your SSL certificates:
    
15. When you create a new site within the network, by naming it for example home2 it will become accessible via home2.domain.xyz and so on:
    

This guide is for you if you wish to perform vulnerability tests on your site/server hosted by Infomaniak.

Allowed and restricted

You are free to perform vulnerability tests (SQL injection, XSS, etc.), intrusion, or penetration testing (pentest) on your Infomaniak hosting only under the following conditions:

• … between 9 AM and 5 PM CET
• … from Monday to Friday
• … with the minimum number of attack packets regardless of the software used (AppScan for example)
• … without ever performing a single DoS or DDoS (Denial of Service) attack
• … while respecting the Infomaniak Terms of Service, particularly the shared service framework

This guide explains how to resolve a problem with importing a .csv file into a MySQL table. The proposed alternative is to read the CSV file line by line with PHP and insert the data into the MySQL database.

Disabled “LOAD DATA LOCAL INFILE” function

The LOAD DATA LOCAL INFILE function allows importing a CSV file directly into a MySQL table. However, this feature is often exploited by attackers to gain unauthorized access to sites hosted on servers that accept it.

To prevent any security risks and protect customer data, Infomaniak has disabled the LOAD DATA LOCAL INFILE function. Users who import their CSV files via phpMyAdmin (without checking the “CSV via LOAD DATA” option) are not affected.

Here is an alternative method to import data in CSV format into a MySQL table. The example below shows how to properly handle errors when opening the CSV file and inserting the data into the database.

This script uses mysqli to connect to the database and prepared statements to insert the data. This ensures better security, optimal compatibility with recent versions of PHP, and simple integration into your project, whether in an existing script or a new file located in the /web directory:

$fileName = "data.csv";

// Connect to MySQL database using mysqli
$link = new mysqli("localhost", "username", "password", "database");

// Check database connection
if ($link->connect_error) {
   die("Connection failed: " . $link->connect_error);
}

// Open the CSV file for reading
if (($handle = fopen($fileName, "r")) !== FALSE) {

   // Read each line of the CSV file
   while (($data = fgetcsv($handle, 1000, ";")) !== FALSE) {

       // Prepare the SQL query dynamically
       $query = "INSERT INTO `test` VALUES (" . str_repeat('?,', count($data) - 1) . "?)";
       $stmt = $link->prepare($query);

       // Check if query preparation was successful
       if ($stmt === FALSE) {
           die("Query preparation failed: " . $link->error);
       }

       // Bind parameters (assuming all columns are strings)
       $types = str_repeat('s', count($data));
       $stmt->bind_param($types, ...$data);

       // Execute the query
       if (!$stmt->execute()) {
           die("Query execution failed: " . $stmt->error);
       }

       // Close the statement
       $stmt->close();
   }

   // Close the CSV file
   fclose($handle);

} else {
   echo "Error: unable to open the file.\n";
   exit(1);
}

// Close the database connection
$link->close();
?>

Get help

Unfortunately, it is not possible to precisely indicate where in the script these lines of code should be inserted.

If this method causes issues (for example, when importing multiple CSV files simultaneously without an error message), it is possible that the table structure or field indexing is the cause. In this case, contact your webmaster for verification.

Also, refer to the official PHP documentation regarding the fgetcsv() function.

This guide presents the DNS Diagnostic tool, which allows you to check that the relationships between…

• DOMAIN NAME at Infomaniak
  
  and
   
• WEB HOSTING at Infomaniak

… are correct, so that Web traffic goes to the right place.

Introduction

• To check, the tool verifies the A, CNAME records, etc.
• You will thus be able to detect and correct certain web issues, especially if they are related to DNS (technical information that, broadly speaking, determines where such and such web traffic should be directed) by acting at the level of your domain.
• Automatic correction is only possible when the domain name is present in the same Organization as the product to which it must be attached.
  • If this is not the case, then the correction will need to be done manually.

Diagnose a DNS issue

To access the DNS diagnostic for your domain name:

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the product in question.
3. Click on Web in the left sidebar.
4. Click on DNS Diagnostic in the left sidebar:
   
   • If DNS issues are detected, a red display on the table indicates this:
     1. Correct each error individually by clicking on the action menu ⋮ located to the right of the concerned element…
     2. … or all errors at once…
     3. … or, if necessary and you are sure, ignore these warnings.

Refer to this other guide regarding the same automatic verification process but for Mail Services.

This guide concerns the homepage names that can be used on your Web Hosting Infomaniak, and which will be prioritized when a visitor accesses your website via its domain name.

Preamble

• The default homepages on a web server are the first pages that display when a user accesses a website without specifying a particular file.
• If you simply enter http://domain.xyz in your browser's address bar, the web server will look for a default home page to display, for example index.html, index.php, index.htm, or other similar variations.

Homepage priority order

Here are the default pages loaded in order of priority at Infomaniak:

1. index.html
2. index.htm
3. home.html
4. home.htm
5. default.html
6. default.htm
7. index.cgi
8. index.php
9. index.php5
10. index.php4
11. index.php3
12. default.php
13. home.php
14. welcome.php

In summary:

• If you have 2 pages at the root of your hosting, thanks to the ranking above, you will notice that index.php is recognized as a priority over welcome.php.
• It can also be deduced that if you only have welcome.php as a page in the root folder, it will be loaded and function as the homepage.
• If you have a page accueil.html, it will not work because this name is not on the list.
• When you type www.domaine.xyz into the browser, only index.php will automatically display (and to display welcome.php you will need to type the exact page name www.domaine.xyz/welcome.php).

Customize the default homepage

To set a different default home page, add DirectoryIndex followed by the appropriate pages in the .htaccess file:

DirectoryIndex accueil.html index.php index.html

This means that the web server will first look for a file named accueil.html. If it does not find accueil.php, it will look for index.php, then index.html.

To avoid an error “Create a database: no privilege” you must go through the Manager Infomaniak and not through phpMyAdmin to add a new database.

This guide explains how to obtain information about the presence of a cache system on a site using the curl command.

Preamble

• In the world of programming and system administration, it is often necessary to determine if a website uses a caching system to improve its performance.
• Caching systems like Fastly are commonly used to temporarily store data to serve it faster to users.
• By following these steps, you will be able to determine if a website uses a caching system to improve its performance and understand the operation and optimization of websites.

Using the curl command

curl is a command-line tool for transferring data using URLs.

The option -svo /dev/null is used to perform a silent request (-s), display detailed information about the request (-v) and redirect the output data to /dev/null to ignore it (/dev/null is a special device on Unix/Linux systems that acts like a trash can). -H "Fastly-Debug: true" is an HTTP header added to the request to request Fastly-specific debugging information.

Run the command

Run the following command from a Terminal type application (command-line interface, CLI / Command Line Interface) on your device:

curl -svo /dev/null [url] -H “Fastly-Debug: true”

and replace [url] with the address of the website you want to check.

If the site uses Fastly or another similar caching system, you will see specific debugging information in the command output. The details provided may include information about HTTP requests and responses, as well as information about the cache and performance.

This guide explains how to enable the MultiViews option via a .htaccess file on sites hosted by Infomaniak.

Preamble

• In some cases, the MultiViews option must be enabled to handle redirection and URL rewriting issues. Example:
  • If the configuration folder and the configuration.php file are located at the root of your site and you try to access the address mon-site.com/configuration to reach the configuration.php file, the MultiViews option must be enabled.

Enable the MultiViews option

To do this:

1. Open or create the .htaccess file located at the root of the relevant site.

2. Add the following directive:

   Options +MultiViews

3. Save the changes.

This guide concerns ImageMagick, a powerful solution for image manipulation, which you can install on a Web Hosting Infomaniak.

ImageMagick and alternatives

These image manipulation solutions are compatible with Web Hosting and Cloud Servers:

1. ImageMagick: the main software suite for versatile image manipulation via the command line
2. PerlMagick: Perl interface to integrate ImageMagick functionalities into Perl scripts
3. Perl Module Image::Magick: Perl extension to access ImageMagick features without specifying the absolute path of the executable
4. GD 2.x: open-source graphics library offering similar functionalities to ImageMagick, often used in web development contexts
5. Gallery 2: an online image gallery management platform compatible with ImageMagick

If necessary, the path for ImageMagick is standard since it is installed through the Debian repository:

/usr/bin

and for the Perl module Image::Magick:

/usr/local/bin/convert

or without specifying the absolute path:

$ perl -e 'use Image::Magick';

All ImageMagick commands are under /usr/bin/:

/usr/bin/animate
/usr/bin/compare
/usr/bin/composite
/usr/bin/conjure
/usr/bin/convert
/usr/bin/display
/usr/bin/identify
/usr/bin/import
/usr/bin/mogrify
/usr/bin/montage
/usr/bin/stream

This guide details "502 Bad Gateway" errors that can occur when visiting a website.

Introduction

• The 502 Bad Gateway error occurs when the server acting as a gateway between the browser and the origin web server receives an invalid response.
• This error can be caused by an overloaded web server, communication issues between a CDN and the hosting web server, or a misconfigured proxy server.
• Sometimes, the error may be caused by a bad entry in the DNS server.

Troubleshooting steps

To resolve the 502 Bad Gateway error, you often need to troubleshoot by elimination:

• Check if the server is not temporarily overloaded: simply reload the page after a few minutes for the error to disappear.
• Clear the browser cache.
• Try using another browser.

This guide explains how to view file activity on the server of your hosting Infomaniak.

FTP activity logs

To find out about the activity of exchanges on your FTP space, contact Infomaniak support to request FTP logs by first authenticating with the credentials corresponding to the management of your web hosting.

Help reading logs: http://www.castaglia.org/proftpd/doc/xferlog.html

This guide explains how to optimize web resource caching using HTTP headers.

Preamble

• A good caching strategy can significantly improve your site's performance by avoiding the unnecessary retransmission of unchanged files.
• Web caching relies on two complementary mechanisms:
  1. The cache validity duration (via the Expires header) which indicates how long a resource can be reused without contacting the server.
  2. Conditional validation (via the Last-Modified/If-Modified-Since headers) which allows checking if a resource has changed before re-downloading it.

Configuring cache duration with Expires

The Expires header allows specifying a duration during which the browser can directly reuse resources from its local cache. Here's how to configure it in your .htaccess file:

1. Create or open the .htaccess file at the root of your site (usually in /web or /sites/domain.xyz).

2. Add the configuration of the expires module:

   <IfModule mod_expires.c>

3. Define the appropriate cache durations for each type of resource:

   ExpiresActive On
   ExpiresByType text/html "access plus 1 week"
   ExpiresByType image/jpeg "access plus 1 month"
   ExpiresByType text/css "access plus 1 month"
   ExpiresByType application/javascript "access plus 1 month"

   These directives mean that:

   • HTML pages will be cached for one week.
   • JPEG images, CSS files, and JavaScript will be kept for one month.

   Adjust these durations according to the update frequency of your resources.

4. Close the configuration section:

   </IfModule>

Conditional validation with Last-Modified

Even when a resource has expired in the cache, it is not always necessary to completely re-download it. The conditional validation mechanism allows the browser to check if its cached version is still up-to-date. This process works as follows:

1. The server automatically sends a Last-Modified header with each resource, indicating its last modification date.
   • Apache handles this natively for static files - no additional configuration is required.

2. When the browser requests the resource again, it sends an If-Modified-Since header containing the date it has in cache:

   GET /resource HTTP/1.1
   Host: www.example.com
   If-Modified-Since: Wed, 21 Oct 2015 07:28:00 GMT

3. The server compares this date with the actual file modification date:
   • If the file has not changed, it simply returns a 304 Not Modified code, thus saving bandwidth.
   • If the file has been modified, it returns the new version with a 200 OK code.

The owner "site1xxx" (e.g. site1152, site1163, site1184…) appears when the FTP user account that created the folders/files in question has been removed from the list of FTP user accounts.

To access these files again in order to modify them, you need to log in with a different FTP account in the FTP File Manager and change the owner of the files with the "Properties" button.

This guide explains how to configure PHP settings for Web Hosting directly from the command line when you run PHP scripts using PHP CLI (Command Line Interface).

Preamble

• This type of configuration can be useful when you need to temporarily modify certain parameters for a specific script or for a PHP session.
• These modifications will only be valid for the execution of the current script and will not modify the global PHP configuration.

Modify PHP CLI settings

For example, to temporarily modify the settings for a specific script without having to modify the global PHP configuration of the server, follow the method below; with the PHP CLI environment, you can specify multiple PHP parameters at the same time by separating them with spaces.

Using the -d parameter

When you run PHP from the command line, you can use the -d parameter to specify PHP configurations. This allows you to modify the PHP parameters for this specific execution. For example, to set the maximum execution time to 90 seconds, the memory limit to 256 MB, and disable safe mode, you can do it as follows:

php -d max_execution_time=90 -d memory_limit=256M -d safe_mode=Off -f test.php