堆栈内存溢出
  简体   繁体   English

PHP / Drupal网站中的SSL

[英]SSL in php/drupal website

 原文  2010-12-15 07:50:17       php/ drupal/ ssl/ openssl

问题描述

In One of the website am creating there is a requirement to use ssl. 在创建的网站之一中,要求使用ssl。 But i have no idea about this whatsoever. 但是我对此一无所知。 I know ssl is for secure sites. 我知道ssl适用于安全站点。 But what difference will be there in development and where do i get started? 但是开发会有什么不同,我应该从哪里开始呢? I saw this http://php.net/manual/en/book.openssl.php and this http://www.openssl.org/ so it possible to do this without buying an ssl with open ssl? 我看到了这个http://php.net/manual/zh/book.openssl.php和这个http://www.openssl.org/,所以可以不用购买带有开放SSL的SSL就可以做到这一点吗?

I guess this how u detect.... 我想这是你怎么发现的... 

if (isset($_SERVER['HTTPS']) )
{
    echo "SECURE: This page is being accessed through a secure connection.<br><br>";
}
else
{
    echo "UNSECURE: This page is being access through an unsecure connection.<br><br>";
}

Please tell me where to get started and the basics i need to know. 请告诉我从哪里开始以及我需要了解的基本知识。

2 个解决方案

解决方案1
 3 已采纳  2010-12-15 08:01:16

SSL is usually negotiated by the web server. SSL通常由Web服务器协商。 You need to install a certificate that the web server will use to negotiate a secure connection with each client, before PHP is even invoked. 您甚至需要在PHP被调用之前安装一个证书,该证书将被Web服务器用来与每个客户端协商安全连接。 And yes, you will need to pay for an officially validated certificate. 是的,您将需要购买正式验证的证书。 Usually you can do all this very easily through your hosting provider. 通常,您可以通过托管服务提供商轻松地完成所有这些操作。 If you need more help on installing a certificate yourself, try http://serverfault.com . 如果您需要有关安装证书的更多帮助,请尝试http://serverfault.com

Ideally, for your development this means nothing at all. 理想情况下,对于您的开发,这根本没有任何意义。 If your website doesn't make any presumptions to be running on a secured or unsecured connection, it should run fine either way, since the web server is handling the details for you. 如果您的网站没有假定要在安全连接或不安全连接上运行,则无论哪种方式都可以正常运行,因为Web服务器正在为您处理详细信息。 If you are generating full links yourself (including the schema, http:// ), you must be careful there. 如果您自己生成完整链接(包括模式http:// ),则必须小心。 If you're setting any cookies, you should check whether these have the secure flag or not and what that means for your system. 如果要设置任何cookie,则应检查它们是否具有secure标志,这对您的系统意味着什么。

The OpenSSL extension doesn't have much to do with any of this in this context. 在这种情况下,OpenSSL扩展与任何这些都没有多大关系。

解决方案2
 0  2010-12-17 14:39:16

It also makes a difference if your site has some secure pages and some insecure ones. 如果您的站点有一些安全页面和一些不安全页面,也会有所不同。 There is a module called "securepages" that makes most of that really easy. 有一个名为“安全页面”的模块,可以使大部分操作变得非常简单。 Of course, you still have to set up the certificate as the people mentioned above. 当然,您仍然必须像上述人员一样设置证书。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Drupal,nginx,ssl和php-噩梦 - Drupal, nginx, ssl, and php - a nightmare 在PHP网站上实现SSL的基础知识 - Basics for implementing SSL on PHP Website php header()不在ssl网站上工作 - php header() not working on a ssl website 基于Drupal的网站中的PHP分析错误 - PHP parsing error in Drupal-based website 将自定义PHP脚本集成到drupal网站 - Integrating custom PHP script into drupal website 在PHP中使用开放SSL创建https网站 - Create https website with open SSL in PHP php / Drupal7 Curl错误-SSL读取:错误 - php /Drupal7 Curl Error - SSL read: error 恶意代码注入了Drupal 7网站(html.tpl.php) - Malicious code injected into Drupal 7 website (html.tpl.php) 是否可以从任何网站读取 PHP 中的 SSL 信息? - Is it possible to read SSL information in PHP from any website? 如何使用 cURL 和 PHP 从使用 SSL 的网站获取数据? - How to get data from a website that uses SSL using cURL and PHP?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM