EN Ikoula wiki - User contributions [en]

Securing my mutualized hosting

2022-09-30T13:20:36Z

Hpouchain0714d:

[[:fr:Sécuriser mon hébergement mutualisé]][[fr:Sécuriser mon hébergement mutualisé]]
[[:en:Securing my mutualized hosting]][[en:Securing my mutualized hosting]]
[[:es:Asegurar mi alojamiento compartido]][[es:Asegurar mi alojamiento compartido]]

{{#seo:
|title=Securing my mutualized hosting
|title_mode=append
|keywords=these,are,your,keywords
|description=Découvrez dans cet article comment sécuriser son hébergement mutualisé
|image=Uploaded_file.png
|image_alt=Wiki Logo
}}

==Introduction== 
You will see in this article, the different possibilities to secure your '''shared hosting'''.
 

==Sending mail==
 
So that sending email is only authorized from your shared hosting for your domain name, we invite you to set up an SPF field in the DNS zone of your domain name: https://fr-wiki.ikoula.com/fr/Qu%27est_que_le_SPF_%3F 
If an e-mail is attempted with your domain name via an unauthorized server, it will be directly put in SPAM or blocked according to the security policy of the destination e-mail server.
As a reminder, you can manage the DNS zone of your domain name like this: https://fr-wiki.ikoula.com/fr/Comment_administrer_ma_zone_DNS_depuis_mon_PLESK
 
==Password==
 
Use complex passwords whether for access to your mailboxes, FTP access, access to your Ikoula account, access to the administration interface of your CMS, access to your database.
You can use this site to generate secure passwords: https://www.motdepasse.xyz/

* To modify your FTP passwords, you can do so via the FTP access management of your Plesk interface: https://fr-wiki.ikoula.com/fr/Acc%C3%A9der_%C3%A0_la_gestion_de_mes_comptes_FTP
* To change your mailbox passwords, you can do so via the management of your mailboxes on your Plesk interface: https://fr-wiki.ikoula.com/fr/Acc%C3%A9der_%C3%A0_la_gestion_de_mes_bo%C3%AEtes_mails
* To change the password to your Ikoula account, you can do it like this: https://fr-wiki.ikoula.com/fr/Comment_changer_son_mot_de_passe
* To change your database user password, you can do so through your Plesk interface.

==Keeping your CMS up to date==
 
If you use a CMS, we invite you to keep it up to date, in fact most of the hacking comes enormously from CMS flaws:

* You can consult this site which lists the various Wordpress vulnerabilities: https://www.cvedetails.com/vulnerability-list/vendor_id-2337/product_id-4096/
* Joomla: https://www.cvedetails.com/vulnerability-list/vendor_id-3496/product_id-16499/Joomla-Joomla-.html
* Prestashop: https://www.cvedetails.com/vulnerability-list/vendor_id-8950/Prestashop.html 

These flaws are usually corrected in the proposed updates. 

Here are links that explain how to update the different CMS: 

* For Wordpress, you can update it like this: https://codex.wordpress.org/fr:Mettre_a_Jour_WordPress
* For Joomla: https://docs.joomla.org/J3.x:Updating_from_an_existing_version/en
* For Prestashop: https://addons.prestashop.com/fr/migration-donnees-auvegarde/5496-.html?pab=1&

==Plugins/themes==
 
Use trusted plugins/themes, for this we invite you to use official sites to obtain your plugins/themes, for example for Wordpress, '''you must also keep them up to date''': https://fr.wordpress.org/themes/ , https://fr.wordpress.org/plugins/

We also invite you to check the ratings/reviews of the plugins to see if other users have encountered problems with them.

==Malware Scan==
 
You have the possibility to scan your website in order to detect malware present via online tools such as: https://sitecheck.sucuri.net/

==Sending mail from an unauthorized script==
 
If an email was sent from a script, you can identify the script in question in the header of the email (https://fr-wiki.ikoula.com/fr/R%C3%A9cuperer_les_headers_de_mes_courriers) using the field : '''X-PHP-Originating-Script: scriptname.php''' , then rename/delete it accordingly so that it no longer runs.

Example of an email that was sent from a php script:

<pre>
Return-Path: <sitename@server.example.com>
Received: from [x.x.x.x] by example.com
(MTA v5/:PGFiZWxsZW5AbWFuYWdlZHNoYXJlZDIuYXJyb3dxdWljay5uZXQ_)
with SMTP id <20130717204350103198600015> for <example@example.com>;
Wed, 17 Jul 2013 20:43:50 -0500 (CDT)
(envelope-from sitename@server.example.com, notifiable emailhost server.example.com)
Received: by server.example.com (Postfix, from userid 1040)
id 888C414E32F; Wed, 17 Jul 2013 20:27:09 -0500 (CDT)
To: example@example.com
Subject: Order Detail
X-PHP-Originating-Script: 1040:kka3f2.php
From: "First-Class Mail Service" <test@example.com>
Reply-To: "First-Class Mail Service" <test@example.com>
Mime-Version: 1.0
Content-Type: multipart/alternative;boundary="----------137411082951E7446D85129"
Message-Id: <20130718012709.888C44414E32F@server.example.com>
Date: Wed, 17 Jul 2013 20:27:09 -0500 (CDT)
</pre>

We are therefore going to delete or rename the *kka3f2.php* script so that it no longer runs.
 

==Securing your Wordpress installation==
 
For wordpress, you can secure your installation like this: https://fr-wiki.ikoula.com/fr/Comment_s%C3%A9curiser_et_maintenir_son_installation_Wordpress

==Encrypt exchanges between client and server==
 
Encrypt exchanges between client and server by setting up an SSL certificate, you can use 'Let's Encrypt' on hosting with Plesk 12.5: https://fr-wiki.ikoula.com/fr/Comment_installer_un_certificat_Let%27s_encrypt_depuis_mon_acc%C3%A8s_Plesk_%3F
This allows "sniffers" not to be able to see what passes between the browser (client) and the server and therefore not to recover essential information such as passwords, important data.

We also offer SSL certificates at this address: https://www.ikoula.com/fr/certificats-ssl

==PHP Version==
 
Use the latest versions of PHP in order to overcome the various security vulnerabilities, you can change the PHP version of your hosting like this: https://fr-wiki.ikoula.com/fr/Comment_changer_la_version_de_PHP_pour_mon_h%C3%A9bergement
 
You can also consult this article to learn how to fight PHP flaws: https://www.lije-creative.com/script-php-faille/

==Permissions==
It is strongly advised not to use full rights for your files on your hosting (777), by default we advise you to use rights in '755' or '705' like this (755):
 
[[File:755wrights.png]]

[[Category: Shared Hosting]] [[Category:Web Hosting]]

Securing my mutualized hosting

2022-09-30T13:05:59Z

Hpouchain0714d: Created page with ":fr:Sécuriser mon hé..."

[[:fr:Sécuriser mon hébergement mutualisé]][[fr:Sécuriser mon hébergement mutualisé]]
[[:en:Securing my mutualized hosting]][[en:Securing my mutualized hosting]]
[[:es:Asegurar mi alojamiento compartido]][[es:Asegurar mi alojamiento compartido]]

{{#seo:
|title=Securing my mutualized hosting
|title_mode=append
|keywords=these,are,your,keywords
|description=Découvrez dans cet article comment sécuriser son hébergement mutualisé
|image=Uploaded_file.png
|image_alt=Wiki Logo
}}

==Introduction== 
You will see in this article, the different possibilities to secure your '''shared hosting'''.
 

==Sending mail==
 
So that sending email is only authorized from your shared hosting for your domain name, we invite you to set up an SPF field in the DNS zone of your domain name: https://fr-wiki.ikoula.com/en/What%27is_que_le_SPF_%3F 
If an e-mail is attempted with your domain name via an unauthorized server, it will be directly put in SPAM or blocked according to the security policy of the destination e-mail server.
As a reminder, you can manage the DNS zone of your domain name like this: https://fr-wiki.ikoula.com/fr/Comment_administration_ma_zone_DNS_depuis_mon_PLESK
 
==Password==
 
Use complex passwords whether for access to your mailboxes, FTP access, access to your Ikoula account, access to the administration interface of your CMS, access to your database.
You can use this site to generate secure passwords: https://www.motdepasse.xyz/

* To modify your FTP passwords, you can do so via the FTP access management of your Plesk interface: https://fr-wiki.ikoula.com/fr/Acc%C3%A9der_%C3%A0_la_gestion_de_mes_comptes_FTP
* To change your mailbox passwords, you can do so via the management of your mailboxes on your Plesk interface: https://fr-wiki.ikoula.com/fr/Acc%C3%A9der_%C3%A0_la_gestion_de_mes_bo%C3%AEtes_mails
* To change the password to your Ikoula account, you can do it like this: https://fr-wiki.ikoula.com/fr/Comment_changer_son_mot_de_passe
* To change your database user password, you can do so through your Plesk interface.

==Keeping your CMS up to date==
 
If you use a CMS, we invite you to keep it up to date, in fact most of the hacking comes enormously from CMS flaws:

* You can consult this site which lists the various Wordpress vulnerabilities: https://www.cvedetails.com/vulnerability-list/vendor_id-2337/product_id-4096/
* Joomla: https://www.cvedetails.com/vulnerability-list/vendor_id-3496/product_id-16499/Joomla-Joomla-.html
* Prestashop: https://www.cvedetails.com/vulnerability-list/vendor_id-8950/Prestashop.html 

These flaws are usually corrected in the proposed updates. 

Here are links that explain how to update the different CMS: 

* For Wordpress, you can update it like this: https://codex.wordpress.org/fr:Mettre_a_Jour_WordPress
* For Joomla: https://docs.joomla.org/J3.x:Updating_from_an_existing_version/en
* For Prestashop: https://addons.prestashop.com/fr/migration-donnees-auvegarde/5496-.html?pab=1&

==Plugins/themes==
 
Use trusted plugins/themes, for this we invite you to use official sites to obtain your plugins/themes, for example for Wordpress, '''you must also keep them up to date''': https://fr.wordpress.org/themes/ , https://fr.wordpress.org/plugins/

We also invite you to check the ratings/reviews of the plugins to see if other users have encountered problems with them.

==Malware Scan==
 
You have the possibility to scan your website in order to detect malware present via online tools such as: https://sitecheck.sucuri.net/

==Sending mail from an unauthorized script==
 
If an email was sent from a script, you can identify the script in question in the header of the email (https://fr-wiki.ikoula.com/fr/R%C3%A9cuperer_les_headers_de_mes_courriers) using the field : '''X-PHP-Originating-Script: scriptname.php''' , then rename/delete it accordingly so that it no longer runs.

Example of an email that was sent from a php script:

<pre>
Return-Path: <sitename@server.example.com>
Received: from [x.x.x.x] by example.com
(MTA v5/:PGFiZWxsZW5AbWFuYWdlZHNoYXJlZDIuYXJyb3dxdWljay5uZXQ_)
with SMTP id <20130717204350103198600015> for <example@example.com>;
Wed, 17 Jul 2013 20:43:50 -0500 (CDT)
(envelope-from sitename@server.example.com, notifiable emailhost server.example.com)
Received: by server.example.com (Postfix, from userid 1040)
id 888C414E32F; Wed, 17 Jul 2013 20:27:09 -0500 (CDT)
To: example@example.com
Subject: Order Detail
X-PHP-Originating-Script: 1040:kka3f2.php
From: "First-Class Mail Service" <test@example.com>
Reply-To: "First-Class Mail Service" <test@example.com>
Mime-Version: 1.0
Content-Type: multipart/alternative;boundary="----------137411082951E7446D85129"
Message-Id: <20130718012709.888C44414E32F@server.example.com>
Date: Wed, 17 Jul 2013 20:27:09 -0500 (CDT)
</pre>

We are therefore going to delete or rename the *kka3f2.php* script so that it no longer runs.
 

==Securing your Wordpress installation==
 
For wordpress, you can secure your installation like this: https://fr-wiki.ikoula.com/fr/Comment_s%C3%A9curiser_et_maintenir_son_installation_Wordpress

==Encrypt exchanges between client and server==
 
Encrypt exchanges between client and server by setting up an SSL certificate, you can use 'Let's Encrypt' on hosting with Plesk 12.5: https://fr-wiki.ikoula.com/fr/Comment_installer_un_certificat_Let%27s_encrypt_depuis_mon_acc%C3%A8s_Plesk_%3F
This allows "sniffers" not to be able to see what passes between the browser (client) and the server and therefore not to recover essential information such as passwords, important data.

We also offer SSL certificates at this address: https://www.ikoula.com/fr/certificats-ssl

==PHP Version==
 
Use the latest versions of PHP in order to overcome the various security vulnerabilities, you can change the PHP version of your hosting like this: https://fr-wiki.ikoula.com/fr/Comment_changer_la_version_de_PHP_pour_mon_h%C3%A9bergement
 
You can also consult this article to learn how to fight PHP flaws: https://www.lije-creative.com/script-php-faille/

==Permissions==
It is strongly advised not to use full rights for your files on your hosting (777), by default we advise you to use rights in '755' or '705' like this (755):
 
[[File:755wrights.png]]

[[Category: Shared Hosting]] [[Category:Web Hosting]]

File:755wrights.png

2022-09-30T13:05:29Z

Hpouchain0714d:

Acronis snapAPI module update

2022-06-07T09:27:44Z

Hpouchain0714d:

[[:fr:Acronis mise à jour module snapAPI]][[fr:Acronis mise à jour module snapAPI]]
[[:en:Acronis snapAPI module update]][[en:Acronis snapAPI module update]]

{{#seo:
|title=RDP-Acronis mise à jour module snapAPI
|title_mode=append
|keywords=these,are,your,keywords
|description=Acronis mise à jour module snapAPI
|image=Uploaded_file.png
|image_alt=Wiki Logo
}}

=Introduction=
This procedure explains how to correctly update your server's kernel in case you have an Acronis Backup agent.

=Kernel and headers update=
To update the server kernel do the following command:

apt-get install linux-image-`uname -r`

Then update the headers:

apt-get install linux-headers-`uname -r`

You must then restart the server because a new kernel has been installed. 
Downloading the headers corresponding to the new kernel is necessary for the Acronis agent to compile in such a way as to be compatible with the new kernel on restart.

=Other case=
In case the server kernel has been updated and then restarted without the new headers, Acronis backups will fail with the following error:

[[File:Acronis snapapi error.png|500px]]

In this case, connect to the server and check the version of the running kernel:

uname -r

Then check the version of the headers present:

dpkg --get-selections | grep linux-headers

If the result does not show headers with the same version as the current kernel, then install the new headers like this:

apt-get install linux-headers-`uname -r`

Finally, recompile the snapAPI with the new version by restarting the dkms service, and restarting the Acronis agent:

service dkms_autoinstaller restart
service acronis_mms restart

The backups should now work again without problems with snapAPI.

=Conclusion=
It is very strongly recommended when updating the kernel of your servers, to also update the corresponding headers. 
This avoids many application problems related to the change of kernel.

[[Category:Acronis]] [[Category:Backup]]

Acronis snapAPI module update

2022-06-07T09:18:12Z

Hpouchain0714d: Created page with ":fr:Acronis mise à jour mod..."

[[:fr:Acronis mise à jour module snapAPI]][[fr:Acronis mise à jour module snapAPI]]
[[:en:Acronis snapAPI module update]][[en:Acronis snapAPI module update]]

{{#seo:
|title=RDP-Acronis mise à jour module snapAPI
|title_mode=append
|keywords=these,are,your,keywords
|description=Acronis mise à jour module snapAPI
|image=Uploaded_file.png
|image_alt=Wiki Logo
}}

=Introduction=
This procedure explains how to correctly update your server's kernel in case you have an Acronis Backup agent.

=Kernel and headers update=
To update the server kernel do the following command:

sudo apt-get install linux-image-`uname -r`

Then update the headers:

sudo apt-get install linux-headers-`uname -r`

You must then restart the server because a new kernel has been installed. 
Downloading the headers corresponding to the new kernel is necessary for the Acronis agent to compile in such a way as to be compatible with the new kernel on restart.

=Other case=
In case the server kernel has been updated and then restarted without the new headers, Acronis backups will fail with the following error:

[[File:Acronis snapapi error.png|500px]]

In this case, connect to the server and check the version of the running kernel:

uname -r

Then check the version of the headers present:

dpkg --get-selections | grep linux-headers

If the result does not show headers with the same version as the current kernel, then install the new headers like this:

sudo apt-get install linux-headers-`uname -r`

Finally, recompile the snapAPI with the new version by restarting the dkms service, and restarting the Acronis agent:

service dkms_autoinstaller restart
service acronis_mms restart

The backups should now work again without problems with snapAPI.

=Conclusion=
It is very strongly recommended when updating the kernel of your servers, to also update the corresponding headers. 
This avoids many application problems related to the change of kernel.

[[Category:Acronis]] [[Category:Backup]]

File:Acronis snapapi error.png

2022-06-07T09:16:21Z

Hpouchain0714d:

Cancel a subscription

2022-02-01T16:15:16Z

Hpouchain0714d:

[[:en: Cancel a subscription]][[en:Cancel a subscription]]
[[:nl:Een abonnement opzeggen]][[nl:Een abonnement opzeggen]]

{{#seo:
|title=Cancel a subscription
|title_mode=append
|keywords=these,are,your,keywords
|description=Cancel a subscription
|image=Uploaded_file.png
|image_alt=Wiki Logo
}}

==Introduction==

Here you will find how to cancel a subscription.

==How==

Go to your customer area and login : https://signup.ikoula.com/

 
Then click on the name of the service you want to cancel and click on '''management''':
 

[[File:management.png |900px]]

 
Scroll down to the bottom of the page and click on "Request Cancellation":
 

[[File:cancellation.png |300px]]



[[Category:Customer_area]]

File:Interface client upgrade2.png

2022-01-25T14:34:49Z

Hpouchain0714d:

How to order an upgrade for my server

2022-01-25T14:33:06Z

Hpouchain0714d: Created page with ":en:How to order an upg..."

[[:en:How to order an upgrade for my server]][[en:How to order an upgrade for my server]]
[[:fr:Comment commander une upgrade pour mon serveur]][[fr:Comment commander une upgrade pour mon serveur]]

{{#seo:
|title=Comment commander une upgrade pour mon serveur
|title_mode=append
|keywords=these,are,your,keywords
|description=Comment commander une upgrade pour mon serveur
|image=Uploaded_file.png
|image_alt=Wiki Logo
}}

==Introduction==
Here is how you can improve the performance of your dedicated server or VPS with an upgrade.

==Client Interface ==
To do this, log in to your client interface: https://commande.ikoula.com/

Once connected, click on the service you want to upgrade.
[[File:Interface client1.png]]

Then click on "Update / Upgrade".
[[File:Interface client upgrade1.png]]

 
 
===Upgrade interface===
You will then arrive on the upgrade interface.
Here you can choose to upgrade according to the server (storage, RAM, RAID, OS etc...) with the descending lists.
You can also choose to add applications to the default installation of your server.
[[File:Interface client upgrade2.png]]

Once all of your upgrades have been selected, you can click on "Continue" and proceed to payment if necessary.

/!\ Warning: Depending on the updates chosen, physical intervention on your machine may be necessary.
In that case the technical support will come back to you by ticket to schedule a date and time of intervention to upgrade your server.

[[Category: Dedicated Server]]
[[Category: VPS Server]]
[[Category:Interface]]

File:Interface client upgrade1.png

2022-01-25T14:21:31Z

Hpouchain0714d:

File:Interface client1.png

2022-01-25T14:20:50Z

Hpouchain0714d:

File:Int client3.PNG

2022-01-25T13:12:02Z

Hpouchain0714d:

File:Int client2.PNG

2022-01-25T13:11:49Z

Hpouchain0714d:

File:Int client1.PNG

2022-01-25T13:11:34Z

Hpouchain0714d:

File:Plesk login.PNG

2022-01-25T13:11:22Z

Hpouchain0714d:

File:Plesk interface.PNG

2022-01-25T13:10:58Z

Hpouchain0714d: