Ilaa qiyaastii 2017, inta badan shabakadaha internetka ayaa si adag u isticmaaley hab-maamuuska wareejinta hypertext ( HTTP ) gudbinta xogta website-ka biraawsarkaaga internetka ee booqdaha.

Ilaa wakhtigaas, daalacayaasha intooda badani waxay si buuxda u awoodaan inay helaan macluumaadka HTTP ee sugan , laakiin dhawr milkiilayaasha goobta ayaa dhibay inay dejiyaan shabakadooda iyagoo isticmaalaya HTTPS .

Waa maxay HTTPS ? Waxay u taagan tahay hab-raaca wareejinta hypertext ee sugan. Maantana, nooca aaminka ah ee HTTP waa sida inta badan mareegaha intarneedka ku jira u gudbiyaan xogtooda daalacashada.

Waa maxay HTTPS?

Marka uu website-ku isticmaalo HTTPS , waxa ay la macno tahay in dhammaan xogta lagu kala qaado mareegahaas iyo biraawsarkaaga ay sir tahay.

HTTPS ka hor , hackers wuxuu si fudud u dhexgalin karaa gudbinta u dhaxaysa martigeliyaha webka iyo browserka isticmaalaha, oo uu akhriyo waxa la gudbinayo. Tani waa sababta oo ah waxa ku jira waxaa lagu gudbiyay HTML ama qoraal cad. Xaalado badan xitaa aqoonsiyada^(IDs) iyo furayaasha sirta ah ayaa fududaa in laga soo saaro gudbintan.

Maxaa HTTPS ka duwan? HTTPS waxay isticmaashaa waxa loo yaqaan Amniga lakabka Gaadiidka^{(Transport Layer Security)} ( TLS ), oo hore loo yiqiin Secure Socket Layer ( SSL ). 

TLS waxay isticmaashaa laba "furood" oo ammaan ah si ay si buuxda u sirayso xogta u dhaxaysa martigeliyaha webka iyo biraawsarkaaga.

• Furaha gaarka ah^{(Private key)} : Kani waa furaha lagu keydiyo server-ka asalka ah. Ma ahan mid ay heli karaan dad weynaha, marka kaliya furahaan gaarka ah ee lagu keydiyo serverka mareegaha dhabta ah ayaa kala saari kara gudbinta.
• Furaha guud^{(Public key)} : Furaha dadweynaha waxaa isticmaala browser kasta oo raba inuu la xiriiro server-ka shabakada ee haya shabakada.

Sida HTTPS Isgaarsiinta u Shaqeyso

Habka isgaarsiintu wuxuu u shaqeeyaa sida soo socota.

1. Isticmaaluhu waxa uu furaa browser-ka oo waxa uu ku xidhaa bogga shabakadda.
2. Shabakadu waxay soo dirtaa browserka isticmaalaha shahaado SSL oo ka kooban furaha dadweynaha. Barowsarku wuxuu u baahan yahay furahan guud si uu u furo xidhiidhka bilowga ah ee goobta.
3. Tani waxay bilaabeysaa waxa loo yaqaan " gacan qaad TLS^(TLS) " halkaas oo macmiilka (browser) iyo server-ka (website) "ku heshiiyaan" cipher si loo isticmaalo, loo xaqiijiyo goobta saxeexa dhijitaalka ah ee SSL , oo ​​soo saaro furayaasha fadhiga cusub ee fadhiga hadda.

Marka "fadhigan" la dhiso, ma jiro qof u dhexeeya browserka iyo server-ka webka si fudud u aqoonsan doona macluumaadka ama xogta la wareejinayo.

Tani waa sababta oo ah wax walba, xitaa HTML -ka loo gudbiyo browserka, ayaa la sir ah (oo asal ahaan lagu xoqay qoraal iyo calaamado aan macno lahayn). Kaliya browser-ka aasaasay xidhiidhka bilowga ah ee mareegaha ayaa kala saari kara macluumaadka, iyo lidka ku ah. Mareegaha kaliya ayaa heli kara waxyaabo ay ka mid yihiin aqoonsiga^(IDs) iyo furayaasha sirta ah oo kala saari kara si loo isticmaalo.

Haddaba, mar kasta oo aad aragto in goobtu ammaan tahay, waxaad ku nasan kartaa in xidhiidhka ka dhexeeya biraawsarkaaga iyo goobta fog ay tahay mid gaar ah oo ka badbaadsan indhuhu soo baxaan.

Sida loo ogaado haddii goobtu isticmaasho HTTPS

Laga bilaabo 2017, Google waxay cadaadis saartay milkiilayaasha mareegaha inay ku daraan shahaadooyinka SSL shabakadooda. ^(SSL)Waxay sameeyeen tan iyagoo ku daraya muuqaal cusub noocii ugu dambeeyay ee Chrome kaas oo soo bandhigay digniinta "Aan Ammaan lahayn "^(Secure) isticmaalayaasha mar kasta oo ay booqdaan goob aan isticmaalin HTTPS .

Haddii aad ku socoto nuqulkii u dambeeyay ee browserka Chrome oo aad booqato goob ammaan ah oo adeegsata HTTPS , waxaad arki doontaa calaamad yar oo quful ah oo ku taal dhanka bidix ee URL .

Muddo aan dheerayn ka dib, daalacayaasha kale waxay bilaabeen inay raacaan qaabka, oo ay ku jiraan Firefox , Safari , iyo in ka badan. Dhammaantood waxay soo bandhigi doonaan astaanta qufulka sida Chrome uu sameeyo.

Haddii aad booqato degelka oo aanu goobta isticmaaleyn HTTPS si ay ula xiriirto, markaas waxaad arki doontaa cilad aan ammaan^{(Not secure)} ahayn dhanka bidix ee URL.

Sida in kasta oo tani aysan ahayn wax-ka-dhigis ku filan si ay uga fogaato soo-booqdayaasha websaydhka, Google sidoo kale waxay dejisay siyaasad ay isticmaalka shahaadooyinka SSL -ka ka caawin doonto mareegaha in ay sare u qaadaan natiijooyinka raadinta.

Labadan sababood ayaa ah sababta mulkiilayaasha mareegaha intooda badani ay ugu dambeyntii bilaabeen u wareejinta goobahooda si ay u isticmaalaan shahaadooyinka SSL oo ay ula xiriiraan daalacashada booqdayaasha iyaga oo isticmaalaya HTTPS .

Maxay tahay sababta aad u danaynayso HTTPS?

Isticmaale intarneedka ahaan, waa in aad aad uga taxadartaa in goobtu isticmaasho HTTPS iyo in kale . Waxaa laga yaabaa inaadan u malayn in qofna dan ka lahayn boggaga internetka ee aad booqato ama waxa aad ka samaynayso internetka, laakiin waxaa jira bulshooyin aad u badan oo tuugo ah oo aad u xiiseynaya.

Markaad dhexda ka gasho xidhiidhka shabakadaada browserka, jabsadayaashu waxay si joogto ah isha ugu hayaan mid ka mid ah macluumaadka soo socda:

• Ciwaankaaga iimaylka, si ay uga gadi karaan iimaylka spammers.
• Lambarka taleefankaaga iyo ciwaanka jirkaaga si ay uga iibiyaan suuqgeynayaasha.
• Aqoonsiga iyo furaha sirta ah ee aad isticmaasho si aad u gasho akoonnada bangigaaga si ay u helaan lacagahaaga.
• Goob kasta oo ceeb ah oo aad booqato si ay kuugu soo diraan iimaylo kugu hanjabaya in ay la wadaagi doonaan hawshaas asxaabta iyo qoyska haddii aadan bixin lacag^{(threatening to share that activity with friends and family if you don’t pay up)} .
• Ciwaanka IP-ga ee tooska ah ee kombiyuutarkaaga si ay isugu dayaan inay nidaamkaaga jabsadaan^{(try to hack your system)} .

Dhab ahaantii, hubinta inaad booqato kaliya bogagga adeegsada HTTPS waa hab awood leh oo lagu ilaaliyo qarsoodigaaga iyo amnigaaga onlaynka, sababo badan dartood.

Haddii aad leedahay degel, waxaa jira sababo badan oo ay tahay inaad daryeesho rakibidda shahaadooyinka SSL iyo karti-gelinta ^(SSL)HTTPS .

• Waxaad heli doontaa taraafikada raadinta Google oo badan.^(Google)
• Soo-booqdayaashu waxay dareemi doonaan ammaan inay si joogto ah u booqdaan mareegahaaga.
• Macaamiishu waxay kaa dareemi doonaan ammaan badan oo wax ku gadasho ah.
• Hackers-ku waxay yaraan doonaan helitaanka aqoonsiga^(IDs) ama furaha sirta ah ee u fududeeya inay jabsadaan mareegahaaga.

Ma jiraan sababo wanaagsan oo qof kasta oo isticmaalaya intarneedka maalmahan uusan u isticmaalin HTTPS oo keliya dhammaan macaamilada shabakadda.

Sida HTTPS Loogu Isticmaalo Boggaga

Haddii aad leedahay degel oo aad xiisaynayso inaad ka takhalusto farriintaas cabsida leh ee "Aan Ammaan lahayn" marka ay dadku soo booqdaan goobtaada, kuma adkaanayso in lagu rakibo shahaadooyin SSL mareegahaaga .^(SSL)

Dhab ahaantii, waxaanu daabacnay hage buuxa oo ku saabsan sida aad ugu heli lahayd shahaadada SSL eega degelkaaga, iyo sida loo rakibo^{(how to get your own SSL certificate for your website, and how to install it)} .

Talaabooyinka fudud waa sida soo socota:

1. Go'aanso ciwaanka IP-ga ee u go'an martigeliyahaagu uu siiyay mareegahaaga.
2. Ku rakib shahaadada SSL -ka mid ay bixiso mareegahaagu, ama mid aad ka soo iibsatay adeegga shahaadada SSL .
3. Ku qas^(Force) dhammaan daalacashada in ay isticmaalaan SSL marka ay booqanayaan goobtaada adiga oo tafatiraaya faylka .htaccess oo wata amar "dib u qor" kaas oo beddelaya dhammaan xiriirada isticmaalka HTTPS .
4. Hubi^(Make) inaad siiso shahaadada SSL ee gaarka ah adeeg kasta oo ^(SSL)CDN ah oo aad ku rakibtay goobtaada.

Habkani wuu sii fududaanayaa waayadan dambe, maadaama adeegyo badan oo martigelinaya websaydka ay siinayaan milkiilayaasha shabakadaha hal-guji xal si ay ugu rakibaan shahaadooyin SSL shabakadooda.^(SSL)

What Is HTTPS and Why You Should Care

Up until around 2017, a large majority of websites on the іnternet used strictly hуpertext transfer protoсol (HTTP) for the transmission of a website’s data to a visitor’s wеb browser.

Until then, most browsers were fully capable of receiving secure HTTP content, but few site owners bothered to set up their websites using HTTPS.

What is HTTPS? It stands for hypertext transfer protocol secure. And today, this secure version of HTTP is how the majority of websites on the internet transmit their content to browsers.

What Is HTTPS?

When a website uses HTTPS, it means that all of the data being transmitted between that website and your browser is encrypted.

Before HTTPS, a hacker could easily intercept the transmission between the web host and the user’s browser, and read the content being transmitted. This is because the content was transmitted in HTML or plain text. In many cases even IDs and passwords were easy to extract from these transmissions.

What makes HTTPS different? HTTPS uses what’s called Transport Layer Security (TLS), formerly known as Secure Socket Layer (SSL). 

TLS uses two security “keys” to fully encrypt the data going between the web host and your browser.

• Private key: This is a key stored on the originating web server. It isn’t accessible to the public, so only this private key stored on the real web server can decrypt transmissions.
• Public key: The public key is used by any browser that wants to communicate with the web server that holds the website.

How HTTPS Communication Works

The communication process works as follows.

1. A user opens a browser and connects to a web page.
2. The website sends the user’s browser an SSL certificate that contains the public key. The browser needs this public key in order to open the initial connection with the site.
3. This initiates what’s called a “TLS handshake” where the client (browser) and the server (website) “agree” on the cipher to use, verify the site’s SSL digital signature, and generate new session keys for the current session.

Once this “session” is established, no one between the browser and the web server will be able to easily identify the information or data being transferred.

This is because everything, even the HTML transmitted to the browser, gets encrypted (essentially scrambled into nonsense text and symbols). Only the browser that established the initial connection with the website can decipher the information, and vice versa. Only the website can receive things like IDs and passwords and decipher them for use.

So, whenever you see that a site is secure, you can rest assured that the communications between your browser and the remote site are private and safe from prying eyes.

How to Know if a Site Uses HTTPS

Starting in 2017, Google put the pressure on website owners to incorporate SSL certificates into their websites. They did this by integrating a new feature into the latest version of Chrome that displayed a “Not Secure” warning to users whenever they visited a site that didn’t use HTTPS.

If you’re running the latest version of the Chrome browser and you visit a secure site that uses HTTPS, you’ll see a small lock icon to the left of the URL.

Not long after, other browsers started following suit, including Firefox, Safari, and more. They will all display a lock icon like Chrome does.

If you visit a website and the site isn’t using HTTPS to communicate, then you’ll see a Not secure error to the left of the URL.

As though this isn’t off-putting enough to keep visitors away from a website, Google also instituted a policy where use of SSL certificates would help websites rank higher in search results.

These two reasons are why most website owners finally started transitioning their sites to use SSL certificates and communicate with visitors’ browsers via HTTPS.

Why Should You Care About HTTPS?

As a user of the internet, you should care a great deal about whether or not a site uses HTTPS. You may not think anyone cares about what websites you visit or what you’re doing on the internet, but there are very large communities of hackers out there who are very interested.

By intercepting your browser communications with websites, hackers are constantly on the lookout for any of the following information:

• Your email address, so they can sell it to email spammers.
• Your phone number and physical address so they can sell it to marketers.
• ID and passwords you use to log into your bank accounts so they can access your funds.
• Any embarrassing sites you visit so they can send you emails threatening to share that activity with friends and family if you don’t pay up.
• Your computer’s direct IP address so they can try to hack your system.

In fact, making sure you only visit sites that use HTTPS is a powerful way to protect your privacy and security online, for many reasons.

If you own a website, there are even more reasons you should care about installing SSL certificates and enabling HTTPS.

• You’ll get more Google search traffic.
• Visitors will feel safe to visit your website more frequently.
• Customers will feel more secure buying products from you.
• Hackers will be less likely to obtain IDs or passwords that make it easier for them to hack your website.

There are no longer any good reasons for anyone using the internet these days not to be using only HTTPS for all web transactions.

How to Use HTTPS on Your Site

If you own a website and you’re interested in getting rid of that scary “Not Secure” message when people visit your site, it’s not difficult to install SSL certificates for your website.

In fact, we’ve published a full guide on how to get your own SSL certificate for your website, and how to install it.

The simple steps are as follows:

1. Determine the dedicated IP address your web host has provided to your website.
2. Install the SSL certificate either provided by your website, or one you’ve purchased from an SSL certificate service.
3. Force all browsers to use SSL when visiting your site by editing the .htaccess file with a “rewrite” command that changes all connections to use HTTPS.
4. Make sure to provide your private SSL certificate to any CDN services you’ve installed on your site.

This process is getting even simpler lately, since many web hosting services are providing website owners with one-click solutions to install SSL certificates for their website.

Related posts

• 3 Siyaabood oo Sawir ama Fiidyow Looga Qaado Buugga Chrome-ka

• Sida loo ogaado Computer & Email Monitoring ama Basaas Software

• Tignoolajiyada Bandhiga Flat Panel La Demystified: TN, IPS, VA, OLED iyo in ka badan

• Sida loo damiyo ama loo damiyo Koofiyadaha Qufulka ee Chromebook

• 4 Siyaabaha Lagu Helo Xulashada Internetka ee Ugu Wanaagsan (ISPs) ee aaggaaga

• Sida loo hubiyo Khaladaadka Hard-kaaga

• Sida loo qaybiyo clip gudaha Adobe Premiere Pro

• Sida Loo Helo Maalmaha Dhalashada Facebook-ga

• Waa maxay macnaha BCC iyo CC? Fahamka Emailka aasaasiga ah ee Lingo

• Waa maxay Qiimaynta Uber Rakaabka iyo sida loo hubiyo

• Sida Loo Soo Celiyo Ciyaarta Steam

• Sida Loo Furo Fayl Aan Kordhin Lahayn

• Sida Looga Qaado Sawir-qaadista Steam

• Sida loo soo dejiyo fiidiyowyada Twitch

• Sida loo aamusiyo qof khilaaf ku jira

• Sida loo kala qaybiyo shaashadda buug-Chrome

• Sida loogu raadiyo asxaabta Facebook goob, shaqo, ama dugsi

• Sida loogu Isticmaalo VLOOKUP gudaha Google Sheets

• Sida Luqadda loogu beddelo Netflix

• Sida loo soo diro fariin qoraal ah oo qarsoodi ah oo aan dib laguugu soo celin karin