Sida loo sameeyo xiriir https ah? Waa maxay farqiga u of sites in https ama HTTP?

Shabakadda caalamiga ah ee scammers oo Anonymous on joogta ah maalin walba isku dayayaan in ay ka xadaan macluumaadka shakhsiyeed. In la soo dhaafay, habka ugu caansan ee la afduubay ayaa waxaa loo arkaa phishing. Weeraryahanka badalay goobta asalka ah, iyo xogta ka user gacmihiisa (passwords, tirada card, fariimaha gaarka loo leeyahay, iyo N. sidaas on.) galay dayrta. Si loo xalliyo dhibaatada this abuuray xiriir https ammaan ah. Sidaa darteed, maamulka goobta inta badan ka walaacsan sida loo abuuro iyo reserved xiriir aamin ah https.

Waa maxay https iyo sababta ay lagama maarmaan tahay

xiriir https ah aad ka hor wareejiyo goobta waxaa lagama maarmaan ah in la fahmo waxa ay tahay iyo sida ay u shaqayso. Https waa version aamin ah HTTP (xiraysid ah Transfer Protocol), xogta lagama maarmaanka loo wareejiyey waxaa u bogagga (magaca browser, xallinta screen, joogitaanka cookie iyo wixii la mid ah. N.).

HTTP waxaa loo isticmaalaa by horumarinta loo diro loona helo doorsoomayaasha, oo aan goobaha hab maamuuska ma awoodi doonaan in ay u shaqeeyaan. All files wareejiyo via HTTP, hore si fudud dhexda laga yaabaa by hab of sites been abuur ah (phishing).

Sidoo kale, habka hore xaday passwords, magacyada user, tirada card, fariimaha qarsoodi ah, iyo macluumaad kale oo muhiim ah. Si aad u isticmaala ka phishing shahaadooyin SSL, ayaa abuurtay iyo hubinta in ay xaqiiq tahay ka hor inta isdhaafsiga macluumaadka la ilaaliyo.

Waxaa lagama maarmaan ah in la isticmaalo https on websites bangigaaga ama dukaamada online. Haddii khayraadka aanay ahayn shahaado digital, browser xiri doonta xiriir, iyo muujiyaan doonaa digniin ah oo ku saabsan khatarta ah. Sidaas darteed, goobta waa lumin doonaa, kalsoonida dadka isticmaala ay.

Waa maxay SSL shahaadada / TLS

abuurnimo ugu weyn ee isticmaalka https waa waajib Shahaadada SSL digital. Tani waa file in kaydiya macluumaadka oo dhan (cinwaanka IP ee server ka, site dalka, E-mail milkiilaha, iyo N. sidaas on.). Qoraalka waxa digital waxaa Windows XP at site server iyo server CA (GoDaddy, Comodo iyo P. m.). files la barbardhigo, iyo haddii ay isku mid yihiin, xidhiidhka ka sii soconaya, iyadoo xiriir kasta. Haddii kale digniin ammaanka muuqataa.

akhristayaasha badan oo aadan aqoon sida loo sameeyo xiriir aamin ah https. tallaabada ugu horeysay ee u baahan doontaa si aad u hesho shahaado SSL ah xarunta ku kalsoon tahay. Waxaa jira noocyo kala duwan oo dokumentiyadan:

• DV - xaqiijin kaliya domain, (waayo, goobaha yar yar iyo blogs).
• OV - domain la hubiyaa iyo ururka.
• EV - Extended Ansaxinta (waxaa jiri doona bar cagaaran iyo padlock in browser).

Most doortay dukaamada iyo baananka loo arkaa doorasho EV ah. Markaas waxaa jira aanlarabin dheeraad ah oo ah qaab:

• SGC (taageeraan daalacashada ka weyn).
• Xulashada (subdomains taageero).
• SAN (domains kale ee ka mid ah shahaado).
• IDN (domains www taageero qaran).

Waayo, goobaha ugu badan, oo ku filan si ay u isticmaalaan Shahaadada SSL DV. Isagu waa qaali ahayn iyo dadka ka difaacaa phishing.

Sida loo turjumi site galay xiriir aamin ah

Sii kordheysa, milkiilayaasha ganacsiga online ayaa xiiso u qabta sida si ay u abuuraan https a xidhiidh amaan ah. Waayo, falalkan ku yeelan doonaan in ay wax ka bedesho si bogagga code barnaamijka. Ugu muhiimsan waa in ay qoraan xeerka dheeraad ah ee faylka .htaccess. Waxaa uu kaydiyaa code loo isticmaalo in lagu rights reserved server Web ah Apache.

Kooxda martida loo web intooda badan u oggolaadaan isticmaalaya guddi ay gacanta ku reserved Shahaadada SSL for server ka. Wixii macluumaad dheeraad ah oo ku saabsan sida loo sameeyo, ka hubi bixiyahaaga adeegga. Geedi socodka turjumaad goobta oo dhan waxa loo qaybin karaa marxaladaha soo socda:

1. SSL Certificate.
2. Ku rakib shahaado on server ka.
3. Beddel links gudaha on goobta.
4. Dejinta la isugeeyey dekedda 301.
5. Beddelidda ciidammada ee robots.txt.

Haddii aad isticmaalayso nooc ka bixisay marti dhali, kadibna la xidhiidh Taageerada la shahaadada, iyo wax kasta oo tallaabo dheeraad ah si ay u qabtaan shaqaalaha adeegga. Tallaabada ugu adag ee u jawaabay su'aasha, sida loo sameeyo xiriir https, waa in la qotomiyey la isugeeyey .htaccess, sida qabnay badankiisu ma caawin.

Helitaanka shahaadada iyo u rakibi on server

In aragtida, waxaan is tusay sida loo sameeyo xiriir https ah, guurto on in ay tallaabo. Tallaabada ugu horreysa ee aad u baahan tahay in ay ka mid ka mid ah xarumaha ay baadhaan aad u hesho shahaado SSL ah. On internet-ka waxaad ka heli kartaa fursado badan oo kala duwan safafka qiimaha kala duwan. Waqtigan xaadirka ah si ay u helaan waraaqaha lacag la'aan ah, waxaa jira 2 xarun:

• WoSign.
• Startssl.

Adeegyada kale ee u baahan lacag. Inta ay ku xiran tahay nooca shahaadada iyo muuqaalada dheeraad ah (taageero multi-domain for daalacashada ka weyn, iyo N. sidaas on.). CAS:

• Reg.ru.
• Godaddy.
• Hostland.
• Iska horimaad hubeysan.
• Comodo.
• GlobalSign.
• Thawte.

Sidoo kale, qaar ka mid ah hosting siisaa dadka isticmaala ay la shahaadooyin SSL marka aad iibsato qorshe canshuur gaar ah. On site faahfaahin shahaado rinjiga falalka loo baahdo. Laakiin habka oo dhan ka kooban oo ka mid ah tallaabooyinka soo socda:

• Generation codsi CSR;
• Cinwaanka goobta buux (admin @ [address site]);
• ku buuxi macluumaadka ku saabsan milkiilaha domain, (waayo, EV iyo document OV).

codsi CSR ka mid ah macluumaadka guud ee xaqiijinta (magaca domain, urur, magaalada, gobolka, dalka). Ka dib markii buuxinta macluumaadka user helo a code 2 (fure sir ah oo CSR Code), aad hubto in ay ku kaydi faahfaahiyey qoraal gaar ah. U dir code this si aad u hesho shahaado SSL ah, oo sug inuu celintiisa xarunta.

Haddaba tag website hosting iyo raadiso «Shahaadada SSL" qaybta, ama taageero xiriir. Waxaa loo baahan yahay si ay u siiyaan macluumaad ku saabsan code -CSR, muhiimka ah ee gaarka loo leeyahay iyo shahaado. Ha illoobin in ay beddelaan on taageero SSL in web hosting guddi.

Sida loo abuuro xiriir https ku salaysan joogto ah

Ka dib u geliya file on server ka, aad u baahan tahay si ay u qabtaan qaabeynta gudaha ah ee goobta. Waxaad u baahan tahay inaad dhigay ilaa la isugeeyey iyo beddelo oo dhan links gudaha ka buuxda si ay qaraabo.

Taasi waa, halkii http://site.ru/img/bg.png set: //site.ru/img/bg.png.

Waa in laga saaro magacyada link HTTP. Haddii shaki, wac WEB-barnaamijyada ama wariye madax banaan oo, isagu waa si degdeg ah u rights reserved. Raadi tixraacyada noqon kartaa iyada oo loo marayo editor code for file kasta ah, ama si aad u ogaato macluumaadka oo dhan ku dhex search a on PhpMyAdmin.

Ka dib markii sameynta xiriir aad u baahan tahay in la qeexo matoorada search of isbedelka ka. Fur faylka iyo line martigeliyaha robots.txt: HTTP halkii gelin https.

Halkii http://example.ru insert: https://example.ru.

Ka dib markii la beddelo file raadinta loo qaybiyay si ay si toos ah u la isugeeyey site ka HTTP in https. Ka hor inta dacwadu, hubi helitaanka goobta a in maamuuska https. Haddii dhammaan tallaabooyinka hore loo dhammeeyo si sax ah, qalad waa in aan dhicin.

Si toos ah la isugeeyey in ay xiriir aamin ah, gelin script this ee file .htacess xoogaa gargaar ah:

RewriteEngine on

% RewriteCond {HTTP: X-gudbin-hoggamiye} https!

RewriteRule ^ https: //% {HTTP_HOST}% {REQUEST_URI} [L, R = 301, NE]

Laakiin xaaladaha inta ugu badan, habkan ma shaqeeyaan. Xaaladan oo kale, fadlan la xiriir maamulaha aad marti, inuu si aad u samayso goobaha ay sax noqon doona. Isugeeyey bilaabo socda ka dib markii howleheedii server ka, sida caadiga ah 24 saacadood gudahooda.

Sidoo kale waxaad u baahan tahay in la beddelo goobaha in guddi webmaster "Yandex" ama Google. Loo baahan yahay hoos tusmaynta goobaha tag barta muraayada hoose iyo rakibi https ah. Intaa waxaa dheer, baahida loo qabo in ay u guuraan,

• sitemap.xml;
• ka saarida URL;
• geolocation;
• Links Disawov Tool for Google.

Waxaa markaas ayaa weli in ay sugto reindexing ah. Muddadan, hawlaha on site waa la dhimay, laakiin markaas ka xasilin.

Sida loo sameeyo xiriir https in WordPress a

blogs Modern iyo portals inta badan ka shaqeeyaan WordPress, si ay u tagaan si ay https u baahan tahay in qaliin isku mid ah (si aad u hesho shahaado, links isbedel iyo N. sidaas on.). Laakiin waxay leeyihiin go'an of fur-tago dhisay-in ku samayn doonaa dhammaan falalka milkiilaha:

• Hagidda https fudud;
• Https (SSL).

Midkii kowaad wuxuu u badalay tixraac, iyo tan labaad oo kuu ogolaanaya in aad sheeg Shahaadada SSL. Intaa waxaa dheer, u tag Settings-> General. Halkan waxa aad u baahan tahay in la beddelo URL iyo sheeg maamuuska https ah. Hubi in bogagga jirkaan ayaa sidoo kale leedahay xiriir aamin ah. Ka dib markii la beddelo meesha of links qabtaan isugeeyey ah oo ka beddelo aad file robots.txt.

mar dambe ma ay noqon waa su'aal u kacaya sida loo sameeyo xiriir https on site. On ciidammadu web badan waxaa ka mid ah nidaam ilaaliya qori baahan oo kaliya in ay taageero. Waxay ka dhigan doonaa takhasus u leh, oo wuxuu oofin doonaa goobta.