VestaCP yangasemva 8083 port https ayisebenzi?Faka iSifundo seSatifikethi se-SSL

VestaCP Iphaneli yolawulo ilula kwaye kulula ukuyisebenzisa:

Faka iphaneli yokulawula yeVestaCP, onokuqonda umsebenzi wokhuseleko wokufaka ngokuzenzekelayo isiqinisekiso se-Let Encrypt SSL, ngoko sithandwa phakathi kwamazwe angaphandle.seoAbasebenzi bamkelekile.

Yintoni iLet's Encrypting?

Masi Fihla ligunya lesatifikethi se-SSL elaphehlelelwa ngoAprili 2016, 4.

• Ibonelela simahla izatifikethi ze-X.509 zoKhuseleko loMaleko wezoThutho (TLS) kufihlo ngenkqubo ezenzekelayo,
• Yenzelwe ukuphelisa ukwenziwa kwencwadi yangoku, ukuqinisekiswa, ukusayina, ukufakela kunye nohlaziyo lwezatifikethi kwiiwebhusayithi ezikhuselekileyo.

Iphepha lokungena lephaneli yokulawula yeVestaCP lisebenzisa i-port 8083.

Yintoni izibuko 8083?

• I-8083 liphepha lommeleli kunye nokukhuphela ifayile yefayile, kwaye lizibuko elinengqiqo.
• Kwitekhnoloji yenethiwekhi, amazibuko abandakanya amazibuko abonakalayo kunye namazibuko anengqondo.

Umahluko phakathi kwamazibuko abonakalayo kunye namazibuko anengqondo

• Izibuko ezibonakalayo zibhekisela kumachweba akhoyo ngokwenene, njengeemodem ze-ADSL, ii-hubs, iiswitshi, kunye neerotha eziqhagamshelwe kwezinye izixhobo zenethiwekhi ezifana ne-RJ-45 port, i-SC port, njl.
• Izibuko eliqiqileyo lizibuko elahlula iinkonzo ngentsingiselo ebhadlileyo, njengezibuko lenkonzo kwiprotocol yeTCP/IP. Uluhlu lwenombolo ye-port yi-0 ukuya kwi-65535.

Nangona kunjalo, okwangoku, akukho satifikethi sokhuseleko se-SSL esiboniswa kwizibuko 8083 kwiphaneli yolawulo yeVestaCP ngokungagqibekanga...

Ngoko, kwiFaka iphaneli yeVestaCPNgasemva,ugoogle ChromeUmyalezo onje uya kuvela:

Iphaneli yokungena yeVesta yenza ukuba i-https

Isiqendu 1:Ngena kwiphaneli yolawulo yeVestaCP

Sebenzisa igama lomamkeli kunye nezibuko 8083 ▼

http:// 你的域名:8083/

Isiqendu 2: Ngena kwinkonzo yeWEBHU yeVestaCP

Fumana igama lenginginya yeseva yakho kwaye ucofe HLELA ▼

Isiqendu 3:Fumana kwaye ujonge i-SSL kwaye Masifihle

 "Vumela i-SSL (iNkxaso ye-SSL)", "Sebenzisa i-Let Encrypt (Masibethele iNkxaso)" ▼

• Emva koko cofa Gcina (umlawuli ucofa Gcina kwaye ulinde malunga nemizuzu emihlanu phambi kokuba ujonge isicelo sesatifikethi se-SSL)

Isiqendu 4:Fumana indawo yogcino lwesatifikethi sokhuseleko esithi Masi Fihla

Masibhale ngokuntsonkothileyo sigcina izatifikethi zayo ze-SSL /home/username/conf/web/ kwindawo.

Nceda udwelise iindawo zabo ▼

/home/username/conf/web/ssl.website.crt
/home/username/conf/web/ssl.website.key

Iphaneli yokulawula yeVestaCP, igcina igama lomamkeli wesatifikethi se-SSL ▼

/usr/local/vesta/ssl/certificate.crt
/usr/local/vesta/ssl/certificate.key

Ke ngoko, kufuneka siqale sithiye kwakhona ifayile yesatifikethi yeVestaCP endala kumbhalo othile we-dummy,

Ukuze iVestaCP ingabi sazisebenzisa, emva koko udibanise iifayile.

Nceda ulandele la manyathelo angezantsi ukuze ufunde ukwenza oku.

Isiqendu 5:SSH kwiseva yakho

Ngenisa le miyalelo mi-2 ukuze uthiye ngokutsha ifayile endala ▼

mv /usr/local/vesta/ssl/certificate.crt /usr/local/vesta/ssl/unusablecer.crt
mv /usr/local/vesta/ssl/certificate.key /usr/local/vesta/ssl/unusablecer.key

• Ukuba le misebenzi ilandelayo ayinakusebenza kwaye ikhonkco le-SSL liyasilela kwaye iwebhusayithi ayinakuvulwa, tshintsha nje ifayile ye-SSL "into engasetyenziswanga"Igama, tshintshela kwigama langaphambili"isiqinisekiso", akukho mfuneko yokuchitha ixesha lokubuyisela ipaneli yeVestaCP.

Isiqendu 6:Yenza ikhonkco lokomfuziselo ukwalatha ikhonkco elitsha lomfuziselo

Nceda buyisela igama lakho lomsebenzisi, njenge:admin

intando chenweiliang.com Faka endaweni yegama lenginginya (FQDN) yeseva yakho yeVPS ▼

ln -s /home/admin/conf/web/ssl.chenweiliang.com.crt /usr/local/vesta/ssl/certificate.crt
ln -s /home/admin/conf/web/ssl.chenweiliang.com.key /usr/local/vesta/ssl/certificate.key

Isiqendu 7:Qala kwakhona iVestaCP

service vesta restart

Isiqendu 8:cima i-cache yesikhangeli

Emva koko, zama ukungena kwakhona kwiphaneli yokulawula yeVestaCP usebenzisa i-port 8083.

• Ngoku i-SSL yakho kwi-port 8083 ikhuselekile!

Iimvume ezaphukileyo isisombululo

Ukulungisa iimvume ezaphukileyo, ngenisa lo myalelo ulandelayo ▼

• intando your.adminpanel.com Faka endaweni ye-URL yeVestaCP yakho yolawulo lwekhonsoli.

chgrp mail ssl.your.adminpanel.com.key
chmod 660 ssl.your.adminpanel.com.key
chgrp mail ssl.your.adminpanel.com.crt
chmod 660 ssl.your.adminpanel.com.crt

Oku ngasentla yindlela yokwenza isatifikethi se-SSL kwi-VestaCP backend.

Ulinyanzela njani igama lesizinda ukuba lisebenzise isatifikethi se-SSL se-https?

Inyathelo 1:Faka ithempleyithi yenginx yesiko ▼

cd /usr/local/vesta/data/templates/web
wget http://c.vestacp.com/0.9.8/rhel/force-https/nginx.tar.gz
tar -xzvf nginx.tar.gz
rm -f nginx.tar.gz

Isiqendu 2:Cwangcisa itemplate yommeli ukunyanzela-https

• Yenza isicwangciso esitsha esingagqibekanga, okanye usete amandla-https njenge template yeproxy ye-Nginx kwisicwangciso esikhoyo esingagqibekanga.
• Xa usongeza abasebenzisi abatsha, ungasebenzisa i-force-https template ukunika imvume kubasebenzisi kwisicwangciso sokuseta.

I-HTTP iphinda iqondise ngokuzenzekelayo kwi-HTTPS

I-VestaCP iphinda iqondise njani i-HTTP kwi-HTTPS isebenzisa i-htaccess?

Ngaba ufuna ukuhambisa iwebhusayithi yakho ngokuzenzekelayo kwinguqulelo ekhuselekileyo (HTTPS) yewebhusayithi yakho efihliweyo?

Kwifayile ye.htaccess, yongeza le 301 ilandelayo yokuqondisa kwakhona isivakalisi ▼

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]

• U-“L” ku- [R, L] ngasentla uthetha ukuGqibela (kokugqibela) Ukuba ezinye izivakalisi nazo zinalo L, i-http ayisayi kuphinda iqondiswe ku-https.
• Ke ngoko, kuyacetyiswa ukuba ubeke i-syntax yokuqondisa kwakhona i-http301 ukuya kwi-https phezulu (phambi kwezinye iisyntax).

Ukuba ufuna ukongeza iziqinisekiso ze-SSL ezikhuselekileyo kwamanye amagama edomeyini kwindawo yolawulo yeVestaCP, nceda ujonge esi sifundo ▼

Uyisebenzisa njani ipaneli yeVestaCP?Faka i-Post Office/Yongeza iiDomain ezininzi kunye noLawulo lweeFayile

IVestaCP yiphaneli yolawulo yokubamba iwebhu yeLinux elula kakhulu, kodwa inamandla kwaye isebenzayo.Ngokungagqibekanga, iya kufaka iseva yewebhu ye-nginx, i-PHP, i-Mysql, iseva ye-DNS kunye nenye isoftware ekufuneka iqhube umncedisi wewebhu opheleleyo, zonke ziyi-SEO...