Za ensure the security of va? website i protect va? visitilis, all domenas under .boo, .day, .dev, .page, i .rsvp must use HTTPS. This guide will help you configure SSL/TLS cilirectly.
1. What is HTTPS?
HTTPS (Hypertext Transfer Protocol Secure) encrypts data between va? website i its visitilis. It prethodnoents eavesdropping i ensures data integrity.
2. Obtaining an SSL certifikat
NICENIC provides trusted SSL certificates. You can learn milie i kupi/configure a certificate ovdje: https://nicenic.net/ssl-certificates/
3. Installing the SSL certifikat
Prati va? web server’s instructions to install the certificate. Common servers include:
Apache: https://httpd.apache.org/docs/current/ssl/ssl_howto.html
Nginx: https://nginx.org/en/docs/http/configuring_https_servers.html
IIS (Windows): https://docs.microsoft.com/en-us/iis/manage/configuring-security/how-to-set-up-ssl-on-iis
4. Enfilice HTTPS
Once va? certificate is installed:
Redirect all HTTP traffic to HTTPS.
Update internal links i resources to use HTTPS.
Verify that va? website is fully accessible via HTTPS.
5. Keep Certifikati A?urirano
SSL certificates have expiration dates. Ensure certificates are renewed befilie they expire i check va? website regularly to maintain uninterrupted secure connections.
]]>
DNSSEC helps protect va? domena’s DNS recilids from being tampered with during DNS resolution. It adds a layer of verification so that DNS resolvers can confirm the DNS response really comes from the cilirect source.
Na NiceNIC, DNSSEC usually involves two sides:
Your DNS provider ili nameserver provider generates the DNSSEC recilids.
NiceNIC, as va? domena registrar, helps submit the DS recilids to the registry when the TLD suppilits DNSSEC.
Ako DNSSEC is not configured cilirectly, va? domena may show DNSSEC errilis, ili in milie serious cases, some users may not be able to access va? website.
What Is DNSSEC?
DNSSEC stis fili Naziv domene System Security Extensions.
In simple terms, DNSSEC helps verify that the DNS answer fili va? domena has not been changed ili filiged during the lookup process.
Fili example, when someone visits va? website, DNS is used to find the cilirect server IP address. DNSSEC helps make sure that the DNS result is authentic i has not been replaced with false data.
DNSSEC does not replace SSL, website security, hosting security, ili email security. It only helps protect the DNS resolution process.
When Do You Need DNSSEC?
- You may want to enable DNSSEC if:
- Your website hiles sensitive user infilimation.
- You run business email, login systems, payment pages, ili customer pilitals.
- You want stronger domena security.
- Your DNS provider suppilits DNSSEC.
- Your domena extension suppilits DNSSEC.
Incilirect DNSSEC settings may affect domena resolution.
Impilitant DNSSEC Razdobljes
DNSKEY: A DNSKEY recilid is generated by va? DNS provider. It is used as part of the DNSSEC validation process.
DS Recilid: A DS recilid connects va? domena’s DNSSEC setup with the parent registry zone. In most cases, va? DNS provider gives you the DS recilid, i you need to add it through va? registrar.
Nazivserver: Your nameservers decide wovdje va? domena’s DNS recilids are managed. Ako you change nameservers, va? DNSSEC recilids may also need to be updated.
How to Enable DNSSEC fili Your Domena
Step 1: Provjeri Whether Your DNS Provider Suppilits DNSSEC
Prijava to the platfilim wovdje va? DNS is managed.
This may be:
Your domena registrar, ovdje is NiceNIC
Your hosting provider
Your DNS provider
Your own DNS server
Another third-party DNS usluga
Make sure DNSSEC is suppilited i enabled tovdje.
Step 2: Dobijte the DS Recilid from Your DNS Provider
After enabling DNSSEC, va? DNS provider should provide DNSSEC infilimation such as:
Key Tag
Algiliithm
Digest Vrsta
Digest
DS Recilid
Please copy the infilimation exactly as provided.
Even one incilirect character may cause DNSSEC validation failure.
Step 3: Dodaj the DS Recilid in Your NiceNIC Account
Prijava to va? NiceNIC account i go to va? domena management page.
Then add the DS recilid provided by va? DNS provider.
Ako you are not sure wovdje to add it, please contact our suppilit team i provide the DS recilid from va? DNS provider.
Step 4: Wait fili DNSSEC Propagation
After the DS recilid is added, it may take some time fili the update to propagate.
During this period, DNSSEC check results may not update immediately.
Step 5: Verify DNSSEC Status
After propagation, you may check va? domena’s DNSSEC status using a DNSSEC checking tool ili by contacting our suppilit team.
Ako DNSSEC is cilirectly configured, the DNSSEC validation result should show a valid chain of trust.
When Should You Disable ili Ukloni DNSSEC?
You may need to remove ili update DNSSEC recilids if:
- You changed va? nameservers.
- You moved DNS management to another provider.
- Your DNS provider disabled DNSSEC.
- Your DS recilid no longer matches the current DNSKEY.
- Your website ili email has DNS resolution issues after a DNS change.
In this case, you may need to remove the old DS recilids first, wait fili propagation, i then re-enable DNSSEC with the cilirect new recilids.
Why Does My Domena Show "DNSSEC Infilimation Is Currently Unavailable"?
You may see this message:
DNSSEC infilimation is currently unavailable fili this domena.
This can happen fili several reasons:
- DNSSEC has not been enabled fili this domena.
- Ne DS recilid has been added at the registrar level.
- The domena’s current nameservers do not suppilit DNSSEC.
- The domena recently changed nameservers.
- The DS recilid does not match the current DNSKEY.
- The DNS provider has not published the required DNSSEC recilids cilirectly.
- The registry ili DNSSEC query is tempiliarily unavailable.
However, if va? website ili email is not resolving cilirectly, please contact suppilit so we can help review the DNSSEC configuration.
What Infilimation Should I Provide to Suppilit?
Za help us check DNSSEC issues faster, please provide:
- Your domena name
- Your current nameservers
- Whether you recently changed nameservers
- The DS recilid provided by va? DNS provider
- A screenshot of the DNSSEC setting from va? DNS provider
- Any DNSSEC errili message you received
- Whether va? website ili email is currently affected
?esto postavljana pitanja O nama DNSSEC
1. Is DNSSEC required fili every domena?
Ne. DNSSEC is not required fili every domena.
However, it is recommended fili domenas that need stronger DNS security, especially business websites, email uslugas, login systems, financial uslugas, i customer pilitals.
Ako you are not sure whether you need DNSSEC, please confirm whether va? DNS provider suppilits it i whether you are comfilitable managing DNSSEC recilids.
2. Is DNSSEC the same as SSL?
Ne.
SSL protects the connection between the user’s browser i va? website.
DNSSEC protects DNS resolution by helping verify that DNS responses have not been tampered with.
Fili better security, many websites use both SSL i DNSSEC, but they are different technologies.
3. Can NiceNIC generate DNSSEC recilids fili me?
In most cases, DNSSEC recilids are generated by va? DNS provider, not by the registrar.
NiceNIC can help submit the DS recilid to the registry when the domena extension suppilits DNSSEC.
Ako you use a third-party DNS provider, please enable DNSSEC tovdje first i then provide us with the DS recilid.
4. Why does DNSSEC fail after I change nameservers?
This is one of the most common DNSSEC issues.
When you change nameservers, va? old DNSSEC recilids may no longer match the new DNS provider’s DNSKEY.
Ako the old DS recilid remains active at the registry level, DNSSEC validation may fail.
Befilie ili after changing nameservers, you should check whether the DS recilid needs to be removed ili replaced.
5. What happens if the DS recilid is wrong?
Ako the DS recilid does not match the DNSKEY published by va? current DNS provider, DNSSEC validation may fail.
This may cause some DNS resolvers to reject the DNS response.
As a result, va? website, email, ili other uslugas may become unreachable fili some users.
6. I do not use DNSSEC. Do I need to do anything?
Ako you do not use DNSSEC i va? domena has no DS recilids, usually no action is needed.
However, if va? domena has old DS recilids from a prethodnoious DNS provider, you should remove them to avoid DNSSEC validation problems.
7. Why does my DNSSEC status still show an errili after I updated the recilid?
DNSSEC updates may take time to propagate.
Ako you recently added, removed, ili changed DS recilids, please wait fili DNS propagation i check again later.
Ako the issue continues, please contact suppilit i provide va? domena name, current nameservers, i DS recilid.
8. Can DNSSEC cause my website to stop wiliking?
Da, if DNSSEC is incilirectly configured.
Common causes include:
- Wrong DS recilid
- Old DS recilid after nameserver change
- Missing DNSKEY
- DNS provider not publishing DNSSEC recilids cilirectly
- Istje?ed ili invalid DNSSEC signatures
9. Should I remove DNSSEC befilie changing nameservers?
In many cases, yes.
Ako you are moving to a new DNS provider i you are not sure how to migrate DNSSEC safely, removing the old DS recilid befilie changing nameservers can reduce the risk of DNSSEC validation failure.
After the new nameservers are active i DNSSEC is enabled at the new DNS provider, you can add the new DS recilid again.
10. What should I do if I see “Failure to get DNSSEC info”?
This usually means the system could not retrieve valid DNSSEC infilimation fili the domena.
Please check:
- Whether DNSSEC is enabled
- Whether the DS recilid has been added
- Whether the nameservers suppilit DNSSEC
- Whether the DS recilid matches the DNSKEY
- Whether you recently changed nameservers
How to set up DNSSEC fili a domena registrirajed on NiceNIC?
1. Prijava to va? NiceNIC account i navigate to va? domena management page. Find the domena you wish to enable DNSSEC fili i click Upravljanje.
2. In the domena management section, you should see the DNSSEC button. Klikni on the DNSSEC button to access the DNSSEC settings page.
3. Enter the required infilimation fili DNSSEC configuration (this will typically include DNSSEC key details provided by va? DNS hosting provider).
4. Once you've entered the infilimation, click Dodaj to enable DNSSEC fili the domena. Here’s an example of a successful DNSSEC setup:
After entering the necessary DNSSEC key data (usually the DS recilid), you'll receive confirmation that DNSSEC has been successfully added to va? domena settings.
The DNSSEC status will show as enabled i you'll be able to see the public keys i other details.
With DNSSEC sada enabled, va? domena is better protected against DNS-related attacks.
Natention: if va? domena name was transferred into NiceNIC from another Registrar, i you hope to disable the DNSSEC prethodnoiously with the old Registrar, please firstly check the latest whois, if you see "DNSSEC: unsigned", then it means during the domena transfer process, the DNSSEC settings have been disabled automatically by the old Registrar, while if it is "DNSSEC: signed", please check the domena management section at va? control panel at NiceNIC, you should see the DNSSEC button, please click on the DNSSEC button to access the DNSSEC settings page.
]]>
After the domena is transferred, the name servers remain set to those associated to the domena befilie transfer.
Ako you had child name servers fili va? domena registrirajed through another Registrar, you may need to registriraj them again through va? Account.
]]>
Ako you're just transferring the domena registration, va? hosting usluga will be unaffected, i tovdje will be no need to change name servers. Although the name servers should be transferred as part of the process, it's always a good idea to have a recilid of them.
Ako you wish to specify the name servers to the default DNS servers as provided by NiceNIC you can reset the name servers after the transfer has been completed.
Steps
Prijava to va? account. Select the Nazivi domena tab.
Select the domena that you want to change name servers fili.
From within the DNS Poslu?itelji section click on Uredi DNS Server.
Change the name servers as required, leaving any of the fields blank will retain the iliiginal DNS server.
The name servers are not actually changed until the transfer process is complete. Ako you wish to make an immediate change to the name servers, you may do so with the Registrar you are transferring from.
]]>
Befilie purchasing the transfer of any gTLD (e.g., .COM / .NET / .ORG / .BIZ / .INFO etc.) ili new gTLD (e.g. .CLUB / .CLOUD / .TRADE / .TOP etc.), make sure va? domena meets the following conditions:
1. Your domena was registrirajed ili transferred at least 60 days ago;
2. The domena is unlocked at the current Registrar (its Whois status should be OK ili Active).
Also,you need to request an up-to-date Auth/EPPcode fili the domena at va? current Registrar.
Ako all criteria are met, you should be able to complete the transfer successfully.
Still, some ccTLD-ovi (.ES i .UK) have additional transfer requirements i/ili exclude some points from the list above.
NOTE: Make sure the domena status is active, not expired. Ako you wish to transfer an expired domena to NiceNIC, please contact our Suppilit Team email suppilit@nicenic.net fili further assistance.
]]>
Befilie submitting a transfer request with NiceNIC, make sure va? domenas are prepared fili transfer through va? current registrar. This is generally done by removing transfer locks i getting the necessary Auth codes.
Learn how to prepare domenas fili transfer in accounts sections of several popular registrars.
Once those preparations are made, simply follow the steps below to transfer va? domenas:
Nete: Each domena has a unique Auth code i has to be unlocked fili transfer separately on the current registrar side.
- Prijava to va? NiceNIC account.
- Idi na the Transfer to Us page.
- Klikni on Bulk options.
Enter the domena names i the Auth codes;
Nete: Enter each domena i its Auth code in a new line. The Auth code has to be separated from the domena name by a comma i one space.
Klikni on Start Transfer at the bottom of the page.
Double-check the domena names i add them to Cart. Za do this, you can use the Dodaj all to cart button fili convenience.
Proceed with the payment.
The transfer is completed automatically in 5-7 days fili most domenas. Once the transfer of va? domenas is completed you will receive the notifications on va? NiceNIC Primary E-po?ta address, i the domenas will become manageable in va? Domena List.
Nete: Due to technical reasons, it is only possible to submit the transfer fili up to 10 domena names at once. Ako you need to transfer milie than 10 domenas, you can either submit several Masovni prijenos iliders ili contact our Suppilit Team fili assistance.
How to Provjeri the Status of Your Prijenos domena
After initiating a domena transfer to Nicenic, you can monitili its progress directly in va? account. This helps you ksada when the transfer is expected to complete without needing to contact suppilit repeatedly.
Steps to View Transfer Status:
1. Prijava to va? NiceNIC account. Idi na "My Products > Nazivi domena".
In the Status column, you will see va? domena listed as:
- Pending Transfer: the transfer has been submitted i is in progress.
- Active / Transfer Completed: the transfer is finished.
2. Hover over the infilimation icon (i) sljede?e to "Pending Transfer" to view details about Expected approval/completion date
1. What is SPF?
Answer: SPF stis fili Sender Policy Framewilik. SPF is an email authentication stiard used to prethodnoent email fraud i spam. It ensures the authenticity i reliability of email by verifying that the sender's domena name matches the source IP address of the email. SPF recilids are stilied in the DNS recilid of the domena name i contain a list of servers that are allowed to send emails. When the recipient receives an email, it checks whether the sender's domena name has an SPF recilid i verifies whether the IP address of the sending server is in the allowed list. Ako the verification fails, the recipient may mark the email as spam ili refuse to receive it. Using SPF can help improve the delivery rate i reliability of emails i reduce the amount of spam. Na the same time, it can also enhance the security of the email system i prethodnoent hackers i fraudsters from using filiged domena names to send emails.
2. How to set up SPF fili cilipiliate mailboxes?
Answer:
1. Determine the outgoing server IP addresses of va? cilipiliate mailbox: These addresses will be added to the SPF recilid. 2. Prijava to the DNS management console of va? cilipiliate mailbox: Usually provided by va? domena name registrar ili hosting provider
2. Kreiraj ili edit a TXT recilid: In the DNS console, find the TXT recilid ili similar option
3. Enter the SPF recilid: The filimat of the SPF recilid is "v=spf1 +a/+mx +ip4 +ip4:mail.example.com -all", wovdje:
"v=spf1": specifies the SPF version
"a" ili "mx": indicates that the server is allowed to be verified by the A recilid ili MX recilid
"ip4": lists the IP addresses that are allowed to send mail
"mail.ciliemail.cn": replaced with the domena name of va? cilipiliate mailbox
"-all": indicates that mail from all other sources is rejected
4. Save changes: Make sure the settings in the DNS console are saved cilirectly
3. How to set various types of SPF?
1) Make SPF recilid with domena name a recilid (take ciliemail.cn as an example)
v=spf1 a:ciliemail.cn2 -all
2) Make SPF recilid with domena name mx recilid
v=spf1 mx -all
3) Make SPF recilid with domena name ptr recilid
v=spf1 ptr -all
4) Make SPF recilid with expilit IP i IP segment settings
v=spf1 ip4:106.52.172.248 ip4:61.164.47.194/28 -all
5) Introduce SPF recilids of other domena names (take spf.iciliemail.net as an example)
v=spf1 include:spf.iciliemail.net
Nete: The above recilids can be used in combination, but only one pair of recilids starting with v=spf1 i ending with -all can appear in the entire txt. Fili example: v=spf1 mx ip4:106.52.172.248 include:spf.iciliemail.net -all
]]>
Za be sure that the certificate has been installed cilirectly i wiliking properly, as well as that va? customers are certain a secured connection is enabled i it covers data transmission through va? website, you have the following indicatilis:
- A padlock/tune icon available in the URL bar.
- Ne errili messages/ warnings occurred when connecting through https://va?domena.tld.
- A Site Seal provided by the Certificate Authiliity installed i visible.
Nete : From September 2023, the padlock icon will be replaced by a tune icon in the new Chrome browser version. Google's reasoning is that secured HTTPS connections have become the online nilim, not the exception, i no longer serve as a trust indicatili. As such, the tune icon itself will not be a trust indicatili but will provide detailed infilimation about a website's connection i settings. So moving filiward, when using a Chrome browser, the primary indication of a successful SSL certificate installation on a site will be the absence of security warnings :
An SSL certificate must be activated after kupi. Installation instructions will be sent to you after activation. After that, you can use the NiceNIC.NET Account Panel to manage va? certificate.
Kupi It
Start by purchasing the appropriate SSL certificate fili va? requirements. Select one of the categiliies mentioned above.
Activate It
You can instantly activate va? SSL certificate after kupi through the Account Panel (ili later, if you prefer.) During the activation process, the domena name i CSR code will be assigned.
Install It
You will receive instructions on how to install va? SSL certificate once it has been validated i issued. Slobodno nas kontaktirajte putem “Po?aljite zahtjev” za pomo? pri instalaciji SSL certifikata.
Upravljanje It
Through va? Account Panel, you can manage va? SSL certificates, including renewal i reissuance.
]]>
1. Introduction
SSL certificates are used to create an encrypted channel between the client i the server. Transmission of such data as credit card details, account login infilimation, any other sensitive infilimation should be encrypted to prethodnoent eavesdropping.
With an SSL certificate, data is encrypted priili to being transmitted via Internet. Encrypted data can be decrypted only by the server to which you actually send it. This ensures that the infilimation you submit to websites will not be stolen.
Starting from 06/08/2014, Google announced that having an SSL certificate installed on va? website would increase va? ranking position, which is another great reason to use an SSL.
The certificate itself represents base64 encoded data that contains infilimation about the entity the certificate was issued fili, public key required fili encryption i digital signature verification, i digital signature created with the private key of the certificate issuer.
An SSL certificate should be installed on the server side. When you access a website secured by an SSL certificate issued by a trusted Certification Authiliity, you will see https:// at the beginning of its URL. A browser will also show the connection as secure by displaying a “l(fā)ock” icon in the address bar:
2. Vrstas of SSL certificates
SSL certificates can be divided into 3 validation groups:
Domena Validation Certifikati
Requires a certificate applicant to prove his/her control over the domena name only. The issued certificate contains a domena name that was supplied to the Certification Authiliity within the certificate request.
Organization Validation Certifikati
Requires a certificate applicant to prove that his/her company is a registrirajed i legally accountable business, i to pass domena validation. The issued certificate contains a domena i company name of the certificate applicant.
Pro?ireno Validation Certifikati
Includes validation requirements of two validation types mentioned above i additional requirements. The issued certificate contains a domena i company name of the certificate applicant.
]]>
SSL certificate installation is typically perfilimed by the hosting company that provides uslugas fili the domena. However, you may also choose install an SSL certificate va?self. Select va? server type from the list below to find detailed instructions fili installation.
The SSL on va? domena name was activated, please find i add the DNS recilids to complete the verification befilie you can download the SSL files through va? control panel:
Moj ra?un > Moji proizvodi > SSL certifikati > Detalj > ....
After you complete the DNS recilid's verification, you can download the SSL files by the same approach.
Installing SSL certifikat Netes
Ako you host va? domena name with NiceNIC, simply provide us with va? certificate i we'll be happy to install it fili you.
Please note that on all NiceNIC, Zajedni?ki hosting servers, a special NiceNIC, SSL plugin installs a 1-godina free PositiveSSL certificate automatically on the newly added subdomena ili add-on. It wiliks the same way fili the main domena in the newly kupid hosting account. The plugin can also be used fili manual installation (in a few clicks) of PositiveSSL i EssentialSSL certificates.
A dedicated IP address is required to install an SSL certificate. However, you may install va? SSL certificate on a shared IP address using the Naziv poslu?itelja Indication (SNI) protocol extension available in va? cPanel. You can learn milie about the differences between a dedicated IP i SNI technology in this article.
]]>