☑️ I-header yokhuseleko ye-HTTP ayibonwa? Nazi izilungiso ezi-4 ezilungileyo
– Reviews Iindaba
- I-header yokhuseleko ye-HTTP engabonwayo inokwenza iseva yakho ibe sesichengeni, ngoko ke kubalulekile ukuyilungisa.
- Isihloko esilahlekileyo soKhuseleko lwezoThutho olungqongqo luthetha ukuba usetyenziso alukwazi ukuthintela abasebenzisi ekuqhagamsheleni kuyo ngoqhagamshelwano olungafihlwanga.
- Ukulungisa lo mba, ngesiqhelo kufuneka utshintshe useto lweheader kumncedisi.
XINSTALL NGOKUCOPHO KWIFILE YOKUKHUPHELA
Ukulungisa iingxaki ezahlukeneyo zePC, sicebisa isiXhobo sokuLungisa iPC yeRestoro:
Le software iya kulungisa iimpazamo eziqhelekileyo zekhompyuter, ikukhusele ekulahlekeni kwefayile, i-malware, ukusilela kwehardware, kwaye yandise iPC yakho ekusebenzeni okuphezulu. Sombulula iingxaki zePC kwaye ususe iintsholongwane ngoku ngamanyathelo ama-3 alula:
- Khuphela i-Restoro PC yokulungisa isixhobo ekhatshwa yitekhnoloji enelungelo elilodwa lomenzi wechiza (ilungelo elilodwa lomenzi wechiza liyafumaneka apha).
-
Cofa qala uhlalutyo ukufumana imiba yeWindows enokubangela iingxaki kwiPC.
-
Cofa lungisa yonke into ukulungisa iingxaki ezichaphazela ukhuseleko kunye nokusebenza kwekhompyuter yakho
- IRestoro ikhutshelwe ngabafundi abayi-0 kule nyanga.
Okokuqala, i-Header yoKhuseleko lwe-HTTP ayibonwa ngumba owothusayo owenza indawo yakho ibe sesichengeni kubaduni. Iiheader zokhuseleko zigqiba ukuba zithintelwe na okanye zivule iiseti zamanyathelo okhuseleko kwisikhangeli sewebhu.
Iiheader zokhuseleko ziqondisa kwaye zixelele usetyenziso lwewebhu indlela yokusingatha isicelo sakho kunye neempendulo zokuthembela ezivela kwizihloko zeHTTP.
Kuxhomekeke kwiimpendulo ezifunyenwe kwimethadatha kwisicelo se-HTTP ukugqiba ukuba i-header yokhuseleko ye-HTTP ayifumanekanga.
Kwakhona, izikhangeli ezitsha zinenkqubo yokukhusela eyakhelwe-ngaphakathi ebizwa ngokuba yi-XSS filter. Nangona kunjalo, inokuthi ikhubazwe ngokungagqibekanga, nto leyo ekhokelela kule ngxaki.
Le ayisiyiyo kuphela impazamo onokuthi uhlangabezane nayo, kwaye abaninzi baye babika impazamo yeHTTP 401 engagunyaziswanga kwiPC yabo, kodwa inokulungiswa ngokulula.
EYONA BHUNGA LWEWEBHU IBANGAPHAMBILI SIKUCEBISAYO
Yintoni ebangela ukuba i-header yokhuseleko ye-HTTP ingabhaqwa?
Ukubhalwa kwe-Cross-site (XXS) kwenzeka xa umhlaseli ethumela ikhowudi ekhohlakeleyo neyingozi komnye umsebenzisi wokugqibela. Ke ukuba i-header yakho ilahlekile nayiphi na kwezi xa ihlaselwe, i-header yokhuseleko ye-HTTP ayinakufunyanwa.
- Ukhetho lwe-X-Frame (ukhuseleko olungqongqo lwezothutho): Iinketho ze-X-isakhelo zinceda ukuphucula ukhuseleko lwezicelo zewebhu ngokuchasene nezoyikiso kunye nohlaselo lokucofa. I-Clickjacking iyenzeka xa umhlaseli esebenzisa amaqhinga ahlukeneyo ukukhohlisa abasebenzisi ukuba bacofe ikhonkco elingafunwayo.
- X Iinketho zodidi lomxholo: Oku kufundeka okanye kunoko kuvumela usetyenziso lwewebhu ukubona udidi lwe-MIME ukunqanda umkhangeli zincwadi ekulayisheni izimbo kunye nezikripthi zohlobo olungalunganga lwe-MIME.
- Ukhuseleko lwezoThutho olungqongqo lweHTTP: Le header ixhasa isikhangeli esakhelwe ngaphakathi XSS (Cross-Site Scripting) isihluzo kwaye sinqanda unxibelelwano neeseva zewebhu ezinobungozi. Ixelela isikhangeli sakho ukuba siqondise itrafikhi kwindawo ekhuselekileyo kunye nesemthethweni ye-HTTPS.
- X-XSS-HTTP uKhuselo: Oku kukuvumela ukuba wongeze imithombo yomxholo kuluhlu olumhlophe. Inokuthintela lonke uhlaselo lwe-XSS kwaye icuthe umonakalo odlulayo.
Abaninzi baye baxela ukuba i-header yokhuseleko ye-HTTP ayibonwa kwi-port 80, kwaye siza kukubonisa indlela yokulungisa lo mbandela kumaqonga amaninzi ahlukeneyo.
Ndingayilungisa njani i-header yokhuseleko ye-HTTP ayibonwa?
1. Sebenzisa iinketho ze-X-Isakhelo kumncedisi
1.1 Apache
- Vula ifayile yakho yoqwalaselo lomamkeli. Emva koko faka oku kulandelayo: $ sudo nano /etc/apache2/available-sites/example.com.conf
- Yongeza oku kulandelayo kwifayile yoqwalaselo. Emva koko qalisa kwakhona iseva: Iheda ihlala isongeza ii-X-Frame-Options DINI
1.2 ngx
- Vula ifayile yakho yoqwalaselo yenginx yenyani kwaye uyibeke kulawulo: /usr/local/nginx/conf
- Yongeza oku kwifayile yoqwalaselo: add_header X-Isakhelo-Iinketho ZINKA
1.3 IIS
- Vula umphathi weseva ye-IIS yomncedisi.
- hamba Iiheader zempendulo yeHTTP.
- Cofa ukwengeza kwaye ungene X iinketho zesakhelo kwingeniso yegama, kunye UKWALA ixabiso
- khetha Kulungile ukwenza utshintsho.
2. Ukusebenzisa ukhuseleko lwe-X-XSS
2.1 Apache
- Vula ifayile yokumisela inginginya yenyani kwaye ungene $ sudo nano /etc/apache2/available-sites/example.com.conf
- Yongeza oku kwifayile yoqwalaselo: I-header ye-X-XSS-yoKhuselo imiselwe ku-"1; mod = ibhloko
Njengoko ubona, ukulungisa i-Apache ye-HTTP yoKhuseleko yeNtloko engafunyaniswanga sesichengeni kulula kakhulu.
2.2. Nginx
- Vula ifayile yakho yoqwalaselo yenginx yenyani kwaye uyibeke kulawulo: /usr/local/nginx/conf
- Faka oku kulandelayo kwi inkomfa ifayile kwaye uqalise kwakhona umncedisi: add_header X-XSS-Ukhuseleko1; indlela=ibhloko
2.3 IIS
- Vula umphathi weseva ye-IIS yomncedisi.
- hamba Iiheader zempendulo yeHTTP.
- Cofa Faka kwaye ungene X-XSS uKhuselo kwingeniso yegama, kunye ukusezela ixabiso
- khetha Kulungile ukwenza utshintsho.
3. Sebenzisa iinketho zohlobo lwe-X-Content
3.1 Apache
- Vula ifayile yoqwalaselo yenginginya yenyani usebenzisa olu lawulo: $ sudo nano /etc/apache2/available-sites/example.com.conf
- Yongeza oku kulandelayo kwifayile yoqwalaselo, emva koko uqalise kwakhona umncedisi: X-Isiqulatho-Uhlobo-Iinketho zokuseta isihloko se-nosniff
3.2 Nginx
- Vula ifayile yakho yoqwalaselo yenginx yenyani kwaye uyibeke kulawulo: /usr/local/etc/nginx
- Yongeza oku kulandelayo kwi nginx.conf ifayile, emva koko uqalise kwakhona umncedisi: add_header X-Isiqulatho-Uhlobo-Ukhetho lwenunofi;
Njengoko ubona, kulula kakhulu ukulungisa i-HTTP yoKhuseleko lweNtloko ayifunyanwa semngciphekweni kwi-Nginx ngale ndlela.
3.3 IIS
- Vula umphathi weseva ye-IIS yomncedisi.
- hamba Iiheader zempendulo yeHTTP.
- Cofa Faka kwaye ungene X Iinketho zodidi lomxholo kwingeniso yegama, kunye ukusezela ixabiso
- khetha Kulungile ukwenza utshintsho.
4. Ukhuseleko lwezothutho lweHTTP olungqongqo
4.1 Apache
- Vula ifayile yoqwalaselo yenginginya yenyani usebenzisa olu lawulo: $ sudo nano /etc/apache2/available-sites/example.com.conf
- Yongeza oku kulandelayo kwifayile yoqwalaselo kwaye uqalise kwakhona umncedisi: Iseti yesihloko esingqongqo-soThutho-uKhuseleko 'max-age=31536000; ziquka iiNdawo eziphantsi; ukulayisha kwangaphambili
4.2 Nginx
- Vula ifayile yakho yoqwalaselo yenginx yenyani kwaye uyibeke kulawulo: /usr/local/etc/nginx
- Yongeza oku kulandelayo kwi nginx.conf ifayile kwaye uqalise kwakhona umncedisi: add_headerStrict-Transport-Security 'max-age=31536000; bandakanya i-subdomains; ukulayisha kwangaphambili';
4.3 IIS
- Vula i-IIS Server Host Manager
- hamba Iiheader zempendulo yeHTTP.
- Cofa ukwengeza kwaye ungene Ukhuseleko lwezothutho olungqongqo lweHTTP kwingeniso yegama, kunye ubukhulu beminyaka=31536000; bandakanya i-subdomains; ukulayisha kwangaphambili ixabiso
- khetha Kulungile ukwenza utshintsho.
Le yenye yendlela yokulungisa iHeader yoKhuseleko lweHTTP Ayifunyaniswanga sesichengeni kwi-IIS, ke qiniseka ukuba uyayizama.
Ukhuseleko lwezoThutho oluQhelekileyo lweHTTP (HSTS) luxhaswa zizo zonke iibhrawuza. Ngaloo ndlela, umcimbi kufuneka usonjululwe emva koko.
Ezi zezona zisombululo zilungileyo ze-HTTP yokhuseleko lwentloko engachongwanga umcimbi. Kwakhona, kucetyiswa ukuba ulandele ezi zilungiso ngokucophelela ukufaka ulwazi oluchanekileyo kwifayile yoqwalaselo.
Umba ongekabonwa we-HTTP wokhuseleko uye wachazwa kwi-SonicWall, Windows 2012 R2, kunye ne-Fortigate, kodwa izisombululo zala maqonga ziyafana nezo zikwesi sikhokelo.
Ukongeza, ukusebenzisa ezi ntloko zokhuseleko ze-HTTP kuya kuphucula ukhuseleko lwakho lomncedisi kwaye ubenze bakwazi kwiindawo zakho.
Jonga isikhokelo sethu sokusombulula impazamo ye-HTTP 400 abasebenzisi abakhalaza ngayo ukongeza kukhuseleko.
Usenengxaki? Zilungise ngesi sixhobo:
- Khuphela esi sixhobo sokuLungisa iPC Ikalwe ngokugqwesileyo kwiTrustPilot.com (ukhuphelo luqala kweli phepha).
- Cofa qala uhlalutyo ukufumana imiba yeWindows enokubangela iingxaki kwiPC.
- Cofa lungisa yonke into ukusombulula iingxaki ngobuchwephesha obunelungelo elilodwa lomenzi wechiza (isaphulelo esikhethekileyo sabafundi bethu).
IRestoro ikhutshelwe ngabafundi abayi-0 kule nyanga.
SOURCE: Uphonononga Iindaba
Ungalibali ukwabelana ngenqaku lethu kwiinethiwekhi zentlalo ukusinika ukomelela okuqinileyo. 🤓