Serov.eu » ssl https://serov.eu Блог программиста Thu, 30 Apr 2026 12:31:53 +0000 ru-RU hourly 1 http://wordpress.org/?v=4.1.15 Set up Nginx https://serov.eu/?p=418 https://serov.eu/?p=418#comments Thu, 22 Aug 2019 10:22:29 +0000 https://serov.eu/?p=418 Читать далее Set up Nginx]]> Now we need to add a new snippet with ssl-params.

Go to snippets directory and create a new one.

cd /etc/nginx/snippets
nano ssl.conf

Add the following lines, save and exit the editor (Ctrl+XYEnter).

ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_session_tickets on;

ssl_protocols TLSv1.2;
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES256-SHA384;
ssl_ecdh_curve secp384r1;
ssl_prefer_server_ciphers on;

ssl_stapling on;
ssl_stapling_verify on;

add_header Strict-Transport-Security "max-age=15768000; includeSubdomains; preload";
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;

Then you have to create a directory for certificates snippets.

mkdir certs
cd certs

Create a new file that will hold certificate’s params.

nano example.com

Add paths to the wildcard certificate.

ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
]]> https://serov.eu/?feed=rss2&p=418 0 Переводим сайт на HTTPS https://serov.eu/?p=256 https://serov.eu/?p=256#comments Mon, 12 Mar 2018 18:09:11 +0000 https://serov.eu/?p=256 Читать далее Переводим сайт на HTTPS]]> В свете новостей

Google Chrome начнет помечать все http страницы как «не защищенные» с релизом Chrome 68 в июле 2018

Первым шагом заходим на бота от letsencrypt.org

https://certbot.eff.org/#ubuntutrusty-apache

и следуем инструкции, для моей версии подходило следующее

$ sudo apt-get update
$ sudo apt-get install software-properties-common
$ sudo add-apt-repository ppa:certbot/certbot
$ sudo apt-get update
$ sudo apt-get install python-certbot-apache

$ sudo certbot --apache

и перевыпуск

sudo certbot renew --dry-run

Все, теперь у нас готовый бесплатный сертификат на 3 месяца от гугла.

Далее обновляет БД


 

UPDATE wp_posts SET guid = replace(guid, 'http://serov.eu','https://serov.eu');

UPDATE `wp_posts` SET post_content = REPLACE(post_content, 'src="http://serov.eu', 'src="https://serov.eu')
WHERE post_content LIKE '%src="http://serov.eu%';

UPDATE `wp_posts` SET post_content = REPLACE(post_content, 'src='http://serov.eu', 'src='https://serov.eu')
WHERE post_content LIKE "%src='http://serov.eu%";

UPDATE `wp_posts` SET post_content = REPLACE(post_content, 'href="http://serov.eu', 'href="https://serov.eu')
WHERE post_content LIKE '%href="http://serov.eu%';

UPDATE `wp_posts` SET post_content = REPLACE(post_content, 'href='http://serov.eu', 'href='https://serov.eu')
WHERE post_content LIKE "%href='http://serov.eu%";

UPDATE `wp_posts` SET pinged = REPLACE(pinged, 'http://serov.eu', 'https://serov.eu')
WHERE pinged LIKE '%http://serov.eu%';

SELECT * FROM `WP_DB_NAME`.`wp_posts` WHERE (CONVERT(`ID` USING utf8) LIKE '%%http://serov.eu%%' OR CONVERT(`post_author` USING utf8) LIKE '%%http://serov.eu%%' OR CONVERT(`post_date` USING utf8) LIKE '%%http://serov.eu%%' OR CONVERT(`post_date_gmt` USING utf8) LIKE '%%http://serov.eu%%' OR CONVERT(`post_content` USING utf8) LIKE '%%http://serov.eu%%' OR CONVERT(`post_title` USING utf8) LIKE '%%http://serov.eu%%' OR CONVERT(`post_excerpt` USING utf8) LIKE '%%http://serov.eu%%' OR CONVERT(`post_status` USING utf8) LIKE '%%http://serov.eu%%' OR CONVERT(`comment_status` USING utf8) LIKE '%%http://serov.eu%%' OR CONVERT(`ping_status` USING utf8) LIKE '%%http://serov.eu%%' OR CONVERT(`post_password` USING utf8) LIKE '%%http://serov.eu%%' OR CONVERT(`post_name` USING utf8) LIKE '%%http://serov.eu%%' OR CONVERT(`to_ping` USING utf8) LIKE '%%http://serov.eu%%' OR CONVERT(`pinged` USING utf8) LIKE '%%http://serov.eu%%' OR CONVERT(`post_modified` USING utf8) LIKE '%%http://serov.eu%%' OR CONVERT(`post_modified_gmt` USING utf8) LIKE '%%http://serov.eu%%' OR CONVERT(`post_content_filtered` USING utf8) LIKE '%%http://serov.eu%%' OR CONVERT(`post_parent` USING utf8) LIKE '%%http://serov.eu%%' OR CONVERT(`menu_order` USING utf8) LIKE '%%http://serov.eu%%' OR CONVERT(`post_type` USING utf8) LIKE '%%http://serov.eu%%' OR CONVERT(`post_mime_type` USING utf8) LIKE '%%http://serov.eu%%' OR CONVERT(`comment_count` USING utf8) LIKE '%%http://serov.eu%%');

UPDATE `wp_comments` SET comment_author_url = REPLACE(comment_author_url, 'http://serov.eu', 'https://serov.eu')
WHERE comment_author_url LIKE '%http://serov.eu%';

UPDATE `wp_comments` SET comment_content = REPLACE(comment_content, 'http://serov.eu', 'https://serov.eu')
WHERE comment_content LIKE '%http://serov.eu%';

UPDATE `wp_postmeta` SET `meta_value` = REPLACE(meta_value, 'http://serov.eu', 'https://serov.eu')
WHERE meta_value LIKE '%http://serov.eu%';

UPDATE `wp_options` SET `option_value` = "https://serov.eu" WHERE `wp_options`.`option_name` = 'siteurl';

UPDATE `wp_options` SET `option_value` = "https://serov.eu" WHERE `wp_options`.`option_name` = 'home';

 

На все ушло минут 10

не забываем добавить в крон

@monthly certbot renew --dry-run

]]> https://serov.eu/?feed=rss2&p=256 0