Now more and more websites begin to use the https protocol. In fact, Baidu has been supporting https since the end of 2014, and it is said that in ranking, for websites with the same weight, opening https will give preferential treatment to improve the ranking. Regardless of ranking, https is a more secure and advanced technology. As a trendsetter of the Internet, we must keep pace with the times~decisively, enable the https protocol throughout the site. The steps to start https are as follows:
1、 Request SSL Certificate
Some Xiaobai will think that opening https is just adding an s after the URL http, but it is not. HTTPS needs to verify the SSL certificate. If there is no certificate or the certificate does not match, accessing your website through https will be blocked by the browser.
SSL certificates are a necessary prerequisite for opening https. Certificates can be paid or free. All major cloud service providers, such as Tencent Cloud and Alibaba Cloud, provide free ssl certificates. The following is an example of Tencent Cloud:
1. Register Tencent Cloud
2. Associate with our company as a service provider (unnecessary condition, friendship association)
3. Apply for SSL certificate
2、 Upload SSL certificate to server
The SSL certificate compressed package downloaded from Tencent Cloud Panel contains the certificates of various server engines. You need to select your server type
For example, if we use the Nginx server, we need to upload the SSL certificate dedicated to Nginx. If it is IIS, upload the
3、 Server virtual host setting SSL certificate path
After uploading the SSL certificate, we also need to specify the path of the SSL certificate in the virtual host configuration file, otherwise an error will occur during the access.
We don't know about other servers. But the WDCP panel+Nginx configuration file we are using now is written as follows. You need to find it first
The path of your server's virtual host configuration file is/conf/vhost/hongdouh.cn.conf.
server {
listen 80;
root /www/web/hongdouh.cn/public_html;
server_name hongdouh.cn hongdouh.cn hongdouh.cn img.idedecms.mysitecdn.com;
index index.html index.php index.htm;
error_page 400 /errpage/400.html;
error_page 403 /errpage/403.html;
error_page 404 /errpage/404.html;
error_page 503 /errpage/503.html;
location ~ .php$ {
proxy_pass //127.0.0.1:88 ;
include naproxy.conf;
}
location ~ /.ht {
deny all;
}
location / {
try_files $uri @apache;
}
location @apache {
proxy_pass //127.0.0.1:88 ;
include naproxy.conf;
}
return 301 //www. $server_name$request_uri;
}
server {
listen 443 ssl;
root /www/web/hongdouh.cn/public_html;
server_name hongdouh.cn hongdouh.cn hongdouh.cn img.idedecms.mysitecdn.com;
index index.html index.php index.htm;
error_page 400 /errpage/400.html;
error_page 403 /errpage/403.html;
error_page 404 /errpage/404.html;
error_page 503 /errpage/503.html;
location ~ .php$ {
proxy_pass //127.0.0.1:88 ;
include naproxy.conf;
}
location ~ /.ht {
deny all;
}
location / {
try_files $uri @apache;
}
location @apache {
proxy_pass //127.0.0.1:88 ;
include naproxy.conf;
}
ssl_certificate /www/ssl/hongdouh.cn/1_hongdouh.cn_bundle.crt;
ssl_certificate_key /www/ssl/hongdouh.cn/2_hongdouh.cn.key;
ssl_session_timeout 5m;
}
(It seems no harm to post the configuration file code. Don't hack into our server hahahahahahahahaha)
4、 Change the reference address of website page js, css, and image resources to https
I don't need to say this. After the website starts https, resources called by http on the page will not be called.
You need to change all http resources into https calls. Remember, you can't miss any js reference or image
If a file is not referenced by https, your website can be accessed by https normally, but the address bar
The https logo of will not completely turn green, especially for 360 browsers. This means that your website has https enabled
But it is not completely standardized. Https pages that are considered to be non-standard.
Figure 1: The standard https page, in which all resources are called using https.
Figure 2. Some of the information in the non-standard https page is not called using https.
Statement: All articles on this site, unless otherwise specified or marked, are originally published on this site. No individual or organization is allowed to copy, embezzle, collect and publish the content of this website to any website, book and other media platforms without the consent of this website. If the content of this website infringes upon the legitimate rights and interests of the original author, please contact us for handling.
