Malo apano: Chen Weiliang Blog » HestiaCP » Momwe mungatsegulire satifiketi za SSL (kuphatikizanso HTTPS kuwongolera & HSTS) kwa ma subdomain a HestiaCP m'magulu?

Momwe mungatsegulire satifiketi za SSL (kuphatikizanso HTTPS kuwongolera & HSTS) kwa ma subdomain a HestiaCP m'magulu?

Kusinthidwa: 2025 October 3

Kalozera wa Nkhani

0.1 🔥 Chifukwa chiyani mumathandizira SSL zambiri?

1 💡 Njira zina zogwirira ntchito
2 🎯 Mapeto

Kodi inu munakumanapo ndi mkhalidwe wotero? Limangeni ndi khama lalikulu HestiaCP Seva ndi ma subdomain adapangidwa, koma mukuwona kuti muyenera kulembetsa pamanja ndikusintha ziphaso za SSL chimodzi ndi chimodzi? 🤯 Izi ndizovuta kwambiri!

Osadandaula, ndikuphunzitsani zanzeru lero. Dinani kumodzi kutsegulira kwa SSL, kuphatikizapo osati kokha Tiyeni Tilembe Zikalata, ndikukuthandizani mwachindunji HTTPS yolunjika yokha ndipo HSTS (HTTP Strict Transport Security).

🔥 Chifukwa chiyani mumathandizira SSL zambiri?

Mwina mukuganiza kuti: "Kodi sindingathe kungowasindikiza pamanja?" Inde, koma ngati muli nazo Mazana kapena mazana a subdomains, kugwira ntchito pamanja mosakayikira ndikodzivulaza!

Kukonza batch kuli ndi ubwino wotsatirawa:
✔ Sungani nthawi: Dinani kamodzi, palibe chifukwa chodina pamanja.
✔ Pewani zosiyidwa: Chepetsani zolakwika za anthu ndikuwonetsetsa kuti ma subdomain onse ndi otetezeka.
✔ Tsimikizirani HTTPS: Yendetsaninso HTTP -> HTTPS, sinthani SEO Chogoli.
✔ Kulimbitsa chitetezo cha HSTS: Pewani kuwukira kwa anthu apakati ndikupangitsa kuti tsambalo likhale lotetezeka kwambiri.

💡 Njira zina zogwirira ntchito

Kenako, timagwiritsa ntchito chida cholamula chomwe chimabwera ndi HestiaCP kuti tilembe chosavuta Shell Script, kuchita mosavuta Ma subdomains onse Kusintha kwa SSL kwa .

📝 Khwerero 1: Pezani mndandanda wamadomain

Tangoganizani kuti domain yanu yoyamba ndi chenweiliang.com, mwawonjezera ma subdomain angapo, mwachitsanzo:

en.chenweiliang.com
ru.chenweiliang.com
la.chenweiliang.com
lv.chenweiliang.com

Mu script, timangofunika kusunga mndandanda wa prefixes subdomain, mwachitsanzo:

SUBDOMAINS="en ru la lv"

Pambuyo pake tidzadutsa ma subdomains awa ndikufunsira satifiketi ya SSL imodzi ndi imodzi.

📜 Khwerero 2: Lembani script kuti mulowetse ziphaso za SSL mumagulu

HestiaCP imapereka Command Line Zida, titha kumaliza ntchito zokhudzana ndi SSL ndi malamulo atatu otsatirawa:

v-add-letsencrypt-domain → Lemberani satifiketi ya SSL
v-add-web-domain-ssl-force → Yambitsani HTTPS
v-add-web-domain-ssl-hsts → Yambitsani HSTS

Zolemba zonse zili motere (koperani ndikuchita mwachindunji):

#!/bin/bash

# HestiaCP 用户名
USER="youruser"
# 你的主域名
DOMAIN="chenweiliang.com"
# 需要启用 SSL 的子域名前缀
SUBDOMAINS="en ru la lv"
# 遍历每个子域名，依次开启 SSL
for SUB in $SUBDOMAINS
do
    FULL_DOMAIN="$SUB.$DOMAIN"
    echo "🚀 在启用 $FULL_DOMAIN 的 SSL 配置..."

    # 申请 Let's Encrypt 证书
    v-add-letsencrypt-domain $USER $FULL_DOMAIN
    if [ $? -ne 0 ]; then
        echo "❌ 错误：获取 $FULL_DOMAIN SSL 证书失败（可能触发 Let's Encrypt 429 限流），请稍后重试。"
        continue
    fi

    # 强制 HTTPS 重定向
    v-add-web-domain-ssl-force $USER $FULL_DOMAIN

    # 启用 HSTS（HTTP 严格传输安全）
    v-add-web-domain-ssl-hsts $USER $FULL_DOMAIN

    echo "✅ $FULL_DOMAIN SSL 配置完成！"
done
echo "🎉 所有子域名 SSL 配置操作结束！"

🚀 Khwerero 3: Pangani script

Tsopano popeza script yalembedwa, tiyeni tiyendetse!

1️⃣ Sungani zolembazo ngati enable_ssl.sh
2️⃣ Perekani zilolezo zochitira:

chmod +x enable_ssl.sh

3️⃣ yambitsani script:

./enable_ssl.sh

Ndiye inu mukhoza kuwona Satifiketi ya SSL yama subdomain onse Ikani ndikuyambitsa zokha!

⚠ Ndemanga

💡 About Let's Encrypt malire apano (zolakwika 429)
Tiyeni Tilembetse Chepetsani kuchuluka kwa zopempha za satifiketi pa IP pasanathe ola limodziMukakonza ma subdomain ambiri nthawi imodzi, mutha kukumana 429 Cholakwika.

✅ Dinani ulalo womwe uli pansipa kuti muwone yankho ▼

Cholakwika: Tiyeni Tilembetse malire atsopano a auth 429, choti tichite? Kuchira nthawi ndi mayankho anafotokoza!

🔗Zolakwika: Tiyeni Tilembetse malire atsopano a auth 429, nditani? Kuchira nthawi ndi mayankho anafotokoza!

Ikani m'magulu, kungoyendetsa ma subdomain ochepa panthawi imodzi.
Kugwiritsa ntchito komaliza kosiyana kwa ACME(Mwachitsanzo, satifiketi yofunsira Cloudflare API).
Dikirani ola limodzi ndikuyesanso.

💡 Onani ngati HestiaCP yayika bwino satifiketi ya SSL
Ngati mwapeza Kusintha kwa SSL kwalephera, mutha kuyang'ana pamanja:

v-list-web-domain $USER yoursubdomain.chenweiliang.com

Onani SSL Ndi munda yesNgati sichoncho, muyenera kuyiyambitsa pamanja.

🎯 Mapeto

Sizovuta kuyambitsa ziphaso za SSL m'magulu. Chinsinsi ndicho kugwiritsa ntchito njira yoyenera. kupita Mzere wolamula wa HestiaCP + Shell script,Mutha Dinani kamodzi kakhazikitsidwe ka HTTPS pama subdomain onse, zonse zothandiza komanso zotetezeka.

💡 Izi sizingokupulumutsirani nthawi yambiri, komanso zidzakulitsa gawo lanu la SEO komanso chitetezo chatsamba lanu., kulekeranji?

Yesani tsopano ndikuwonjezera chitetezo cha HTTPS kumadera anu kuti akhale otetezeka komanso akatswiri! 🚀

Hope Chen Weiliang Blog ( https://www.chenweiliang.com/ ) adagawana "Momwe mungayambitsire ziphaso za SSL mumagulu a HestiaCP subdomains (kuphatikiza HTTPS redirection & HSTS)?" ”, zitha kukhala zothandiza kwa inu.

Takulandirani kugawana ulalo wa nkhaniyi:https://www.chenweiliang.com/cwl-32612.html

Kuti mutsegule zidule zambiri zobisika🔑, talandirani kujowina njira yathu ya Telegraph!

Dinani apa kuti mulowe nawo panjira ya Telegraph

Share ndi like ngati mukufuna! Zomwe mumagawana ndi zomwe mumakonda ndizomwe zimatilimbikitsa!

Mmbuyo wapitawo:Momwe mungalembetsere Pinduoduo pogwiritsa ntchito nambala yam'manja yaku China? Nayi kalozera wolowera 0-zotchinga!

Pambuyo pake: HestiaCP bulk management of subdomains: njira yabwino yowonjezeramo mafayilo a .htaccess!