Indlela yokwenza uxhulumaniso lweHTTPS? Uthini umahluko phakathi kweziza kwiHTTPS okanye i-HTTP?

Kwi-intanethi yehlabathi, abagxeki kunye nabahlaseli bemihla ngemihla bazama ukweba ulwazi lomntu. Kwixesha elidlulileyo, indlela ethandwa kakhulu yokuthunjwa yayibhekwa njengento yokuphanga. Umhlaseli ubeka endaweni yendawo yokuqala, kwaye idatha esuka kumsebenzisi iwela ezandleni zakhe (amaphasiwedi, iinombolo zamakhadi, imiyalezo yabucala, njl.). Ukujongisa le ngxaki, sakha uxhulumaniso olukhuselekileyo lweHTTPS. Ngoko ke, abalawuli beendawo bahlala bexhala malunga nendlela yokudala nokuqwalasela uxhumano lwe-https olukhuselekileyo.

Yintoni i-HTTPS kwaye kutheni kuyadingeka ?

Ngaphambi kokuba uguqule isayithi kwi-HTTPS uxhumano, kufuneka uqonde ukuba yintoni kwaye isebenza njani. I-HTTPS yinguqu ekhuselekile yenkqubo ye-HTTP (iProtokholi yokuTshintshiselwa kwe- Hypertext ), idlulisela idatha efunekayo ekusebenzeni kwamaphepha (igama lomkhangeli, ukulungiswa kwesikrini, ukufumaneka kweekhoki, njl.).

I-HTTP isetyenziswe ngabaphuhlisi ukuthumela nokufumana iinguqu, ngaphandle kwalolu xwebhu, ii-sites azikwazi ukusebenza. Zonke iifayile ezithunyelwa nge-HTTP, zingaphathwa ngokukhawuleza ngokusebenzisa indawo yokukhohlisa (ubuqhetseba).

Ngalendlela ndlela amaphasiwedi, ukungena, iinombolo zamakhadi, imiyalezo eyimfihlo kunye nolunye ulwazi olubalulekileyo lwalubiwe ngaphambili. Ukukhusela abasebenzisi kwi-phishing, baye baqulunqa izitifiketi ze-SSL kwaye baqinisekisa ubungqina babo ngaphambi kokuba baqale utshintshiselwano ngolwazi.

I-HTTPS kufuneka isetyenziswe kwiindawo zebhanki okanye kwiivenkile ze-intanethi. Ukuba ezi zixhobo asinaso isatifikethi segedijithali, isiphequluli asiyi kuvumela uxhumano, kwaye isilumkiso malunga nengozi iya kuboniswa. Ngenxa yoko, isayithi iya kulahlekelwa yithemba labasebenzisi balo.

Yintoni isitifiketi se-SSL / TLS?

Intsha ebalulekileyo kwiHTTPS kukusetyenziswa okusemthethweni kwesitifiketi se-SSL yesigxina. Le yifayile apho zonke iinkcukacha zigcinwe (idilesi ye-IP yomncedisi, ilizwe lesayithi, i-imeyili yomnini, njl.). Umbhalo wedijithali ukhutshwe kwi-server yesayithi kunye nakumncedisi wegunya lokuqinisekisa (GoDaddy, Comodo, njl.). Ngolunye uxhumano, ezi fayile zithelekiswa, kwaye ukuba zifana, uxhumano luqhubeka. Ngaphandle koko, isilumkiso sokhuseleko sibonakala.

Abafundi abaninzi abazi indlela yokwenza uxhumano lwe-https. Isinyathelo sokuqala kukufumana isitifiketi se-SSL kwiziko elithembekileyo. Kukho iintlobo ezahlukeneyo zala maxwebhu:

• I-DV - kuphela idibansi iqinisekisiwe (kwiindawo ezincinci kunye neeblogi).
• I-OV-domain kunye nentlangano ihlolwe.
• I-EV - isheke esongeziweyo (ibha eluhlaza kunye nekhikhi kwisiphequluli kuya kuvela).

Eyona nto ikhethayo kwiivenkile kunye neebhanki yi-EV yokukhetha. Ukongezelela kukho iinkcukacha ezongezelelweyo kwifom:

• I-SGC (isekela iziphequluli ezindala).
• Wildcard (inkxaso-subdomain inkxaso).
• I-SAN (ezinye iindawo ezisemgangathweni omnye).
• IDN (inkxaso yenkalo yelizwe www).

Kwiindawo ezininzi, ukwanele ukusebenzisa isitifiketi se-DV SSL. Ixabiso elithengi kwaye liqinisekisa ukukhuselwa kwi-phishing.

Indlela yokuguqulela isayithi kwindawo yokunxibelelana olukhuselekileyo

Ukwandisa, abanikazi bezentanethi banomdla kwindlela yokudala uxhumano lwe-https olukhuselekileyo. Kule nyathelo, kuya kufuneka wenze utshintsho oluthile kwikhowudi yamaphepha. Eyona nto ibalulekileyo kukuba ubhale umgaqo owongezelelweyo kwifayile ye -htaccess. Igcina ikhowudi yokuqwalasela umncedisi wewebhu we-Apache.

Uninzi lwamahostela ewebhu lukuvumela ukuba uqwalasele isitifiketi se-SSL kumncedisi ngokusebenzisa ipaneli yokulawula. Ukufumana ulwazi oluninzi malunga nendlela yokwenza oku, qhagamshelana nomboneleli wakho wesevisi. Yonke inkqubo yokuguqulela isayithi ingahlukaniswa kwezi zigaba zilandelayo:

1. Ukufumana isitifiketi se-SSL.
2. Ukufaka isitifiketi kumncedisi.
3. Utshintsho lweekhonkco zangaphakathi zesayithi.
4. Ukuqwalasela ukuhanjiswa kwi-port 301.
5. Tshintsha amaHhobho kwii-robots.txt.

Ukuba usebenzisa uhlawulelo lokuhlawula uhlobo oluthileyo, qhagamshelana nenkonzo yokuxhasa ngesatifiketi, kwaye zonke izenzo ezongezelelweyo ziya kwenziwa ngabaqeshwa benkonzo. Inyathelo enzima kakhulu ekuphenduleni umbuzo wendlela yokwenza uxhumano lwe-https ukulungiselela ukulungiswa kwakhona .htaccess, kuba iincwadi ezininzi zeempendulo ayincedi.

Ukufumana isatifikethi nokuyifaka kwiseva

Ngokweqhinga, saqulunqa indlela yokwenza uxhumano lwe-https, masiqhubekele kwizenzo. Isinyathelo sokuqala kukufumana isitifiketi se-SSL kwelinye lamaziko ahlolwe. Kwi-Intanethi, unokufumana ezininzi iindlela ezahlukeneyo kwiixabiso ezahlukeneyo. Ngexesha langoku, ukufumana uxwebhu olukhululekile, kukho amaziko a-2:

• WoSign.
• Startssl.

Ezinye iinkonzo zifuna ukuhlawulwa. Isixa sincike kwisiqinisekiso sesitifiketi kunye nezinto zayo ezongezelelweyo (idibanisi ezininzi, inkxaso kwiiphequluli ezindala, njl.). Amaziko okuqinisekisa:

• Reg.ru.
• Godaddy.
• Ihostele.
• Symantec.
• Comodo.
• GlobalSign.
• Thawte.

Ukongezelela, abanye ababonelela ngeendawo zokubonelela banikezela abasebenzisi babo izatifikethi ze-SSL xa bethenga isicwangciso esithile sexabiso. Isayithi lesitifiketi sichaza iinkcukacha eziyimfuneko. Kodwa yonke inkqubo inamanyathelo alandelayo:

• Ukudala isicelo se-CSR;
• Ukuzalisa i-imeyile yesayithi (admin @ [idilesi yesayithi]);
• Ukuzaliswa ngolwazi malunga nomnini we-domain (kwi-EV kunye ne-OV document).

Isicelo se-CSR sibandakanya idatha jikelele yokuqinisekisa (igama lesizinda, umbutho, isixeko, iphondo, ilizwe). Emva kokuzalisa ulwazi, umsebenzisi ufumana iikhowudi ezi-2 (i-key key kunye nekhowudi ye-CSR), qi ni sekise ukuba uwasindise kwincwadi ehlukile. Thumela le khowudi ukufumana isitifiketi se-SSL kwaye ulinde ukuba kukhutshwe kwiziko.

Ngoku uye uye kwisayithi yokubamba kwaye ufumane isahlulelo se "SSL" okanye uqhagamshelane nenkxaso. Kuya kubakho ukubonelela ngolwazi malunga nekhowudi ye-CSR, ukhiye wobucala kunye nesiqinisekiso. Ungalibali ukunika inkxaso ye-SSL kwiphaneli yokusingatha.

Indlela yokudala uxhumano lwe-https ngokuqhubekayo

Emva kokubeka ifayile kwi-server, kufuneka wenze ukucwangciswa kwangaphakathi kwesiza. Kuya kubakho ukusetha i-redirect kwaye utshintshe zonke ii-link zangaphakathi ukususela ngokupheleleyo ukuya kwisihlobo.

Oko kukuthi, esikhundleni se http://site.ru/img/bg.png usethe: //site.ru/img/bg.png.

Kuyimfuneko ukususa i-HTTP kumagama oqhagamshelwano. Ukuba ungathandabuzeki, wuleza umnxeba weWEB okanye u-freelancer, uya kuwukhawuleza. Unokukhangela izixhumanisi ngokusebenzisa umhleli wekhowudi kwifayile nganye okanye ufumane yonke inkcazelo ngokukhangela kwi-PhpMyAdmin.

Emva kokumisela iinqununu, kufuneka uxelele iinjinjini zokukhangela malunga noshintsho. Vula ifayile ye robots.txt kunye nomgca woMgca: faka i-HTTPS esikhundleni se-HTTP.

Endaweni ye http://example.ru, unamathisele: https://example.ru.

Emva kokutshintsha ifayile yosesho, siza kulungiselela ukulungiswa kwesayithi ngokuzenzekelayo ukusuka kwi-HTTP ukuya kwi-HTTPS. Ngaphambi kokunyuka kwamanyathelo, jonga ukufumaneka kwesiza kwi-HTTPS protocol. Ukuba zonke izenzo ezedlulileyo zenziwa ngokuchanekileyo, ngoko ke akufanele kwenzeke amaphutha.

Ukuzenzekela ngokuzenzekelayo uxhulumaniso olukhuselekileyo, unamathisele le script kwifayili yefayili, uncedo:

Bhala kwakhonaEngine

I-RewriteCond% {HTTP: X-Forwarded-Proto}! Https

Ukubhalwa kwakhonaRwrite ^ https: //% {HTTP_HOST}% {REQUEST_URI} [L, R = 301, NE]

Kodwa kwiimeko ezininzi le ndlela ayisebenzi. Kule meko, qhagamshelana nomlawuli wokusingatha, uya kuba nakho ukwenza izicwangciso ezichanekileyo. I-redirect iya kuqala emva kokuba umncedisi uqaliswe kwakhona, ngokuqhelekileyo kungakapheli iiyure ezingama-24.

Ukongeza, kuya kufuneka utshintshe izicwangciso kwipaneli yewebhu webhu "Yandex" okanye i-Google. Kuya kuba yimfuneko kwisiqendu sesilungiselelo sokungena kwiiyilithi eziphambili kunye nokufaka i-HTTPS. Ukongeza, kuya kufuneka udlulisele:

• Sitemap.xml;
• I-URL engabikho;
• I-Geolocation;
• Uqhagamshelwano nesixhobo seDisawov kwiGoogle.

Emva koko, kuhleli ukulinda ukuphela kwe-reindexing. Ngeli xesha, umsebenzi kwisayithi uya kuncipha, kodwa ke yonke into iya kuzinza.

Indlela yokwenza uxhumano lwe-https kwi-WordPress

Iibhulogi zamanqaku kunye neefowuni zisebenza ngokubanzi kwi-WordPress, kufuneka zilandele amanyathelo afanayo ukuze zifike kwi-https (fumana isatifiketi, utshintshe izixhumanisi, njl.). Kodwa banesiseko se-plug-ins eyakhelwe kuzo zonke izenzo zomnikazi:

• I-HTTPS elula yokubuyisela;
• I-HTTPS (SSL).

Iyokuqala ithatha indawo yokuqhagamshelanisa, kwaye okwesibini ikuvumela ukuba uchaze isitifiketi se-SSL. Ukongeza, yiya kwiZixhobo-> Icandelo eliqhelekileyo. Nantsi kufuneka uguqule i-URL uze ucacise i-HTTPS protocol. Qinisekisa ukuba amaphepha amadala anxibelelwano olukhuselekileyo. Emva kokutshintsha ii-link, uqondise uqwalaselo kwaye utshintshe iifayile ze-robots.txt.

Akufuneki kubekho imibuzo malunga nendlela yokwenza uxhumano lwe-https kwisayithi. Kwiindawo ezininzi zewebhu, ukwenzela ukukhusela imodi yokukhusela, kufuneka ufune ukubhala ukuxhasa ngenkxaso. Baya kukhetha i-specialist, kwaye uya kwenza uqwalaselo.