since CNNIC After the certificate issued by the sub-middle attack occurred in these events,SSL Connection and HTTPS Becoming more popular。This time we 'Use SSL to protect your login information, and background page"Into the recommended"SSL Everywhere”,Using global SSL encryption,Avoid disclosure of privacy caused by the user when accessing the page。and,According to the latest tutorial showing Google Webmaster among introduction,SEO is more beneficial to use https(Domestic forget it,However, Google's crawlers will reallyMore attention Https sites。)Other than that,Upgrade to Https,You do not need to Google Webmaster Tools, what did - support smooth upgrade,The only drawback is probably included in a short time will fluctuate。
Google supports smooth migration to the HTTPS
Here,We would like to thank StartSSL™ ,If not, they,I'm afraid we have these small owners personal blog bloggers to miss the SSL。。
due toFor this reason,Off the grid is not in use StartSSL a free certificate,But instead use concern Let’s Encrypt project,So you can easily get a personal certificate free。but,If you're like me is to throw in the blog Hosting,I thought you might needThis siteTo support virtual host cPanel and other background configuration。
How to apply for a certificate issue,Here Skip speak,In conclusion This article assumes that you have at least one valid signature certificate and the corresponding domain name。
HTTPS on that point had to talk things
HTTPS uses443portTo verify your links,Through SSL、TLS This low-level encryption technology to ensure that your connection is secure,Because the SSL protocol at this level IP,Therefore, to establish a secure handshake even exchange HTTP data has not happened,This leads SSL The domain name for itself signed certificate but you have a requirementIndependent IP address。but,Ruthless reality soon proved -IPv4 addresses will eventually be exhausted。Hosting emerged,At this time we are very fortunate we can have an independent domain name and space,But the IP address is shared。
Web server to provide different services on the same site on the same IP ports through distinguish requests from different domains,This leads to a serious problem:“SSL certificate is bound to whom?"The fact is indeed difficult to support SSL Hosting,Believe it will lead to other domain names with IP prompt certificate under the incorrect。but,Now the mainstream browsers support a new protocol:SNI。
Use SNI,It will allow the Web server to provide a separate certificate for each domain on the same IP。
So,If you want to bind multiple domains on one IP certificate,Or do you still use the Affordable Web Hosting,Wish to bind the certificate,Then you need to make sure your host can support SNI--Of course,For example, the current mainstream server Nginx、Apache So has support,With the exception of the roll is IIS Seemingly still not supported。
As your browser,Safari、Chrome、Firefox and other well-known browsers already support,Point name is seemingly IE series 5678 Not so good。
All right,Grilled over background,We started operations:
Since the grid is still a drop virtual host configuration,Here we talk about howUse cPanel to open SSL:
one、Open SSL access support
Your login cPanel,If your virtual host support SNI technology(See service providers to not to force),Then you should be in cPanel panel "Safety"Classification find inside."SSL/TLS"Function buttons。
"Security" category in the "SSL / TLS"
After clicking enter you will see a link to upload a public key and a private key binding domain,Upload turn into the,Then choose to bind the link in their binding domain "www"Can。(Here we must note,If you're using the same off the grid is a kind of certificate,Then you should not be eligible to sign pan-domain certificate,Naked domain should also not enough。)
After binding,Your blog should have been able to use to access the Https,but,Just the beginning。
two、Open access HTTPS 301 redirects
Careful you'll find at this time,While your site at this time to support the HTTPS access,But it seems you can also use HTTP to access,Taking into account the current search engines are included in your HTTP link,So if you do not do something, then I am afraid that this SSL certificate will be useless!
I hope you will be able to support space .htaccess ,If your blog, then opened the pseudo-static,That eighty percent of your space is supported。 :)
We use
.htaccess File to add a 301 redirect (in fact, there are various other ways to migrate,But Google uncle officialRecommended use 301 redirects) All of the HTTP traffic using 301 redirects to HTTPS to top,of course,Thus there is a potential problem:Domestic Baidu and other search engine crawlers do not support HTTPS!
I'm curious,Why in the world have advocated SSL Everywhere in the case of,China's domestic Internet environment or "expressly take the world",of course,This may also with that "Girl Friend Wall"...... It has a relationship (otherwise it will not harmony ah ~) so,We also separately for some of the domestic search engine crawlers about custom rules,If the detected UA their,Then allow them to access the HTTP traffic。
In your blog space www Directory (some may be public_html )under,turn up .htaccess file,Edit it,Fill in the following code inside:
|
1 2 3 4 5 |
#网站定制化开启 HTTPS 的301重定向 RewriteCond %{SERVER_PORT} !^443$ RewriteCond %{HTTP_USER_AGENT} !MSIE/[1-8]\. [NC] RewriteCond %{HTTP_HOST} www.logcg.com RewriteRule ^.*$ https://www.logcg.com%{REQUEST_URI} [L,R=301] |
correct,Considering the huge hard IE uncle,We have excluded 12345678,Let them properly due to visit HTTP roll bar,Various provinces warning worry。
three、Open enforce SSL login and background
Although there has been redirected entire station,But we might still be WordPress It comes with its own function opens,Compatible with a view to better experience - after all 301s。
Still found inside the root directory of your website,The document is to be modified config.php,Directly at the end of this file on a new line,Two additional lines of code:
|
1 2 3 |
/* 强制后台和登录使用 SSL */ define('FORCE_SSL_LOGIN', true); define('FORCE_SSL_ADMIN', true); |
four、Site Links Support
The main problem may be the picture,You attachments have been uploaded to the space marked for WordPress absolute link,And they are all properly properly written "http://”。usually,Is the need to replace it with the database,However, this method is a little dangerous,I am here to give you recommend another good choice:Using the code allows WordPress before loading attachments will be replaced by a link like! --after all,Only a matter of protocol,Followed by the path is not half dime relationship ~
(I hope you are using WordPress subtopics function ......)
Found under the current topic function.php file,EDITORS ',At the end of the code inside append the following code:
|
1 2 3 4 5 6 7 8 |
/* 替换图片链接为 https */ function my_content_manipulator($content){ if( is_ssl() ){ $content = str_replace('http://www.logcg.com/wp-content/uploads', 'https://www.logcg.com/wp-content/uploads', $content); } return $content; } add_filter('the_content', 'my_content_manipulator'); |
Other than that,In addition to this main accident,You also need to be concerned about the various stations within the chain of:
- Edit "menu" among all "Custom Link" is a relative path;
- modify"Set up"→"conventional"inner"Site Address"and"WordPress address"As HTTPS;
- Other modifications absolute link address of its cheap hand written ......
Fives、Concerned about plug
Now,The last remaining issue:Plug compatibility!
Yes, that's right! Not all plug-ins are compatible with SSL!(Especially domestic plug)
correct! CNZZ statistics on this, then you only need to modify our code can statistical,The HTTP to HTTPS to modify。But more commonly used domestic JiaThis Social sharing widget on the weak,You can only afford to spareDelete stop。
Other than that,Before"I love boiled fish"Related Posts Plugin Development:WordPress Related Post,Later sold to foreigners,Always loads a link outside the station,Today also because Girl Friend Wall This problem led to a variety of chrysanthemum js script,I had decisivelyDelete stop。
You can use any browser,Open your blog page not open after an article,Select similar "Inspect Element"Operation,Check the error can be:There is no requirement for any red error,Yellow warning "⚠️" can be ignored。
Remove the plug on that function how to do?
Of course, is to find a replacement plug,As for the two plug-in here,Two plug-ins recommended route:
- anyShare It is a very simple and functional lightweight social sharing widget,Button is relatively large (you can see the end of this article later style),Although it has not been updated for 10 months,But I assure you that this stuff is absolutely compatible with the latest version of WordPress and perfect function。:)
- Yet Another Related Posts Plugin This is another related article plugin,And could not stand the annoying external link,Functional free version enough,And the sameSupport RSS,And now it's configuration interface is no longer so daunting,correct! Although it is also compatible with the latest version is prompted not - but I guarantee,This same thing is functioning properly -
At last,You can go to this page to reference cells are used in which fallingMad pull cool hanging WordPress plugin,These plug-ins will be at leastSSL compatible 。
This time,Your blog should have been able to show a perfectLittle gray locksLa!
Ugh? ! Why gray? Contentment,Jiang Zi is a Class Certificate,Want Green,pleasePay。
correct,exist Chrome Under the green,but Safari Comparison pick,Is gray ~
Another:If your blog contains a link to a non-HTTPS under the same domain name,Chrome will be a yellow warning triangle,The Safari is not the same as an ordinary link the address bar displays a small lock。
Original article written by LogStudio:R0uter's Blog » WordPress Open full stop HTTPS
Reproduced Please keep the source and description link:https://www.logcg.com/archives/961.html
Full stop https or necessary,seo clearly marked weight to tilt and https cdn acceleration
Search and replace pictures in the database http to https it is not better
Possible! Direct line and database risky,Relatively dynamic change link is more convenient (for example, a day without ssl (although unlikely ......
Anyway,There can afford it can also directly replaces the clatter,Ye also more convenient performance。
do not know why,After installing the default wordpress,https also configured the,Just https automatically jump to http,do not know why
My blog also were using,Green is small lock
I toss a day,And buy and sell back!
After reading the blogger wrote in great detail,anyShare this plugin I did not feel easy to use Baidu Share,Just need to be able to get a piece of code does not require plug-ins。I am ready to blog with https ah,Free ssl Whose Vorthong Let's Encrypt and two of good?
Baidu do ...... Let's Encrypt good,Do not use Vorthong。do not use this star ssl。
Gangster ask questions,
I turned green lock,But if the person Link is not HTTPS time,This page will show gray,Suggesting illegal HTTP resources,This connection is not connected to the site,JS is not a picture of what resources,He is a pure connection。How to do?
Is such that,If your site is https,The inside offers an http link,Then the browser will think that your page is unsafe。One approach is to provide https,Another thing that is removed。Or whether he。
Weak weak to ask the virtual machines under what conditions certificates。
It seems to need to use a separate IP? Who my reply? !
https://www.sslforfree.com
Has opened https,Trend,The sooner the better hands。After strenuous save。The company pays for the certificate he is gray。Feeling a little green lock protection fees
Seven cattle used by the plug,After using https,Thumbnail image or local,But the http,How to deal with?
/* Replace Image links with https */
function my_content_manipulator($content){
if( is_ssl() ){
$content = str_replace(‘http://www.logcg.com/wp-content/uploads’, ‘https://www.logcg.com/wp-content/uploads’, $content);
}
return $content;
}
add_filter(‘the_content’, ‘my_content_manipulator’);
This can not afford to replace thumbnail images
Use seven cattle cdn,You have to pay to open seven cattle can https cdn,Even if you replace yourself,Open seven cattle no corresponding function,Is no good ~
Girl Friend Wall What the hell is so funny ~ ~ ~ ~ ~
This is still under study ssl,Consider my blog,Do you want to change!
This is a general trend,Now a variety of key script lot,Even my service provider provides one-click deployment capabilities for the user space!
But be careful to choose the right vendor to issue certificates,For example, let's encrypt pretty good,Other free or inexpensive manufacturers,But be careful not to use startssl and wosign Vorthong,The two notorious。
yyyy
Gray triangle how to solve?
tycpo how to set the built-in link to convert https?
What tycpo that?
Feel embarrassed,I did not write clearly,是 types 程序。
types 程序 打开 ftp,No function.php file,I ask how to modify the,Let the image within the chain link http turn https?
No function.php? You try to create yourself a look at the system will not load,It should automatically load,This is the necessary documents relating to the ah。
Safari is the only strategy for the EV green,And there is next to a small green lock Company Name。
Green is the prerogative of the company name EV Certificate,ch will use the green bar shows the name。When only ch in a web page not to load http resources are green lock
Yes,ev certificate too expensive,So difficult to obtain。General Certificate of nature is a small gray lock,While other browsers it to face,The lock on the green。As you said ch ............ I really do not know what is ah ..................
ch is short for chrome,ff refers Firefox
alright, you win!
Suddenly found,CPanel now has support for a key to the certificate of registration,Feeling particularly convenient,Is not it should be added at ~
Ah You're right,I came a little update about ~ =。= I remember how I updated,But I can not find it。。。。
"due to this reason,Off the grid is not in use StartSSL a free certificate,But instead use concern Let's Encrypt project,So you can easily get a personal certificate free。but,If you're like me is to throw in the blog Hosting,I thought you might need this site to support virtual host cPanel and other background configuration。"I really updated:)
= = Well, I may not see…I really envy you use the cp….I used to get hold of this certificate amh panel plus the automatic renewal of the old hard
First of all,You can find a service provider for replacement ...... Next,I rely on e-mail notification of manually replaced every three months?
1 This is my vps always been cheap so no panel,amh own installed QAQ second….I am a student busy + = lazy cancer require automatic renewal…So I spent a morning to get that thing….The official asked people not willing to say this stuff to get the module or manually make things right….Achievements are forced out QwQ wronged me,But I do not say..
Pat ......
I have a lot of sites do not support https widget,So Xiangnong https forced to jump to the http,It is not to be against the way of thinking process Rewrite?>There is not deleted
RewriteCond %{HTTP_USER_AGENT} !MSIE/[1-8]\. [NC]
This line, it would have to make IE full range uncle also abide by the rules?Thank you -
ps:Had intended the whole station with https is so specifically to green locks and information display buy ssl,Now found…With no eggs = = really do not buy
Ha ha ha ~ ~ really,Our individual users, then buy ssl certificate useless,I now use the free encrypt everywhere,As long as a month to update。If you want to turn, jump ...... please do not write the rules to。Because the default browser will go http,If you have so ...... indeed as you say,These in turn rewrite ......
But I think it,Acquiescence Jiuhaola。
At last,Can https,Or https,Thus the reader is responsible for。
https is certainly good,But what plug-ins do not support what is also loaded with a bunch of red cross out…Big head it
And before did not change when the site has been using https,But now with https access, then it will be wrong to jump to http want to force this case under the care added favorites……
(On the importance of the ability to make changes to the plug-in…)
For plug-in,My attitude is changing and not changing,Not powerless but people want to upgrade。You worked so hard to change the,People all over the back upgrade。Https support for a function with the plug-in is very easy to do ah。
But if too lazy to debug,That's just not it ~ http little green lock,He looked panic panic:)
QAQ problem is that some streets are not plug-and over some degree .. rare high degree of understanding and then change to a lot of trouble….
Plug-in, then I have had a lesson so basically handy…Do not upgrade…
As for the green lock?ps not like a ╮(╯▽╰)╭(joke)
But now think about or have a better point lock….Ok….Workers have to stay up late to catch the
Then ask Let's Encrypt Authority X1 and Let's Encrypt Authority X3 different from you….
1234They have their own different purposes,For example, the number 4 is a disaster recovery,Usually not applicable。12In front of several generations of certificate,Should not be used,But if you want to be compatible xp,You would need to use x1;Usually used,,It is to use 3.
Blog contains a link to a non-HTTPS under the same domain name can say at this thing? I encountered this problem,But do not know how to get
I find that you like to use seven cattle cdn accelerated to give blog,Then you need to go seven cattle configuration page for the link https rather than normal http link。To use the seven cattle https link,You may need to keep your account balance is greater than seven cattle 10 yuan and the real-name authentication:)
Why words deleted DB cache
We are ready to install it…
I deleted because this thing is useful for off grid is not too big,Off the grid in accordance with current views view,Open the memory is occupied point where nothing needs so much ~ concurrency? There is enough static cache。
Alas it does not support https Jiathis…
Ok,By the time I wrote the article,jiathis or not supported,Do not know how the,I did not continue to focus on。
Oh,I installed a plugin to force a good ,sweat, Baidu few days
Haha,I was using a .htaccess file implementation,Automatically jump。With plug simpler ~
# BEGIN WordPress
RewriteEngine On
#RewriteCond %{HTTPS} !^on$ [NC]
#RewriteRule (.*) https://%{SERVER_NAME}%{REQUEST_URI} [L,R=301]
RewriteBase /
RewriteRule ^index.php$ – [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
# END WordPress
Rules above,But can not access,Ali cloud hosting,Will bloggers have encountered this problem?
It is said that the number of domestic vps little problem,But this I can not really help you,I have little knowledge of this is:) So I did not press you wrote,I have not encountered this problem ~
Thanks for sharing。WordPress plug-ins as possible can not to do it。Of course, according to their actual situation to be,Additional links https://meirishou.org,Just finished the whole。not bad!
I used Vorthong certificate,Now all the pages are hppts,But enter the URL to automatically access is hppt,Points will be back next logo hppts,And hppt landing is no reaction to hppts login status is only 。。。。Is there any way to solve it,I did a few days Baidu tutorial