jdk以往版本
This article was originally published on Nick Janetakis.
本文最初在Nick Janetakis上发表。
If you have a website, or you’re thinking about deploying your site soon, you need to consider making it work with HTTPS.
如果您有一个网站,或者正在考虑尽快部署网站,则需要考虑使其与HTTPS一起使用。
Now, before we go over the issues of not having a secure site (spoiler alert: it’s a big deal even if you ignore the security concerns), let’s go over how many sites are using HTTPS as of mid-2017.
现在,在我们讨论没有安全站点的问题( 剧透警报:即使您忽略安全问题也很重要 )之前,让我们先回顾一下截至2017年中期有多少个站点正在使用HTTPS。
According to Firefox’s telemetry data, ~60% of page views are being loaded over HTTPS:
根据Firefox的遥测数据 ,约60%的页面浏览量是通过HTTPS加载的:
That shows about a +20% adoption rate in 18 months, which is very impressive considering that accounts for all page views on the internet, not just page views on top sites.
这表明在18个月内采用率增加了20%,考虑到互联网上的所有页面浏览量,而不仅仅是顶级网站的页面浏览量,这一点令人印象深刻。
Chrome’s telemetry data is in the same ballpark as Firefox:
Chrome的遥测数据与Firefox处于同一水平:
The reality is, hosting an insecure site just isn’t good enough…
现实是,托管一个不安全的站点还不够好……
Google ranks insecure pages (HTTP) worse than secure pages (HTTPS) Google对不安全页面(HTTP)的排名低于安全页面(HTTPS)的排名Your visitor’s browsing activity and data isn’t encrypted or protected
访客的浏览活动和数据未加密或未受保护
Chrome and Firefox are adding scary visual cues to punish insecure sites. That means, even non-technical folk are now receiving in your face warnings that your site is dangerous to view…
Chrome和Firefox正在添加可怕的视觉提示来惩罚不安全的网站。 这意味着,即使非技术人员现在也可以从您的面前收到警告,警告您的网站危险查看…
It started with the secure lock icon, but that’s old news. Browser vendors have been doing that for years.
它从安全锁图标开始,但这是个老新闻。 浏览器供应商已经这样做了多年。
Recently, they have been rolling out more aggressive cues, and it’s going to continue to get worse and worse for insecure sites as time goes on.
最近,他们一直在提供更具攻击性的线索,随着时间的流逝,对于不安全的站点,这种情况将越来越严重。
A few current and upcoming visual cues in Chrome and Firefox:
Chrome和Firefox中当前和即将出现的一些视觉提示:
Firefox is already showing the visual cues on the right, and Chrome is about to transition to using a non-red “Not secure” label in October 2017, with the red version coming eventually.
Firefox已经在右侧显示了视觉提示,Chrome 将于2017年10月过渡到使用非红色的“不安全”标签,最终将使用红色版本。
These are in your face warnings that your site is not secure. I don’t know about you, but there’s no way in heck that I would consider putting sensitive information into an insecure form.
这些是警告您的网站不安全。 我不了解您,但我绝不会考虑将敏感信息放入不安全的表格中。
I don’t even like browsing anonymously on insecure sites because that means all of your browsing habits can be spied on by your ISP (Internet Service Provider) or anyone watching. With net neutrality constantly being attacked, this is a big deal and ultimately affects everyone in the world.
我什至不喜欢在不安全的网站上匿名浏览,因为这意味着您的所有浏览习惯都可以被您的ISP(互联网服务提供商)或任何观看者监视。 随着网络中立性不断受到攻击,这很重要,并最终影响到世界上每个人。
As website owners, we can do our best to secure the web one site at a time by simply securing our sites over HTTPS. It’s not a war that we can’t win either. We are winning (world wide HTTPS coverage is over 50%).
作为网站所有者,我们可以通过简单地通过HTTPS保护我们的网站来尽最大努力确保一个网站的安全。 我们也不能赢得这场战争。 我们正在胜利(全球HTTPS覆盖率超过50%)。
In the middle of 2014, Google openly admitted that HTTPS is a page ranking signal.
2014年中,Google公开承认HTTPS是网页排名信号 。
Now, I’m not going to pretend I know the inner works of its ranking algorithms (because no one outside their search team knows this info), but facts are facts. An insecure page served over HTTP has less page rank value than an equivalent secure site served over HTTPS and the above article states that the strength of HTTPS vs HTTP may go up in the future.
现在,我不会假装我知道其排名算法的内部工作(因为他们的搜索团队之外没有人知道此信息),但事实是事实。 通过HTTP提供服务的不安全页面比通过HTTPS提供服务的同等安全站点具有更少的页面等级值,以上文章指出,将来HTTPS和HTTP的强度可能会提高。
It’s mid-2017 now and that article was written in 2014, so “today” is the future. There hasn’t been an update to that article as far as I know, but all I know is, I wouldn’t want to give my competitors an SEO advantage because I didn’t secure my site.
现在是2017年中,该文章写于2014年,所以“今天”是未来。 据我所知,该文章尚未更新,但我所知道的是,我不想让竞争对手获得SEO优势,因为我没有保护自己的网站。
All that is to say, we’re on a rapid march towards a “secure by default” web when it comes to protecting traffic.
所有这一切是说,我们是在朝着“默认安全”网的急行军 ,当涉及到保护流量。
And if you’re serving anything over an insecure connection, you need to plan how you’re going to go HTTPS now.
如果你是在一个不安全的连接服务什么 , 你需要计划你打算怎么走了HTTPS。
There are a number of options for securing your site with HTTPS, and they all involve obtaining SSL certificates and then configuring your web server to use those certificates.
有许多选项可用于使用HTTPS保护您的网站,它们都涉及获取SSL证书,然后将Web服务器配置为使用这些证书。
My favorite way of doing this is with a service called Let’s Encrypt.
我最喜欢的方法是使用名为“加密”的服务。
Simply put: They are a free, automated and open certificate authority.
简而言之:它们是免费,自动化和开放的证书颁发机构。
SSL certificates can be issued for free via Let’s Encrypt. Compare that to $10/year per certificate from other providers — don’t get ripped off!
可以通过Let's Encrypt免费颁发SSL证书。 相比之下,其他提供商每年每张证书的价格为10美元- 别被扯掉!
It’s open source, transparent and has a huge community 它是开源的,透明的并且具有庞大的社区100% hands-free SSL certificate automation once you set it up. Other providers require you to manually renew certs yearly or your site stops working
设置完成后,即可100% 免提SSL证书自动化 。 其他提供商要求您每年手动更新证书,否则您的站点将停止工作
Over 40 million+ certs issued and growing at remarkable speeds
超过4,000万份证书发行并以惊人的速度增长
If you want to learn how to secure any website or web application with Let’s Encrypt then check out the HTTPS with Let’s Encrypt course I recently released.
如果您想了解如何使用Let's Encrypt保护任何网站或Web应用程序的安全,那么请查看我最近发布的HTTP with Let's Encrypt课程。
The Best Way to Secure Your Site with HTTPS 使用HTTPS保护您的网站的最佳方法 Nick Janetakis 尼克·简塔基斯(Nick Janetakis) SitePoint fans get it for 40% off.. SitePoint粉丝可获得40%的折扣。 。3 hours is all you need to understand the ‘how’ and then actually secure your own site or web app with HTTPS using Let’s Encrypt.
3小时内,所有你需要了解“如何”,然后实际使用让我们加密与HTTPS来保护自己的网站或网络应用程序。
The course covers everything you need to know about using HTTPS and even goes as far as how to set up a web server and hook up a custom domain name. It also contains ready-to-use scripts and configs that I’ve been tweaking and using in production for years. You’ll get an A+ SSL rating.
该课程涵盖了您需要使用HTTPS所需要了解的所有内容,甚至涵盖了如何设置Web服务器和连接自定义域名。 它还包含了我多年来一直在生产中进行调整和使用的即用型脚本和配置。 您将获得A + SSL等级。
Don’t keep doing SSL the old way. It’s time-consuming and costly.
不要继续使用旧的方式执行SSL。 这既耗时又昂贵。
Grab the course now and learn Let’s Encrypt quickly without digging too deeply into its documentation and without having to learn it through trial and error.
立即获取课程 ,快速学习“让我们加密”,而无需深入了解其文档,也不必通过反复试验来学习。
Complete with a 100% risk free, 365 day money back guarantee.
具备100%无风险,365天退款保证。
Plus SitePoint fans get the course for 40% off for the next 24 hours!
另外,SitePoint粉丝还可在接下来的24小时内享受40%的折扣 !
翻译自: https://www.sitepoint.com/securing-your-website-with-https-is-more-important-than-ever/
jdk以往版本
相关资源:jdk-8u281-windows-x64.exe