Ukusebenzisa i-HTTPS ye-Storefronts, i-Ecommerce Web Sites, nokuningi
Ukuvikeleka kwe-intanethi kubaluleke kakhulu, kepha okwamanje kungathokozisiwe, isici sempumelelo yewebhusayithi.
Uma uzoqhuba isitolo se-intanethi noma isayithi le- Ecommerce , ngokusobala ufuna ukuqinisekisa amakhasimende ukuthi ulwazi abakunikeza ngalo kusayithi, kufaka phakathi inombolo yabo yekhadi lesikweletu, liphathwa ngokuphepha. Ukuphepha kwewebhusayithi akuyona nje izitolo ze-intanethi, noma kunjalo. Ngesikhathi izingosi ze-Ecommerce kanye nanoma yiziphi ezinye ezibhekana nolwazi olubucayi (amakhadi esikweletu, izinombolo zokuphepha kwezenhlalakahle, idatha yezimali, njll.) Abakhethiweyo abakhethekile bokuthunyelwa okuphephile, iqiniso ukuthi wonke amawebhusayithi angazuza ngokuvikeleka.
Ukuze uvikele ukuhanjiswa kwesayithi (kokubili kusuka kusayithi kuya kuzivakashi nakubasemuva babuyele esitokisini sakho sewebhu), leyo sayithi izodinga ukusebenzisa i-HTTPS - noma i-HyperText Transfer Protocol nge-Secure Sockets Layer, noma i-SSL. I-HTTPS iyi-protocol yokudlulisa idatha encrypted phezu yeWebhu. Uma othile ekuthumelela idatha yanoma yiluphi uhlobo, ukukhathazeka okunye, i-HTTPS igcina ukuthi ukudluliselwa kuphephile.
Kukhona umehluko omkhulu phakathi kokuqala kwe-HTTPS nomsebenzi wokuxhumana we-HTTP:
- I-HTTPS ixhuma ku-port 443, kuyilapho i-HTTP ivuliwe 80
- I-HTTPS ibhala phansi idatha ethunyelwe futhi itholwe nge-SSL, kanti i-HTTP iyithumela konke njengombhalo ocacile
Amakhasimende amaningi ezitolo ze-inthanethi azi ukuthi kufanele afune i- "https" ku-URL futhi afune isithonjana sokukhiya esipheqululini saso lapho enza ukuthengiselana. Uma isitolo sakho sesitolo sangasese singasebenzisi i-HTTPS, uzolahlekelwa amakhasimende futhi nawe uzozivula ngokwakho kanye nenkampani yakho kuze kube yilapho unesibopho esibucayi uma ukuntuleka kwakho kokuphepha kungalahleka idatha yomuntu yangasese. Yingakho esitolo esiningi se-intanethi samanje sisebenzisa i-HTTPS ne-SSL - kodwa njengoba sesishilo nje, ukusebenzisa iwebhusayithi ephephile akuyona kuphela izingosi ze-Ecommerce.
KuWebhu wanamuhla, wonke amasayithi angazuza ekusetshenzisweni kwe-SSL. I-Google empeleni ikhuthaza lokhu kumasayithi namuhla njengendlela yokuqinisekisa ukuthi ulwazi olusayisayithi liyiqiniso, oluvela kulowo nkampani futhi akulona umuntu ozama ukususa isayithi ngandlela-thile. Ngenxa yalokho, i-Google manje isayithi elivuzayo elisebenzisa i-SSL, okuyisinye isizathu, ngaphezulu kokuphepha okuthuthukisiwe, ukufaka lokhu kuwebhusayithi yakho.
Kuthunyelwa Idatha Efihliwe
Njengoba kukhonjisiwe ngenhla, i-HTTP ithumela idatha eqoqwe phezu kwe-Intanethi kumbhalo ocacile. Lokhu kusho ukuthi uma unesifomu ucela inombolo yekhadi lesikweletu, lelo nani lekhadi lesikweletu lingamkelwa yinoma ubani one-sniffer yepakethe. Njengoba kunamathuluzi amaningi wesofthiwe samahhala we-free sniffer atholakalayo, lokhu kungenziwa noma ngabe ubani onokuhlangenwe nakho okuncane kakhulu noma ukuqeqeshwa. Ngokuqoqa imininingwane phezu koxhumano lwe-HTTP (hhayi HTTPS), uthatha ingozi yokuthi le datha ingasetshenziswa futhi, njengoba ingabhalisiwe, isetshenziswe isela.
Okudingayo Ukubamba amakhasi aphephile
Kunezinto ezimbalwa kuphela ozidingayo ukuze ubambe amakhasi aphephile kusayithi lakho lewebhu :
- Iseva yewebhu njengo-Apache nge mod_ssl esekela ukubethela kwe-SSL
- Ikheli le-IP eliyingqayizivele - yilokho abahlinzeki bezitifiketi abasebenzisa ukuqinisekisa isitifiketi esiphephile
- Isitifiketi se-SSL esivela kumhlinzeki wesitifiketi se-SSL
Uma ungaqiniseki mayelana nezinto ezimbili zokuqala, kufanele uxhumane nomhlinzeki wakho we-Web hosting . Bayokwazi ukukutshela ukuthi ungasebenzisa i-HTTPS kuwebhusayithi yakho. Kwezinye izimo, uma usebenzisa umhlinzeki wezindleko eziphansi kakhulu, ungadinga ukushintsha izinkampani zokubamba noma ukuthuthukisa isevisi oyisebenzisayo kwenkampani yakho yamanje ukuze uthole ukuvikelwa kwe-SSL oyidingayo. Uma kunjalo - yenza ushintsho! Izinzuzo zokusebenzisa i-SSL zifanele izindleko ezengeziwe zemvelo yokubamba ngcono!
Uma Uvele Uthola Isitifiketi Sakho se-HTTPS
Uma usithenge isitifiketi se-SSL esivela kumhlinzeki ohloniphekile, umhlinzeki wakho wokusingatha uzodinga ukusetha isitifiketi kwisiphakeli sakho sewebhu ukuze ngaso sonke isikhathi ikhasi lifinyeleleke nge-https: // protocol, lihlasela iseva ephephile . Uma lokho sekusethwe, ungaqala ukwakha amakhasi akho eWeb afuna ukuvikeleka. Lawa makhasi angakhiwa ngendlela efanayo namanye amakhasi, udinga nje ukuqinisekisa ukuthi uxhumanisa ku-https esikhundleni se-http uma usebenzisa noma yiziphi izindlela zokuxhumanisa ngokuphelele kusayithi lakho kwamanye amakhasi.
Uma usuvele unayo iwebhusayithi eyakhelwe i-HTTP futhi manje ushintshele ku-HTTPS, kufanele uhlelwe kahle. Vele uhlole izixhumanisi ukuze uqiniseke ukuthi yiziphi izindlela eziphelele ezibuyekeziwe, kufaka phakathi izindlela eziya kumafayela wesithombe noma ezinye izinsiza zangaphandle ezifana namashidi e-CSS, amafayela we-JS, noma amanye amadokhumenti.
Nawa amanye amathiphu okusebenzisa i-HTTPS:
- Khomba kuwo wonke amafomu ewebhu kwi-https: // iseva. Noma nini lapho uxhuma kumafomu eWebhu kuwebhusayithi yakho, thola umkhuba wokuxhuma kubo nge-URL esebenzayo yeseva kuhlanganise ne-https: // ukubizwa. Lokhu kuzoqinisekisa ukuthi bahlale bevikelekile.
- Sebenzisa izindlela ezihambelana nezithombe kumakhasi avikelekile. Uma usebenzisa indlela ephelele (http: // www ...) yezithombe zakho, futhi lezo zithombe azikho kwisiphakeli esiphephile, amakhasimende akho azothola imilayezo yephutha ethi izinto ezifana nalezi: "Idatha engaphephile itholakele. Qhubeka?" Lokhu kungabangela ukuphazamiseka, futhi abantu abaningi bayomisa inqubo yokuthenga uma bebona lokho. Uma usebenzisa izindlela ezihlobene, izithombe zakho zizolayishwa kusuka kuseva efanayo ephephile njengalokhu lonke ikhasi.
Isihloko sokuqala sikaJennifer Krynin. Ihlelwe nguJeremy Girard ngo-9/7/7