I am here “ Let's embrace 2021 year SEO New trends ” The second part of the article is 6 I'll tell you a little bit SEO The importance of optimization , Today, let's talk about HTTPS And how to implement HTTPS, Let you have a deeper understanding , And grasp the key points of implementation .
Hypertext transfer Security protocols （ English ：HyperText Transfer Protocol Secure, abbreviation ：HTTPS; Often called HTTP over TLS、HTTP over SSL or HTTP Secure） It is a kind of transmission protocol for secure communication through computer network .HTTPS Through HTTP communicate , But use SSL/TLS To encrypt packets .HTTPS The main purpose of the development , Is to provide authentication to the website server , Protect the privacy and integrity of data exchange . This agreement is made by Netscape （Netscape） stay 1994 First proposed in , Then extended to the Internet .
In the history of ,HTTPS Connection is often used for transaction payment on the Internet and the transmission of sensitive information in enterprise information system . stay 2000 From the end of the year to 2010 Beginning of the year ,HTTPS Start to use widely , To ensure that all types of web pages are authentic , Protecting accounts and maintaining user communications , Identity and the privacy of web browsing .
in addition , There's another kind of security Hypertext transfer agreement （S-HTTP） Of HTTP Secure transmission implementation , however HTTPS The wide application of the Internet has become a fact HTTP Secure transmission mode , therefore S-HTTP Not widely supported .
1、 What is? HTTPS？
HTTPS（ Hypertext transfer Security protocols ） It's an Internet communication protocol , It can ensure the integrity and confidentiality of the data transferred between the user's computer and the website . Whenever you visit a website , Users want their online experience to be safe and private . therefore , It is recommended that you adopt HTTPS To protect the connection between users and your website （ No matter what's on your website ）.
The agreement provides triple critical protection ：
- encryption - Encrypt the data exchanged , To protect it from prying . This means that while the user is browsing the site , No one can “ hear ” The content of the conversation , We can't track their activities or steal their information on multiple web pages .
- Data integrity - Whether intentional or unintentional , No data can be modified or damaged during data transmission , And it won't be tested .
- Authentication - Prove that the user can communicate with the target website , This helps protect users from man in the middle attacks and build user trust , And then bring other commercial benefits .
2、 Use powerful A security certificate
Enabling... For the website HTTPS In the process of , You have to get A security certificate . The certificate is issued by the digital certificate authority (CA) Issued by , The agency will take relevant measures , Make sure your website address really belongs to your organization , So as to protect visitors from man in the middle attacks . When setting up certificates , You can choose 2048 A key , To ensure a high level of security . If the key of the certificate you hold （1024 position ） Security is weak , Please upgrade it to 2048 position .
When selecting a site certificate , Please pay attention to the following points ：
- From providing reliable technical support CA Get the certificate at .（ Free certificates such as ：Let's Encrypt、CloudFlare）
- Determine the type of certificate required ：
- A single certificate for a single security source （ for example www.guangwei.pro）.
- Multi domain certificate for multiple known security sources （ for example www.guangwei.pro,en.guangwei.pro）.
- Generic certificate for security sources with multiple dynamic subdomains （ for example a.guangwei.pro,b.guangwei.pro）.
3、 Use the server side 301 Redirect
Use... On the server side 301 Permanent redirection redirects users and search engines to HTTPS Web pages or resources .
4、 confirm Search engine Can I grab your HTTPS Web pages and index them
- Please do not pass robots.txt File block grabbing your HTTPS Webpage .
- Please don't go in your HTTPS The page contains noindex Mark .
If it's Baidu , Please search resources platform in Baidu , Fill in https authentication , Make sure Baidu passes the verification , If it is Google, Please use Google Search Console Of “ URL checking tool ” test Googlebot Can I visit your website .