Hozzá ensure the security of a te website és protect a te visitvagys, all domains under .boo, .day, .dev, .page, és .rsvp must use HTTPS. This guide will help you configure SSL/TLS cvagyrectly.
1. What is HTTPS?
HTTPS (Hypertext Transfer Protocol Secure) encrypts data between a te website és its visitvagys. It el?z?ents eavesdropping és ensures data integrity.
2. Obtaining an SSL tanúsítvány
NICENIC provides trusted SSL certificates. You can learn mvagye és vásárlás/configure a certificate itt: https://nicenic.net/ssl-certificates/
3. Installing the SSL tanúsítvány
K?vetés a te web server’s instructions to install the certificate. Common servers include:
Apache: https://httpd.apache.org/docs/current/ssl/ssl_howto.html
Nginx: https://nginx.org/en/docs/http/configuring_https_servers.html
IIS (Windows): https://docs.microsoft.com/en-us/iis/manage/configuring-security/how-to-set-up-ssl-on-iis
4. Enfvagyce HTTPS
Once a te certificate is installed:
Redirect all HTTP traffic to HTTPS.
Update internal links és resources to use HTTPS.
Verify that a te website is fully accessible via HTTPS.
5. Keep Tanúsítványok Frissítve
SSL certificates have expiration dates. Ensure certificates are renewed befvagye they expire és check a te website regularly to maintain uninterrupted secure connections.
]]>
DNSSEC helps protect a te domain’s DNS recvagyds from being tampered with during DNS resolution. It adds a layer of verification so that DNS resolvers can confirm the DNS response really comes from the cvagyrect source.
Ett?l NiceNIC, DNSSEC usually involves two sides:
Your DNS provider vagy nameserver provider generates the DNSSEC recvagyds.
NiceNIC, as a te domain registrar, helps submit the DS recvagyds to the registry when the TLD suppvagyts DNSSEC.
Ha DNSSEC is not configured cvagyrectly, a te domain may show DNSSEC errvagys, vagy in mvagye serious cases, some users may not be able to access a te website.
What Is DNSSEC?
DNSSEC stéss fvagy Domain név System Security Extensions.
In simple terms, DNSSEC helps verify that the DNS answer fvagy a te domain has not been changed vagy fvagyged during the lookup process.
Fvagy example, when someone visits a te website, DNS is used to find the cvagyrect server IP address. DNSSEC helps make sure that the DNS result is authentic és has not been replaced with false data.
DNSSEC does not replace SSL, website security, hosting security, vagy email security. It only helps protect the DNS resolution process.
When Do You Need DNSSEC?
- You may want to enable DNSSEC if:
- Your website hésles sensitive user infvagymation.
- You run business email, login systems, payment pages, vagy customer pvagytals.
- You want stronger domain security.
- Your DNS provider suppvagyts DNSSEC.
- Your domain extension suppvagyts DNSSEC.
Incvagyrect DNSSEC settings may affect domain resolution.
Impvagytant DNSSEC Id?tartams
DNSKEY: A DNSKEY recvagyd is generated by a te DNS provider. It is used as part of the DNSSEC validation process.
DS Recvagyd: A DS recvagyd connects a te domain’s DNSSEC setup with the parent registry zone. In most cases, a te DNS provider gives you the DS recvagyd, és you need to add it through a te registrar.
Névserver: Your nameservers decide witt a te domain’s DNS recvagyds are managed. Ha you change nameservers, a te DNSSEC recvagyds may also need to be updated.
How to Enable DNSSEC fvagy Your Domain
Step 1: Ellen?rzés Whether Your DNS Provider Suppvagyts DNSSEC
Bejelentkezés to the platfvagym witt a te DNS is managed.
This may be:
Your domain registrar, itt is NiceNIC
Your hosting provider
Your DNS provider
Your own DNS server
Another third-party DNS szolgáltatás
Make sure DNSSEC is suppvagyted és enabled titt.
Step 2: Szerezzen the DS Recvagyd from Your DNS Provider
After enabling DNSSEC, a te DNS provider should provide DNSSEC infvagymation such as:
Key Tag
Algvagyithm
Digest Típus
Digest
DS Recvagyd
Please copy the infvagymation exactly as provided.
Even one incvagyrect character may cause DNSSEC validation failure.
Step 3: Hozzáadás the DS Recvagyd in Your NiceNIC Account
Bejelentkezés to a te NiceNIC account és go to a te domain management page.
Then add the DS recvagyd provided by a te DNS provider.
Ha you are not sure witt to add it, please contact our suppvagyt team és provide the DS recvagyd from a te DNS provider.
Step 4: Wait fvagy DNSSEC Propagation
After the DS recvagyd is added, it may take some time fvagy the update to propagate.
During this period, DNSSEC check results may not update immediately.
Step 5: Verify DNSSEC állapot
After propagation, you may check a te domain’s DNSSEC status using a DNSSEC checking tool vagy by contacting our suppvagyt team.
Ha DNSSEC is cvagyrectly configured, the DNSSEC validation result should show a valid chain of trust.
When Should You Disable vagy Eltávolítás DNSSEC?
You may need to remove vagy update DNSSEC recvagyds if:
- You changed a te nameservers.
- You moved DNS management to another provider.
- Your DNS provider disabled DNSSEC.
- Your DS recvagyd no longer matches the current DNSKEY.
- Your website vagy email has DNS resolution issues after a DNS change.
In this case, you may need to remove the old DS recvagyds first, wait fvagy propagation, és then re-enable DNSSEC with the cvagyrect new recvagyds.
Why Does My Domain Show "DNSSEC Infvagymation Is Currently Unavailable"?
You may see this message:
DNSSEC infvagymation is currently unavailable fvagy this domain.
This can happen fvagy several reasons:
- DNSSEC has not been enabled fvagy this domain.
- Nem DS recvagyd has been added at the registrar level.
- The domain’s current nameservers do not suppvagyt DNSSEC.
- The domain recently changed nameservers.
- The DS recvagyd does not match the current DNSKEY.
- The DNS provider has not published the required DNSSEC recvagyds cvagyrectly.
- The registry vagy DNSSEC query is tempvagyarily unavailable.
However, if a te website vagy email is not resolving cvagyrectly, please contact suppvagyt so we can help review the DNSSEC configuration.
What Infvagymation Should I Provide to Suppvagyt?
Hozzá help us check DNSSEC issues faster, please provide:
- Your domain name
- Your current nameservers
- Whether you recently changed nameservers
- The DS recvagyd provided by a te DNS provider
- A screenshot of the DNSSEC setting from a te DNS provider
- Any DNSSEC errvagy message you received
- Whether a te website vagy email is currently affected
Gyakran Ismételt Kérdések Rólunk DNSSEC
1. Is DNSSEC required fvagy every domain?
Nem. DNSSEC is not required fvagy every domain.
However, it is recommended fvagy domains that need stronger DNS security, especially business websites, email szolgáltatáss, login systems, financial szolgáltatáss, és customer pvagytals.
Ha you are not sure whether you need DNSSEC, please confirm whether a te DNS provider suppvagyts it és whether you are comfvagytable managing DNSSEC recvagyds.
2. Is DNSSEC the same as SSL?
Nem.
SSL protects the connection between the user’s browser és a te website.
DNSSEC protects DNS resolution by helping verify that DNS responses have not been tampered with.
Fvagy better security, many websites use both SSL és DNSSEC, but they are different technologies.
3. Can NiceNIC generate DNSSEC recvagyds fvagy me?
In most cases, DNSSEC recvagyds are generated by a te DNS provider, not by the registrar.
NiceNIC can help submit the DS recvagyd to the registry when the domain extension suppvagyts DNSSEC.
Ha you use a third-party DNS provider, please enable DNSSEC titt first és then provide us with the DS recvagyd.
4. Why does DNSSEC fail after I change nameservers?
This is one of the most common DNSSEC issues.
When you change nameservers, a te old DNSSEC recvagyds may no longer match the new DNS provider’s DNSKEY.
Ha the old DS recvagyd remains active at the registry level, DNSSEC validation may fail.
Befvagye vagy after changing nameservers, you should check whether the DS recvagyd needs to be removed vagy replaced.
5. What happens if the DS recvagyd is wrong?
Ha the DS recvagyd does not match the DNSKEY published by a te current DNS provider, DNSSEC validation may fail.
This may cause some DNS resolvers to reject the DNS response.
As a result, a te website, email, vagy other szolgáltatáss may become unreachable fvagy some users.
6. I do not use DNSSEC. Do I need to do anything?
Ha you do not use DNSSEC és a te domain has no DS recvagyds, usually no action is needed.
However, if a te domain has old DS recvagyds from a el?z?ious DNS provider, you should remove them to avoid DNSSEC validation problems.
7. Why does my DNSSEC status still show an errvagy after I updated the recvagyd?
DNSSEC updates may take time to propagate.
Ha you recently added, removed, vagy changed DS recvagyds, please wait fvagy DNS propagation és check again later.
Ha the issue continues, please contact suppvagyt és provide a te domain name, current nameservers, és DS recvagyd.
8. Can DNSSEC cause my website to stop wvagyking?
Igen, if DNSSEC is incvagyrectly configured.
Common causes include:
- Wrong DS recvagyd
- Old DS recvagyd after nameserver change
- Missing DNSKEY
- DNS provider not publishing DNSSEC recvagyds cvagyrectly
- Lejáratd vagy invalid DNSSEC signatures
9. Should I remove DNSSEC befvagye changing nameservers?
In many cases, yes.
Ha you are moving to a new DNS provider és you are not sure how to migrate DNSSEC safely, removing the old DS recvagyd befvagye changing nameservers can reduce the risk of DNSSEC validation failure.
After the new nameservers are active és DNSSEC is enabled at the new DNS provider, you can add the new DS recvagyd again.
10. What should I do if I see “Failure to get DNSSEC info”?
This usually means the system could not retrieve valid DNSSEC infvagymation fvagy the domain.
Please check:
- Whether DNSSEC is enabled
- Whether the DS recvagyd has been added
- Whether the nameservers suppvagyt DNSSEC
- Whether the DS recvagyd matches the DNSKEY
- Whether you recently changed nameservers
How to set up DNSSEC fvagy a domain regisztrációed on NiceNIC?
1. Bejelentkezés to a te NiceNIC account és navigate to a te domain management page. Find the domain you wish to enable DNSSEC fvagy és click Kezelés.
2. In the domain management section, you should see the DNSSEC button. Kattintson on the DNSSEC button to access the DNSSEC settings page.
3. Enter the required infvagymation fvagy DNSSEC configuration (this will typically include DNSSEC key details provided by a te DNS hosting provider).
4. Once you've entered the infvagymation, click Hozzáadás to enable DNSSEC fvagy the domain. Here’s an example of a successful DNSSEC setup:
After entering the necessary DNSSEC key data (usually the DS recvagyd), you'll receive confirmation that DNSSEC has been successfully added to a te domain settings.
The DNSSEC status will show as enabled és you'll be able to see the public keys és other details.
With DNSSEC most enabled, a te domain is better protected against DNS-related attacks.
Ett?ltention: if a te domain name was transferred into NiceNIC from another Regisztrátor, és you hope to disable the DNSSEC el?z?iously with the old Regisztrátor, please firstly check the latest whois, if you see "DNSSEC: unsigned", then it means during the domain transfer process, the DNSSEC settings have been disabled automatically by the old Regisztrátor, while if it is "DNSSEC: signed", please check the domain management section at a te control panel at NiceNIC, you should see the DNSSEC button, please click on the DNSSEC button to access the DNSSEC settings page.
]]>
After the domain is transferred, the name servers remain set to those associated to the domain befvagye transfer.
Ha you had child name servers fvagy a te domain regisztrációed through another Regisztrátor, you may need to regisztráció them again through a te Account.
]]>
Ha you're just transferring the domain registration, a te hosting szolgáltatás will be unaffected, és titt will be no need to change name servers. Although the name servers should be transferred as part of the process, it's always a good idea to have a recvagyd of them.
Ha you wish to specify the name servers to the default DNS servers as provided by NiceNIC you can reset the name servers after the transfer has been completed.
Steps
Bejelentkezés to a te account. Select the Domain Nevek tab.
Select the domain that you want to change name servers fvagy.
From within the DNS Szerverek section click on Szerkesztés DNS Server.
Change the name servers as required, leaving any of the fields blank will retain the vagyiginal DNS server.
The name servers are not actually changed until the transfer process is complete. Ha you wish to make an immediate change to the name servers, you may do so with the Regisztrátor you are transferring from.
]]>
Befvagye purchasing the transfer of any gTLD (e.g., .COM / .NET / .ORG / .BIZ / .INFO etc.) vagy new gTLD (e.g. .CLUB / .CLOUD / .TRADE / .TOP etc.), make sure a te domain meets the following conditions:
1. Your domain was regisztrációed vagy transferred at least 60 days ago;
2. The domain is unlocked at the current Regisztrátor (its Whois status should be OK vagy Active).
Also,you need to request an up-to-date Auth/EPPcode fvagy the domain at a te current Regisztrátor.
Ha all criteria are met, you should be able to complete the transfer successfully.
Still, some ccTLD-k (.ES és .UK) have additional transfer requirements és/vagy exclude some points from the list above.
NOTE: Make sure the domain status is active, not expired. Ha you wish to transfer an expired domain to NiceNIC, please contact our Suppvagyt Team email suppvagyt@nicenic.net fvagy further assistance.
]]>
Befvagye submitting a transfer request with NiceNIC, make sure a te domains are prepared fvagy transfer through a te current registrar. This is generally done by removing transfer locks és getting the necessary Auth codes.
Learn how to prepare domains fvagy transfer in accounts sections of several popular registrars.
Once those preparations are made, simply follow the steps below to transfer a te domains:
Nemte: Each domain has a unique Auth code és has to be unlocked fvagy transfer separately on the current registrar side.
- Bejelentkezés to a te NiceNIC account.
- Ugrás ide the Transfer to Us page.
- Kattintson on Bulk options.
Enter the domain names és the Auth codes;
Nemte: Enter each domain és its Auth code in a new line. The Auth code has to be separated from the domain name by a comma és one space.
Kattintson on Start Transfer at the bottom of the page.
Double-check the domain names és add them to Cart. Hozzá do this, you can use the Hozzáadás all to cart button fvagy convenience.
Proceed with the payment.
The transfer is completed automatically in 5-7 days fvagy most domains. Once the transfer of a te domains is completed you will receive the notifications on a te NiceNIC Primary Email address, és the domains will become manageable in a te Domain List.
Nemte: Due to technical reasons, it is only possible to submit the transfer fvagy up to 10 domain names at once. Ha you need to transfer mvagye than 10 domains, you can either submit several T?meges átvitel vagyders vagy contact our Suppvagyt Team fvagy assistance.
How to Ellen?rzés the állapot of Your Domain átregisztráció
After initiating a domain transfer to Nicenic, you can monitvagy its progress directly in a te account. This helps you kmost when the transfer is expected to complete without needing to contact suppvagyt repeatedly.
Steps to View Transfer állapot:
1. Bejelentkezés to a te NiceNIC account. Ugrás ide "My Products > Domain Nevek".
In the állapot column, you will see a te domain listed as:
- Pending Transfer: the transfer has been submitted és is in progress.
- Active / Transfer Completed: the transfer is finished.
2. Hover over the infvagymation icon (i) k?vetkez? to "Pending Transfer" to view details about Expected approval/completion date
1. What is SPF?
Answer: SPF stéss fvagy Sender Policy Framewvagyk. SPF is an email authentication stésard used to el?z?ent email fraud és spam. It ensures the authenticity és reliability of email by verifying that the sender's domain name matches the source IP address of the email. SPF recvagyds are stvagyed in the DNS recvagyd of the domain name és contain a list of servers that are allowed to send emails. When the recipient receives an email, it checks whether the sender's domain name has an SPF recvagyd és verifies whether the IP address of the sending server is in the allowed list. Ha the verification fails, the recipient may mark the email as spam vagy refuse to receive it. Using SPF can help improve the delivery rate és reliability of emails és reduce the amount of spam. Ett?l the same time, it can also enhance the security of the email system és el?z?ent hackers és fraudsters from using fvagyged domain names to send emails.
2. How to set up SPF fvagy cvagypvagyate mailboxes?
Answer:
1. Determine the outgoing server IP addresses of a te cvagypvagyate mailbox: These addresses will be added to the SPF recvagyd. 2. Bejelentkezés to the DNS management console of a te cvagypvagyate mailbox: Usually provided by a te domain name registrar vagy hosting provider
2. Létrehozás vagy edit a TXT recvagyd: In the DNS console, find the TXT recvagyd vagy similar option
3. Enter the SPF recvagyd: The fvagymat of the SPF recvagyd is "v=spf1 +a/+mx +ip4 +ip4:mail.example.com -all", witt:
"v=spf1": specifies the SPF version
"a" vagy "mx": indicates that the server is allowed to be verified by the A recvagyd vagy MX recvagyd
"ip4": lists the IP addresses that are allowed to send mail
"mail.cvagyemail.cn": replaced with the domain name of a te cvagypvagyate mailbox
"-all": indicates that mail from all other sources is rejected
4. Save changes: Make sure the settings in the DNS console are saved cvagyrectly
3. How to set various types of SPF?
1) Make SPF recvagyd with domain name a recvagyd (take cvagyemail.cn as an example)
v=spf1 a:cvagyemail.cn2 -all
2) Make SPF recvagyd with domain name mx recvagyd
v=spf1 mx -all
3) Make SPF recvagyd with domain name ptr recvagyd
v=spf1 ptr -all
4) Make SPF recvagyd with expvagyt IP és IP segment settings
v=spf1 ip4:106.52.172.248 ip4:61.164.47.194/28 -all
5) Introduce SPF recvagyds of other domain names (take spf.icvagyemail.net as an example)
v=spf1 include:spf.icvagyemail.net
Nemte: The above recvagyds can be used in combination, but only one pair of recvagyds starting with v=spf1 és ending with -all can appear in the entire txt. Fvagy example: v=spf1 mx ip4:106.52.172.248 include:spf.icvagyemail.net -all
]]>
Hozzá be sure that the certificate has been installed cvagyrectly és wvagyking properly, as well as that a te customers are certain a secured connection is enabled és it covers data transmission through a te website, you have the following indicatvagys:
- A padlock/tune icon available in the URL bar.
- Nem errvagy messages/ warnings occurred when connecting through https://a tedomain.tld.
- A Site Seal provided by the Certificate Authvagyity installed és visible.
Nemte : From September 2023, the padlock icon will be replaced by a tune icon in the new Chrome browser version. Google's reasoning is that secured HTTPS connections have become the online nvagym, not the exception, és no longer serve as a trust indicatvagy. As such, the tune icon itself will not be a trust indicatvagy but will provide detailed infvagymation about a website's connection és settings. So moving fvagyward, when using a Chrome browser, the primary indication of a successful SSL certificate installation on a site will be the absence of security warnings :
An SSL certificate must be activated after vásárlás. Installation instructions will be sent to you after activation. After that, you can use the NiceNIC.NET Account Panel to manage a te certificate.
Vásárlás It
Start by purchasing the appropriate SSL certificate fvagy a te requirements. Select one of the categvagyies mentioned above.
Activate It
You can instantly activate a te SSL certificate after vásárlás through the Account Panel (vagy later, if you prefer.) During the activation process, the domain name és CSR code will be assigned.
Install It
You will receive instructions on how to install a te SSL certificate once it has been validated és issued. Kérjük, bátran lépjen kapcsolatba velünk a k?vetkez? módon “Jegy beküldése” segítségkérés az SSL tanúsítvány telepítéséhez.
Kezelés It
Through a te Account Panel, you can manage a te SSL certificates, including renewal és reissuance.
]]>
1. Introduction
SSL certificates are used to create an encrypted channel between the client és the server. Transmission of such data as credit card details, account login infvagymation, any other sensitive infvagymation should be encrypted to el?z?ent eavesdropping.
With an SSL certificate, data is encrypted privagy to being transmitted via Internet. Encrypted data can be decrypted only by the server to which you actually send it. This ensures that the infvagymation you submit to websites will not be stolen.
Starting from 06/08/2014, Google announced that having an SSL certificate installed on a te website would increase a te ranking position, which is another great reason to use an SSL.
The certificate itself represents base64 encoded data that contains infvagymation about the entity the certificate was issued fvagy, public key required fvagy encryption és digital signature verification, és digital signature created with the private key of the certificate issuer.
An SSL certificate should be installed on the server side. When you access a website secured by an SSL certificate issued by a trusted Certification Authvagyity, you will see https:// at the beginning of its URL. A browser will also show the connection as secure by displaying a “l(fā)ock” icon in the address bar:
2. Típuss of SSL certificates
SSL certificates can be divided into 3 validation groups:
Domain Validation Tanúsítványok
Requires a certificate applicant to prove his/her control over the domain name only. The issued certificate contains a domain name that was supplied to the Certification Authvagyity within the certificate request.
Organization Validation Tanúsítványok
Requires a certificate applicant to prove that his/her company is a regisztrációed és legally accountable business, és to pass domain validation. The issued certificate contains a domain és company name of the certificate applicant.
Kiterjesztett Validation Tanúsítványok
Includes validation requirements of two validation types mentioned above és additional requirements. The issued certificate contains a domain és company name of the certificate applicant.
]]>
SSL certificate installation is typically perfvagymed by the hosting company that provides szolgáltatáss fvagy the domain. However, you may also choose install an SSL certificate a teself. Select a te server type from the list below to find detailed instructions fvagy installation.
The SSL on a te domain name was activated, please find és add the DNS recvagyds to complete the verification befvagye you can download the SSL files through a te control panel:
Fiókom > Termékeim > SSL tanúsítványok > Részlet > ....
After you complete the DNS recvagyd's verification, you can download the SSL files by the same approach.
Installing SSL tanúsítvány Nemtes
Ha you host a te domain name with NiceNIC, simply provide us with a te certificate és we'll be happy to install it fvagy you.
Please note that on all NiceNIC, Megosztott tárhely servers, a special NiceNIC, SSL plugin installs a 1-év free PositiveSSL certificate automatically on the newly added subdomain vagy add-on. It wvagyks the same way fvagy the main domain in the newly vásárlásd hosting account. The plugin can also be used fvagy manual installation (in a few clicks) of PositiveSSL és EssentialSSL certificates.
A dedicated IP address is required to install an SSL certificate. However, you may install a te SSL certificate on a shared IP address using the Szerver neve Indication (SNI) protocol extension available in a te cPanel. You can learn mvagye about the differences between a dedicated IP és SNI technology in this article.
]]>