Subdomains / SSL

This is where you manage your subdomains. You can create an unlimited number of subdomains. Each subdomain has its own webroot directory within /public_html, separate from the main domain (/public_html/www) and the other subdomains. The web server logs (Apache) are collected in /var/www/web999/logs/access.log where the subdomain can be seen from the second last parameter of each line.

Add Subdomain

Click on to create a new subdomain. Only the subdomain name is required here. However, once the subdomain has been created, you can make additional settings.

Most changes to your subdomain can be made via the «Edit subdomain» action button (pencil icon).

Subdomain Name

The following restrictions apply to the subdomain name:

The primary subdomain www may not be renamed, deactivated or removed.
The subdomain name must not contain any special characters.
No secondary subdomains (e.g. my.sub.example.com) are supported.

Please note that when deleting a subdomain, all data of the respective subdomain directory will be irrevocably deleted.

Rename Subdomain

Via FTPS or SSH you only have write permissions within the subdomain directory. However, you cannot rename or move any subdomains directly in the file system under /public_html. To do this, use the Edit subdomain button, where you can change the subdomain name.

PHP Version

An individual PHP version can be defined for each subdomain (but not for each subdirectory of a subdomain!). The PHP versions can be configured in our PHP Manager.

This allows you to prepare a new release of your website under a new subdomain and test it under a new PHP version if necessary. If you then want to go live with it, please use the «subdomain swapping» feature, see below.

Subdomain Catchall

This feature is switched off by default and is only available on the primary subdomain (www). All subdomains that are not explicitly created via subdomain management are redirected to the primary subdomain (www).

If Subdomain Catchall is activated, all subdomains *.virtual-host.ch that are not explicitly set up will point directly to the main directory of your website (public_html/www/) without triggering a domain redirect. This is particularly suitable for a subdomain-based WordPress Multisite. In addition, a wildcard DNS record would need to be created as CNAME so that all subdomains point to our web server:

*.virtual-host.ch.		IN CNAME virtual-host.ch.

ATTENTION: If a subdomain is explicitly created via our subdomain manager, it will point to an independent directory (public_html/SUBDOMAIN/) even if the subdomain catchall is activated, thus overriding the catchall.

Also, you never need to manually create a CNAME in your DNS zone for a subdomain which is explicitly created here.

Relative Webroot

WARNING

Only change the relative webroot if you know what you are doing!

With modern frameworks such as Laravel, it is common for the webroot to be located within a subdirectory. For example, you can set the relative webroot to /public/. This is a subdirectory of the web directory of your subdomain, public_html/www (using the main domain as an example) or public_html/demo/ (using the subdomain «demo» as an example).

Please note that this directory must already exist before you can make this change.

After such a change, you need to wait about 1 minute until the web server is reconfigured and the webroot points to the corresponding directory.

Subdomain Swapping

If you want to swap the content of a subdomain with the content of another subdomain or the main domain (www), please use our Subdomain Swapping feature. Select «Swap Subdomain» in the action menu of a subdomain and then select the target subdomain with which the contents should be swapped. Any SSL certificates that have already been set up will be retained.

With a subdomain swap, the following settings of the two subdomains are also swapped:

Relative web root
PHP version
Auto-index

Subdomain swapping is therefore suitable for going live with a website that you have previously developed under subdomain relaunch, for example, and then want to switch to www.

Domain Name Preference

Here you can influence whether your domain is made available with or without www. By default, the domain works both with and without the www prefix.

www only: The website will only be accessible via www. The URL without www will be redirected to the www version. ATTENTION: This setting only applies to domains that point to this subdomain as domain pointing. The effective URL of the subdomain also remains available without www prefix.
without www (default for subdomains): The website will only be accessible without www. The www version will be redirected to the non-www version.
with & without www (default for main domain): The website will be accessible with and without www.

Autoindex

If you have activated Autoindex, the directory contents of all folders will be displayed. This is particularly helpful if you want to offer several files for download but don't have the time to create a website with the download links. The directories to be published must not contain any index files (e.g. index.php, index.html, ...) so that the automatic directory listing can be displayed.

This setting applies globally for the entire subdomain and cannot be switched on/off separately for each individual subdirectory.

Autoindex corresponds to Apache's Options +Indexes (see Apache documentation on Options Directive). We also allow you to set Options +Indexes directly in the respective directories via .htaccess. For security reasons, however, we prevent you from changing the other Options via .htaccess.

ATTENTION

We advise against activating the Autoindex option, as this may expose entire directory contents that you do not wish to publish. So please only activate it if you know what you are doing.

Temporary URL

This function is activated by default.

As an alternative to your domain, the website is available at the following URL: demo.web999.onlime.ch (using the subdomain «demo» as an example).

This ensures that your website is always accessible, even if the DNS entries for the domain do not (yet) point to the correct web server. This alternative URL is suitable for testing before you go live with your domain. However, if you want to prevent search engines from indexing this URL, you can deactivate this option here.

Clickjacking Protection

Your website can usually be included in a frameset on a third-party website (with the following HTML tags: object, frameset, iframe). This option has been abused in various ways in the past. The potential for abuse is extremely low, unless your website is a service such as Facebook or you are very well known. In this case, you can activate this protection here.

INFO

Clickjacking is a technique in which a hacker or scammer overlays the display of a website and then tricks its users to make seemingly harmless mouse clicks and/or keystrokes. The X-Frame-Options header provides a remedy. For further technical information, consult Wikipedia or Mozilla.

UPDATE Feb 2022: As additional protection, the corresponding Content-Security-Policy: frame-ancestors (CSP) headers are now also set. However, to maintain compatibility with old browsers, the X-Frame-Options header remains in use.

SAMEORIGIN:

http

X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self';

DENY:

http

X-Frame-Options: DENY
Content-Security-Policy: frame-ancestors 'none';

Subdomains / SSL ​

Add Subdomain ​

Subdomain Name ​

PHP Version ​

Subdomain Catchall ​

Relative Webroot ​

Subdomain Swapping ​

Domain Name Preference ​

Autoindex ​

Temporary URL ​

Clickjacking Protection ​