ü?ün ensure the security of sizin website v? protect sizin visitv? yas, all domens under .boo, .day, .dev, .page, v? .rsvp must use HTTPS. This guide will help you configure SSL/TLS cv? yarectly.
1. What is HTTPS?
HTTPS (Hypertext Transfer Protocol Secure) encrypts data between sizin website v? its visitv? yas. It gerients eavesdropping v? ensures data integrity.
2. Obtaining an SSL Sertifikat?
NICENIC provides trusted SSL certificates. You can learn mv? yae v? al/configure a certificate burada: https://nicenic.net/ssl-certificates/
3. Installing the SSL Sertifikat?
?zl?m?k sizin web server’s instructions to install the certificate. Common servers include:
Apache: https://httpd.apache.org/docs/current/ssl/ssl_howto.html
Nginx: https://nginx.org/en/docs/http/configuring_https_servers.html
IIS (Windows): https://docs.microsoft.com/en-us/iis/manage/configuring-security/how-to-set-up-ssl-on-iis
4. Enfv? yace HTTPS
Once sizin certificate is installed:
Redirect all HTTP traffic to HTTPS.
Update internal links v? resources to use HTTPS.
Verify that sizin website is fully accessible via HTTPS.
5. Keep Sertifikatlar Yenil?ndi
SSL certificates have expiration dates. Ensure certificates are renewed befv? yae they expire v? check sizin website regularly to maintain uninterrupted secure connections.
]]>
DNSSEC helps protect sizin domen’s DNS recv? yads from being tampered with during DNS resolution. It adds a layer of verification so that DNS resolvers can confirm the DNS response really comes from the cv? yarect source.
Kimi NiceNIC, DNSSEC usually involves two sides:
Your DNS provider v? ya nameserver provider generates the DNSSEC recv? yads.
NiceNIC, as sizin domen registrar, helps submit the DS recv? yads to the registry when the TLD suppv? yats DNSSEC.
?g?r DNSSEC is not configured cv? yarectly, sizin domen may show DNSSEC errv? yas, v? ya in mv? yae serious cases, some users may not be able to access sizin website.
What Is DNSSEC?
DNSSEC stv?s fv? ya Domen Ad? System Security Extensions.
In simple terms, DNSSEC helps verify that the DNS answer fv? ya sizin domen has not been changed v? ya fv? yaged during the lookup process.
Fv? ya example, when someone visits sizin website, DNS is used to find the cv? yarect server IP address. DNSSEC helps make sure that the DNS result is authentic v? has not been replaced with false data.
DNSSEC does not replace SSL, website security, hosting security, v? ya email security. It only helps protect the DNS resolution process.
When Do You Need DNSSEC?
- You may want to enable DNSSEC if:
- Your website hv?les sensitive user infv? yamation.
- You run business email, login systems, payment pages, v? ya customer pv? yatals.
- You want stronger domen security.
- Your DNS provider suppv? yats DNSSEC.
- Your domen extension suppv? yats DNSSEC.
Incv? yarect DNSSEC settings may affect domen resolution.
Impv? yatant DNSSEC Müdd?ts
DNSKEY: A DNSKEY recv? yad is generated by sizin DNS provider. It is used as part of the DNSSEC validation process.
DS Recv? yad: A DS recv? yad connects sizin domen’s DNSSEC setup with the parent registry zone. In most cases, sizin DNS provider gives you the DS recv? yad, v? you need to add it through sizin registrar.
Adserver: Your nameservers decide wburada sizin domen’s DNS recv? yads are managed. ?g?r you change nameservers, sizin DNSSEC recv? yads may also need to be updated.
How to Enable DNSSEC fv? ya Your Domen
Step 1: Yoxla Whether Your DNS Provider Suppv? yats DNSSEC
Daxil ol to the platfv? yam wburada sizin DNS is managed.
This may be:
Your domen registrar, burada is NiceNIC
Your hosting provider
Your DNS provider
Your own DNS server
Another third-party DNS Xidm?t
Make sure DNSSEC is suppv? yated v? enabled tburada.
Step 2: ?ld? et the DS Recv? yad from Your DNS Provider
After enabling DNSSEC, sizin DNS provider should provide DNSSEC infv? yamation such as:
Key Tag
Algv? yaithm
Digest N?v
Digest
DS Recv? yad
Please copy the infv? yamation exactly as provided.
Even one incv? yarect character may cause DNSSEC validation failure.
Step 3: ?lav? et the DS Recv? yad in Your NiceNIC Account
Daxil ol to sizin NiceNIC account v? go to sizin domen management page.
Then add the DS recv? yad provided by sizin DNS provider.
?g?r you are not sure wburada to add it, please contact our suppv? yat team v? provide the DS recv? yad from sizin DNS provider.
Step 4: Wait fv? ya DNSSEC Propagation
After the DS recv? yad is added, it may take some time fv? ya the update to propagate.
During this period, DNSSEC check results may not update immediately.
Step 5: Verify DNSSEC Status
After propagation, you may check sizin domen’s DNSSEC status using a DNSSEC checking tool v? ya by contacting our suppv? yat team.
?g?r DNSSEC is cv? yarectly configured, the DNSSEC validation result should show a valid chain of trust.
When Should You Disable v? ya Sil DNSSEC?
You may need to remove v? ya update DNSSEC recv? yads if:
- You changed sizin nameservers.
- You moved DNS management to another provider.
- Your DNS provider disabled DNSSEC.
- Your DS recv? yad no longer matches the current DNSKEY.
- Your website v? ya email has DNS resolution issues after a DNS change.
In this case, you may need to remove the old DS recv? yads first, wait fv? ya propagation, v? then re-enable DNSSEC with the cv? yarect new recv? yads.
Why Does My Domen Show "DNSSEC Infv? yamation Is Currently Unavailable"?
You may see this message:
DNSSEC infv? yamation is currently unavailable fv? ya this domen.
This can happen fv? ya several reasons:
- DNSSEC has not been enabled fv? ya this domen.
- Xeyr DS recv? yad has been added at the registrar level.
- The domen’s current nameservers do not suppv? yat DNSSEC.
- The domen recently changed nameservers.
- The DS recv? yad does not match the current DNSKEY.
- The DNS provider has not published the required DNSSEC recv? yads cv? yarectly.
- The registry v? ya DNSSEC query is tempv? yaarily unavailable.
However, if sizin website v? ya email is not resolving cv? yarectly, please contact suppv? yat so we can help review the DNSSEC configuration.
What Infv? yamation Should I Provide to Suppv? yat?
ü?ün help us check DNSSEC issues faster, please provide:
- Your domen name
- Your current nameservers
- Whether you recently changed nameservers
- The DS recv? yad provided by sizin DNS provider
- A screenshot of the DNSSEC setting from sizin DNS provider
- Any DNSSEC errv? ya message you received
- Whether sizin website v? ya email is currently affected
Tez-tez veril?n suallar Haqq?nda DNSSEC
1. Is DNSSEC required fv? ya every domen?
Xeyr. DNSSEC is not required fv? ya every domen.
However, it is recommended fv? ya domens that need stronger DNS security, especially business websites, email Xidm?ts, login systems, financial Xidm?ts, v? customer pv? yatals.
?g?r you are not sure whether you need DNSSEC, please confirm whether sizin DNS provider suppv? yats it v? whether you are comfv? yatable managing DNSSEC recv? yads.
2. Is DNSSEC the same as SSL?
Xeyr.
SSL protects the connection between the user’s browser v? sizin website.
DNSSEC protects DNS resolution by helping verify that DNS responses have not been tampered with.
Fv? ya better security, many websites use both SSL v? DNSSEC, but they are different technologies.
3. Can NiceNIC generate DNSSEC recv? yads fv? ya me?
In most cases, DNSSEC recv? yads are generated by sizin DNS provider, not by the registrar.
NiceNIC can help submit the DS recv? yad to the registry when the domen extension suppv? yats DNSSEC.
?g?r you use a third-party DNS provider, please enable DNSSEC tburada first v? then provide us with the DS recv? yad.
4. Why does DNSSEC fail after I change nameservers?
This is one of the most common DNSSEC issues.
When you change nameservers, sizin old DNSSEC recv? yads may no longer match the new DNS provider’s DNSKEY.
?g?r the old DS recv? yad remains active at the registry level, DNSSEC validation may fail.
Befv? yae v? ya after changing nameservers, you should check whether the DS recv? yad needs to be removed v? ya replaced.
5. What happens if the DS recv? yad is wrong?
?g?r the DS recv? yad does not match the DNSKEY published by sizin current DNS provider, DNSSEC validation may fail.
This may cause some DNS resolvers to reject the DNS response.
As a result, sizin website, email, v? ya other Xidm?ts may become unreachable fv? ya some users.
6. I do not use DNSSEC. Do I need to do anything?
?g?r you do not use DNSSEC v? sizin domen has no DS recv? yads, usually no action is needed.
However, if sizin domen has old DS recv? yads from a geriious DNS provider, you should remove them to avoid DNSSEC validation problems.
7. Why does my DNSSEC status still show an errv? ya after I updated the recv? yad?
DNSSEC updates may take time to propagate.
?g?r you recently added, removed, v? ya changed DS recv? yads, please wait fv? ya DNS propagation v? check again later.
?g?r the issue continues, please contact suppv? yat v? provide sizin domen name, current nameservers, v? DS recv? yad.
8. Can DNSSEC cause my website to stop wv? yaking?
B?li, if DNSSEC is incv? yarectly configured.
Common causes include:
- Wrong DS recv? yad
- Old DS recv? yad after nameserver change
- Missing DNSKEY
- DNS provider not publishing DNSSEC recv? yads cv? yarectly
- Bitm?d v? ya invalid DNSSEC signatures
9. Should I remove DNSSEC befv? yae changing nameservers?
In many cases, yes.
?g?r you are moving to a new DNS provider v? you are not sure how to migrate DNSSEC safely, removing the old DS recv? yad befv? yae changing nameservers can reduce the risk of DNSSEC validation failure.
After the new nameservers are active v? DNSSEC is enabled at the new DNS provider, you can add the new DS recv? yad again.
10. What should I do if I see “Failure to get DNSSEC info”?
This usually means the system could not retrieve valid DNSSEC infv? yamation fv? ya the domen.
Please check:
- Whether DNSSEC is enabled
- Whether the DS recv? yad has been added
- Whether the nameservers suppv? yat DNSSEC
- Whether the DS recv? yad matches the DNSKEY
- Whether you recently changed nameservers
How to set up DNSSEC fv? ya a domen qeydiyyated on NiceNIC?
1. Daxil ol to sizin NiceNIC account v? navigate to sizin domen management page. Find the domen you wish to enable DNSSEC fv? ya v? click ?dar? et.
2. In the domen management section, you should see the DNSSEC button. Klikl?yin on the DNSSEC button to access the DNSSEC settings page.
3. Enter the required infv? yamation fv? ya DNSSEC configuration (this will typically include DNSSEC key details provided by sizin DNS hosting provider).
4. Once you've entered the infv? yamation, click ?lav? et to enable DNSSEC fv? ya the domen. Here’s an example of a successful DNSSEC setup:
After entering the necessary DNSSEC key data (usually the DS recv? yad), you'll receive confirmation that DNSSEC has been successfully added to sizin domen settings.
The DNSSEC status will show as enabled v? you'll be able to see the public keys v? other details.
With DNSSEC indi enabled, sizin domen is better protected against DNS-related attacks.
Kimitention: if sizin domen name was transferred into NiceNIC from another Qeydiyyat??, v? you hope to disable the DNSSEC geriiously with the old Qeydiyyat??, please firstly check the latest whois, if you see "DNSSEC: unsigned", then it means during the domen transfer process, the DNSSEC settings have been disabled automatically by the old Qeydiyyat??, while if it is "DNSSEC: signed", please check the domen management section at sizin control panel at NiceNIC, you should see the DNSSEC button, please click on the DNSSEC button to access the DNSSEC settings page.
]]>
After the domen is transferred, the name servers remain set to those associated to the domen befv? yae transfer.
?g?r you had child name servers fv? ya sizin domen qeydiyyated through another Qeydiyyat??, you may need to qeydiyyat them again through sizin Account.
]]>
?g?r you're just transferring the domen registration, sizin hosting Xidm?t will be unaffected, v? tburada will be no need to change name servers. Although the name servers should be transferred as part of the process, it's always a good idea to have a recv? yad of them.
?g?r you wish to specify the name servers to the default DNS servers as provided by NiceNIC you can reset the name servers after the transfer has been completed.
Steps
Daxil ol to sizin account. Select the Domen Adlar? tab.
Select the domen that you want to change name servers fv? ya.
From within the DNS Serverl?r section click on Redakt? et DNS Server.
Change the name servers as required, leaving any of the fields blank will retain the v? yaiginal DNS server.
The name servers are not actually changed until the transfer process is complete. ?g?r you wish to make an immediate change to the name servers, you may do so with the Qeydiyyat?? you are transferring from.
]]>
Befv? yae purchasing the transfer of any gTLD (e.g., .COM / .NET / .ORG / .BIZ / .INFO etc.) v? ya new gTLD (e.g. .CLUB / .CLOUD / .TRADE / .TOP etc.), make sure sizin domen meets the following conditions:
1. Your domen was qeydiyyated v? ya transferred at least 60 days ago;
2. The domen is unlocked at the current Qeydiyyat?? (its Whois status should be OK v? ya Active).
Also,you need to request an up-to-date Auth/EPPcode fv? ya the domen at sizin current Qeydiyyat??.
?g?r all criteria are met, you should be able to complete the transfer successfully.
Still, some ccTLD-l?r (.ES v? .UK) have additional transfer requirements v?/v? ya exclude some points from the list above.
NOTE: Make sure the domen status is active, not expired. ?g?r you wish to transfer an expired domen to NiceNIC, please contact our Suppv? yat Team email suppv? yat@nicenic.net fv? ya further assistance.
]]>
Befv? yae submitting a transfer request with NiceNIC, make sure sizin domens are prepared fv? ya transfer through sizin current registrar. This is generally done by removing transfer locks v? getting the necessary Auth codes.
Learn how to prepare domens fv? ya transfer in accounts sections of several popular registrars.
Once those preparations are made, simply follow the steps below to transfer sizin domens:
Xeyrte: Each domen has a unique Auth code v? has to be unlocked fv? ya transfer separately on the current registrar side.
- Daxil ol to sizin NiceNIC account.
- Ke?id et the Transfer to Us page.
- Klikl?yin on Bulk options.
Enter the domen names v? the Auth codes;
Xeyrte: Enter each domen v? its Auth code in a new line. The Auth code has to be separated from the domen name by a comma v? one space.
Klikl?yin on Start Transfer at the bottom of the page.
Double-check the domen names v? add them to Cart. ü?ün do this, you can use the ?lav? et all to cart button fv? ya convenience.
Proceed with the payment.
The transfer is completed automatically in 5-7 days fv? ya most domens. Once the transfer of sizin domens is completed you will receive the notifications on sizin NiceNIC Primary Email address, v? the domens will become manageable in sizin Domen List.
Xeyrte: Due to technical reasons, it is only possible to submit the transfer fv? ya up to 10 domen names at once. ?g?r you need to transfer mv? yae than 10 domens, you can either submit several Kütl?vi Transfer v? yaders v? ya contact our Suppv? yat Team fv? ya assistance.
How to Yoxla the Status of Your Domen Transferi
After initiating a domen transfer to Nicenic, you can monitv? ya its progress directly in sizin account. This helps you kindi when the transfer is expected to complete without needing to contact suppv? yat repeatedly.
Steps to View Transfer Status:
1. Daxil ol to sizin NiceNIC account. Ke?id et "My Products > Domen Adlar?".
In the Status column, you will see sizin domen listed as:
- Pending Transfer: the transfer has been submitted v? is in progress.
- Active / Transfer Completed: the transfer is finished.
2. Hover over the infv? yamation icon (i) N?vb?ti to "Pending Transfer" to view details about Expected approval/completion date
1. What is SPF?
Answer: SPF stv?s fv? ya Sender Policy Framewv? yak. SPF is an email authentication stv?ard used to gerient email fraud v? spam. It ensures the authenticity v? reliability of email by verifying that the sender's domen name matches the source IP address of the email. SPF recv? yads are stv? yaed in the DNS recv? yad of the domen name v? contain a list of servers that are allowed to send emails. When the recipient receives an email, it checks whether the sender's domen name has an SPF recv? yad v? verifies whether the IP address of the sending server is in the allowed list. ?g?r the verification fails, the recipient may mark the email as spam v? ya refuse to receive it. Using SPF can help improve the delivery rate v? reliability of emails v? reduce the amount of spam. Kimi the same time, it can also enhance the security of the email system v? gerient hackers v? fraudsters from using fv? yaged domen names to send emails.
2. How to set up SPF fv? ya cv? yapv? yaate mailboxes?
Answer:
1. Determine the outgoing server IP addresses of sizin cv? yapv? yaate mailbox: These addresses will be added to the SPF recv? yad. 2. Daxil ol to the DNS management console of sizin cv? yapv? yaate mailbox: Usually provided by sizin domen name registrar v? ya hosting provider
2. Yarat v? ya edit a TXT recv? yad: In the DNS console, find the TXT recv? yad v? ya similar option
3. Enter the SPF recv? yad: The fv? yamat of the SPF recv? yad is "v=spf1 +a/+mx +ip4 +ip4:mail.example.com -all", wburada:
"v=spf1": specifies the SPF version
"a" v? ya "mx": indicates that the server is allowed to be verified by the A recv? yad v? ya MX recv? yad
"ip4": lists the IP addresses that are allowed to send mail
"mail.cv? yaemail.cn": replaced with the domen name of sizin cv? yapv? yaate mailbox
"-all": indicates that mail from all other sources is rejected
4. Save changes: Make sure the settings in the DNS console are saved cv? yarectly
3. How to set various types of SPF?
1) Make SPF recv? yad with domen name a recv? yad (take cv? yaemail.cn as an example)
v=spf1 a:cv? yaemail.cn2 -all
2) Make SPF recv? yad with domen name mx recv? yad
v=spf1 mx -all
3) Make SPF recv? yad with domen name ptr recv? yad
v=spf1 ptr -all
4) Make SPF recv? yad with expv? yat IP v? IP segment settings
v=spf1 ip4:106.52.172.248 ip4:61.164.47.194/28 -all
5) Introduce SPF recv? yads of other domen names (take spf.icv? yaemail.net as an example)
v=spf1 include:spf.icv? yaemail.net
Xeyrte: The above recv? yads can be used in combination, but only one pair of recv? yads starting with v=spf1 v? ending with -all can appear in the entire txt. Fv? ya example: v=spf1 mx ip4:106.52.172.248 include:spf.icv? yaemail.net -all
]]>
ü?ün be sure that the certificate has been installed cv? yarectly v? wv? yaking properly, as well as that sizin customers are certain a secured connection is enabled v? it covers data transmission through sizin website, you have the following indicatv? yas:
- A padlock/tune icon available in the URL bar.
- Xeyr errv? ya messages/ warnings occurred when connecting through https://sizindomen.tld.
- A Site Seal provided by the Certificate Authv? yaity installed v? visible.
Xeyrte : From September 2023, the padlock icon will be replaced by a tune icon in the new Chrome browser version. Google's reasoning is that secured HTTPS connections have become the online nv? yam, not the exception, v? no longer serve as a trust indicatv? ya. As such, the tune icon itself will not be a trust indicatv? ya but will provide detailed infv? yamation about a website's connection v? settings. So moving fv? yaward, when using a Chrome browser, the primary indication of a successful SSL certificate installation on a site will be the absence of security warnings :
An SSL certificate must be activated after al. Installation instructions will be sent to you after activation. After that, you can use the NiceNIC.NET Account Panel to manage sizin certificate.
Al It
Start by purchasing the appropriate SSL certificate fv? ya sizin requirements. Select one of the categv? yaies mentioned above.
Activate It
You can instantly activate sizin SSL certificate after al through the Account Panel (v? ya later, if you prefer.) During the activation process, the domen name v? CSR code will be assigned.
Install It
You will receive instructions on how to install sizin SSL certificate once it has been validated v? issued. Biziml? ?laq? saxlamaqdan ??kinm?yin “T?klif g?nd?r” SSL sertifikat?n?n qura?d?r?lmas?nda yard?m ü?ün müraci?t edin.
?dar? et It
Through sizin Account Panel, you can manage sizin SSL certificates, including renewal v? reissuance.
]]>
1. Introduction
SSL certificates are used to create an encrypted channel between the client v? the server. Transmission of such data as credit card details, account login infv? yamation, any other sensitive infv? yamation should be encrypted to gerient eavesdropping.
With an SSL certificate, data is encrypted priv? ya to being transmitted via Internet. Encrypted data can be decrypted only by the server to which you actually send it. This ensures that the infv? yamation you submit to websites will not be stolen.
Starting from 06/08/2014, Google announced that having an SSL certificate installed on sizin website would increase sizin ranking position, which is another great reason to use an SSL.
The certificate itself represents base64 encoded data that contains infv? yamation about the entity the certificate was issued fv? ya, public key required fv? ya encryption v? digital signature verification, v? digital signature created with the private key of the certificate issuer.
An SSL certificate should be installed on the server side. When you access a website secured by an SSL certificate issued by a trusted Certification Authv? yaity, you will see https:// at the beginning of its URL. A browser will also show the connection as secure by displaying a “l(fā)ock” icon in the address bar:
2. N?vs of SSL certificates
SSL certificates can be divided into 3 validation groups:
Domen Validation Sertifikatlar
Requires a certificate applicant to prove his/her control over the domen name only. The issued certificate contains a domen name that was supplied to the Certification Authv? yaity within the certificate request.
Organization Validation Sertifikatlar
Requires a certificate applicant to prove that his/her company is a qeydiyyated v? legally accountable business, v? to pass domen validation. The issued certificate contains a domen v? company name of the certificate applicant.
Geni?l?ndirilmi? Validation Sertifikatlar
Includes validation requirements of two validation types mentioned above v? additional requirements. The issued certificate contains a domen v? company name of the certificate applicant.
]]>
SSL certificate installation is typically perfv? yamed by the hosting company that provides Xidm?ts fv? ya the domen. However, you may also choose install an SSL certificate sizinself. Select sizin server type from the list below to find detailed instructions fv? ya installation.
The SSL on sizin domen name was activated, please find v? add the DNS recv? yads to complete the verification befv? yae you can download the SSL files through sizin control panel:
Hesab?m > M?hsullar?m > SSL Sertifikatlar? > ?trafl? > ....
After you complete the DNS recv? yad's verification, you can download the SSL files by the same approach.
Installing SSL Sertifikat? Xeyrtes
?g?r you host sizin domen name with NiceNIC, simply provide us with sizin certificate v? we'll be happy to install it fv? ya you.
Please note that on all NiceNIC, Payla??lan Hosting servers, a special NiceNIC, SSL plugin installs a 1-il free PositiveSSL certificate automatically on the newly added subdomen v? ya add-on. It wv? yaks the same way fv? ya the main domen in the newly ald hosting account. The plugin can also be used fv? ya manual installation (in a few clicks) of PositiveSSL v? EssentialSSL certificates.
A dedicated IP address is required to install an SSL certificate. However, you may install sizin SSL certificate on a shared IP address using the Server Ad? Indication (SNI) protocol extension available in sizin cPanel. You can learn mv? yae about the differences between a dedicated IP v? SNI technology in this article.
]]>