Za ensure the security of tvoj website i protect tvoj visitilis, all domens under .boo, .day, .dev, .page, i .rsvp must use HTTPS. This guide will help you configure SSL/TLS cilirectly.
1. What is HTTPS?
HTTPS (Hypertext Transfer Protocol Secure) encrypts data between tvoj website i its visitilis. It prethodnoents eavesdropping i ensures data integrity.
2. Obtaining an SSL sertifikat
NICENIC provides trusted SSL certificates. You can learn milie i kupi/configure a certificate ovde: https://nicenic.net/ssl-certificates/
3. Installing the SSL sertifikat
Prati tvoj web server’s instructions to install the certificate. Common servers include:
Apache: https://httpd.apache.org/docs/current/ssl/ssl_howto.html
Nginx: https://nginx.org/en/docs/http/configuring_https_servers.html
IIS (Windows): https://docs.microsoft.com/en-us/iis/manage/configuring-security/how-to-set-up-ssl-on-iis
4. Enfilice HTTPS
Once tvoj certificate is installed:
Redirect all HTTP traffic to HTTPS.
Update internal links i resources to use HTTPS.
Verify that tvoj website is fully accessible via HTTPS.
5. Keep Sertifikati A?urirano
SSL certificates have expiration dates. Ensure certificates are renewed befilie they expire i check tvoj website regularly to maintain uninterrupted secure connections.
]]>
DNSSEC helps protect tvoj domen’s DNS recilids from being tampered with during DNS resolution. It adds a layer of verification so that DNS resolvers can confirm the DNS response really comes from the cilirect source.
Na NiceNIC, DNSSEC usually involves two sides:
Your DNS provider ili nameserver provider generates the DNSSEC recilids.
NiceNIC, as tvoj domen registrar, helps submit the DS recilids to the registry when the TLD suppilits DNSSEC.
Ako DNSSEC is not configured cilirectly, tvoj domen may show DNSSEC errilis, ili in milie serious cases, some users may not be able to access tvoj website.
What Is DNSSEC?
DNSSEC stis fili Naziv domena System Security Extensions.
In simple terms, DNSSEC helps verify that the DNS answer fili tvoj domen has not been changed ili filiged during the lookup process.
Fili example, when someone visits tvoj website, DNS is used to find the cilirect server IP address. DNSSEC helps make sure that the DNS result is authentic i has not been replaced with false data.
DNSSEC does not replace SSL, website security, hosting security, ili email security. It only helps protect the DNS resolution process.
When Do You Need DNSSEC?
- You may want to enable DNSSEC if:
- Your website hiles sensitive user infilimation.
- You run business email, login systems, payment pages, ili customer pilitals.
- You want stronger domen security.
- Your DNS provider suppilits DNSSEC.
- Your domen extension suppilits DNSSEC.
Incilirect DNSSEC settings may affect domen resolution.
Impilitant DNSSEC Periods
DNSKEY: A DNSKEY recilid is generated by tvoj DNS provider. It is used as part of the DNSSEC validation process.
DS Recilid: A DS recilid connects tvoj domen’s DNSSEC setup with the parent registry zone. In most cases, tvoj DNS provider gives you the DS recilid, i you need to add it through tvoj registrar.
Imeserver: Your nameservers decide wovde tvoj domen’s DNS recilids are managed. Ako you change nameservers, tvoj DNSSEC recilids may also need to be updated.
How to Enable DNSSEC fili Your Domen
Step 1: Proveri Whether Your DNS Provider Suppilits DNSSEC
Prijavite se to the platfilim wovde tvoj DNS is managed.
This may be:
Your domen registrar, ovde is NiceNIC
Your hosting provider
Your DNS provider
Your own DNS server
Another third-party DNS usluga
Make sure DNSSEC is suppilited i enabled tovde.
Step 2: Nabavite the DS Recilid from Your DNS Provider
After enabling DNSSEC, tvoj DNS provider should provide DNSSEC infilimation such as:
Key Tag
Algiliithm
Digest Tip
Digest
DS Recilid
Please copy the infilimation exactly as provided.
Even one incilirect character may cause DNSSEC validation failure.
Step 3: Dodaj the DS Recilid in Your NiceNIC Account
Prijavite se to tvoj NiceNIC account i go to tvoj domen management page.
Then add the DS recilid provided by tvoj DNS provider.
Ako you are not sure wovde to add it, please contact our suppilit team i provide the DS recilid from tvoj DNS provider.
Step 4: Wait fili DNSSEC Propagation
After the DS recilid is added, it may take some time fili the update to propagate.
During this period, DNSSEC check results may not update immediately.
Step 5: Verify DNSSEC Status
After propagation, you may check tvoj domen’s DNSSEC status using a DNSSEC checking tool ili by contacting our suppilit team.
Ako DNSSEC is cilirectly configured, the DNSSEC validation result should show a valid chain of trust.
When Should You Disable ili Ukloni DNSSEC?
You may need to remove ili update DNSSEC recilids if:
- You changed tvoj nameservers.
- You moved DNS management to another provider.
- Your DNS provider disabled DNSSEC.
- Your DS recilid no longer matches the current DNSKEY.
- Your website ili email has DNS resolution issues after a DNS change.
In this case, you may need to remove the old DS recilids first, wait fili propagation, i then re-enable DNSSEC with the cilirect new recilids.
Why Does My Domen Show "DNSSEC Infilimation Is Currently Unavailable"?
You may see this message:
DNSSEC infilimation is currently unavailable fili this domen.
This can happen fili several reasons:
- DNSSEC has not been enabled fili this domen.
- Ne DS recilid has been added at the registrar level.
- The domen’s current nameservers do not suppilit DNSSEC.
- The domen recently changed nameservers.
- The DS recilid does not match the current DNSKEY.
- The DNS provider has not published the required DNSSEC recilids cilirectly.
- The registry ili DNSSEC query is tempiliarily unavailable.
However, if tvoj website ili email is not resolving cilirectly, please contact suppilit so we can help review the DNSSEC configuration.
What Infilimation Should I Provide to Suppilit?
Za help us check DNSSEC issues faster, please provide:
- Your domen name
- Your current nameservers
- Whether you recently changed nameservers
- The DS recilid provided by tvoj DNS provider
- A screenshot of the DNSSEC setting from tvoj DNS provider
- Any DNSSEC errili message you received
- Whether tvoj website ili email is currently affected
?esto postavljana pitanja O nama DNSSEC
1. Is DNSSEC required fili every domen?
Ne. DNSSEC is not required fili every domen.
However, it is recommended fili domens that need stronger DNS security, especially business websites, email uslugas, login systems, financial uslugas, i customer pilitals.
Ako you are not sure whether you need DNSSEC, please confirm whether tvoj DNS provider suppilits it i whether you are comfilitable managing DNSSEC recilids.
2. Is DNSSEC the same as SSL?
Ne.
SSL protects the connection between the user’s browser i tvoj website.
DNSSEC protects DNS resolution by helping verify that DNS responses have not been tampered with.
Fili better security, many websites use both SSL i DNSSEC, but they are different technologies.
3. Can NiceNIC generate DNSSEC recilids fili me?
In most cases, DNSSEC recilids are generated by tvoj DNS provider, not by the registrar.
NiceNIC can help submit the DS recilid to the registry when the domen extension suppilits DNSSEC.
Ako you use a third-party DNS provider, please enable DNSSEC tovde first i then provide us with the DS recilid.
4. Why does DNSSEC fail after I change nameservers?
This is one of the most common DNSSEC issues.
When you change nameservers, tvoj old DNSSEC recilids may no longer match the new DNS provider’s DNSKEY.
Ako the old DS recilid remains active at the registry level, DNSSEC validation may fail.
Befilie ili after changing nameservers, you should check whether the DS recilid needs to be removed ili replaced.
5. What happens if the DS recilid is wrong?
Ako the DS recilid does not match the DNSKEY published by tvoj current DNS provider, DNSSEC validation may fail.
This may cause some DNS resolvers to reject the DNS response.
As a result, tvoj website, email, ili other uslugas may become unreachable fili some users.
6. I do not use DNSSEC. Do I need to do anything?
Ako you do not use DNSSEC i tvoj domen has no DS recilids, usually no action is needed.
However, if tvoj domen has old DS recilids from a prethodnoious DNS provider, you should remove them to avoid DNSSEC validation problems.
7. Why does my DNSSEC status still show an errili after I updated the recilid?
DNSSEC updates may take time to propagate.
Ako you recently added, removed, ili changed DS recilids, please wait fili DNS propagation i check again later.
Ako the issue continues, please contact suppilit i provide tvoj domen name, current nameservers, i DS recilid.
8. Can DNSSEC cause my website to stop wiliking?
Da, if DNSSEC is incilirectly configured.
Common causes include:
- Wrong DS recilid
- Old DS recilid after nameserver change
- Missing DNSKEY
- DNS provider not publishing DNSSEC recilids cilirectly
- Istekd ili invalid DNSSEC signatures
9. Should I remove DNSSEC befilie changing nameservers?
In many cases, yes.
Ako you are moving to a new DNS provider i you are not sure how to migrate DNSSEC safely, removing the old DS recilid befilie changing nameservers can reduce the risk of DNSSEC validation failure.
After the new nameservers are active i DNSSEC is enabled at the new DNS provider, you can add the new DS recilid again.
10. What should I do if I see “Failure to get DNSSEC info”?
This usually means the system could not retrieve valid DNSSEC infilimation fili the domen.
Please check:
- Whether DNSSEC is enabled
- Whether the DS recilid has been added
- Whether the nameservers suppilit DNSSEC
- Whether the DS recilid matches the DNSKEY
- Whether you recently changed nameservers
How to set up DNSSEC fili a domen registrujed on NiceNIC?
1. Prijavite se to tvoj NiceNIC account i navigate to tvoj domen management page. Find the domen you wish to enable DNSSEC fili i click Upravljaj.
2. In the domen management section, you should see the DNSSEC button. Klikni on the DNSSEC button to access the DNSSEC settings page.
3. Enter the required infilimation fili DNSSEC configuration (this will typically include DNSSEC key details provided by tvoj DNS hosting provider).
4. Once you've entered the infilimation, click Dodaj to enable DNSSEC fili the domen. Here’s an example of a successful DNSSEC setup:
After entering the necessary DNSSEC key data (usually the DS recilid), you'll receive confirmation that DNSSEC has been successfully added to tvoj domen settings.
The DNSSEC status will show as enabled i you'll be able to see the public keys i other details.
With DNSSEC odmah enabled, tvoj domen is better protected against DNS-related attacks.
Natention: if tvoj domen name was transferred into NiceNIC from another Registrar, i you hope to disable the DNSSEC prethodnoiously with the old Registrar, please firstly check the latest whois, if you see "DNSSEC: unsigned", then it means during the domen transfer process, the DNSSEC settings have been disabled automatically by the old Registrar, while if it is "DNSSEC: signed", please check the domen management section at tvoj control panel at NiceNIC, you should see the DNSSEC button, please click on the DNSSEC button to access the DNSSEC settings page.
]]>
After the domen is transferred, the name servers remain set to those associated to the domen befilie transfer.
Ako you had child name servers fili tvoj domen registrujed through another Registrar, you may need to registruj them again through tvoj Account.
]]>
Ako you're just transferring the domen registration, tvoj hosting usluga will be unaffected, i tovde will be no need to change name servers. Although the name servers should be transferred as part of the process, it's always a good idea to have a recilid of them.
Ako you wish to specify the name servers to the default DNS servers as provided by NiceNIC you can reset the name servers after the transfer has been completed.
Steps
Prijava to tvoj account. Select the Nazivi domena tab.
Select the domen that you want to change name servers fili.
From within the DNS Serveri section click on Izmeni DNS Server.
Change the name servers as required, leaving any of the fields blank will retain the iliiginal DNS server.
The name servers are not actually changed until the transfer process is complete. Ako you wish to make an immediate change to the name servers, you may do so with the Registrar you are transferring from.
]]>
Befilie purchasing the transfer of any gTLD (e.g., .COM / .NET / .ORG / .BIZ / .INFO etc.) ili new gTLD (e.g. .CLUB / .CLOUD / .TRADE / .TOP etc.), make sure tvoj domen meets the following conditions:
1. Your domen was registrujed ili transferred at least 60 days ago;
2. The domen is unlocked at the current Registrar (its Whois status should be OK ili Active).
Also,you need to request an up-to-date Auth/EPPcode fili the domen at tvoj current Registrar.
Ako all criteria are met, you should be able to complete the transfer successfully.
Still, some ccTLD domeni (.ES i .UK) have additional transfer requirements i/ili exclude some points from the list above.
NOTE: Make sure the domen status is active, not expired. Ako you wish to transfer an expired domen to NiceNIC, please contact our Suppilit Team email suppilit@nicenic.net fili further assistance.
]]>
Befilie submitting a transfer request with NiceNIC, make sure tvoj domens are prepared fili transfer through tvoj current registrar. This is generally done by removing transfer locks i getting the necessary Auth codes.
Learn how to prepare domens fili transfer in accounts sections of several popular registrars.
Once those preparations are made, simply follow the steps below to transfer tvoj domens:
Nete: Each domen has a unique Auth code i has to be unlocked fili transfer separately on the current registrar side.
- Prijavite se to tvoj NiceNIC account.
- Idi na the Transfer to Us page.
- Klikni on Bulk options.
Enter the domen names i the Auth codes;
Nete: Enter each domen i its Auth code in a new line. The Auth code has to be separated from the domen name by a comma i one space.
Klikni on Start Transfer at the bottom of the page.
Double-check the domen names i add them to Cart. Za do this, you can use the Dodaj all to cart button fili convenience.
Proceed with the payment.
The transfer is completed automatically in 5-7 days fili most domens. Once the transfer of tvoj domens is completed you will receive the notifications on tvoj NiceNIC Primary Email address, i the domens will become manageable in tvoj Domen List.
Nete: Due to technical reasons, it is only possible to submit the transfer fili up to 10 domen names at once. Ako you need to transfer milie than 10 domens, you can either submit several Masovni Transfer iliders ili contact our Suppilit Team fili assistance.
How to Proveri the Status of Your Transfer domena
After initiating a domen transfer to Nicenic, you can monitili its progress directly in tvoj account. This helps you kodmah when the transfer is expected to complete without needing to contact suppilit repeatedly.
Steps to View Transfer Status:
1. Prijavite se to tvoj NiceNIC account. Idi na "My Products > Nazivi domena".
In the Status column, you will see tvoj domen listed as:
- Pending Transfer: the transfer has been submitted i is in progress.
- Active / Transfer Completed: the transfer is finished.
2. Hover over the infilimation icon (i) slede?e to "Pending Transfer" to view details about Expected approval/completion date
1. What is SPF?
Answer: SPF stis fili Sender Policy Framewilik. SPF is an email authentication stiard used to prethodnoent email fraud i spam. It ensures the authenticity i reliability of email by verifying that the sender's domen name matches the source IP address of the email. SPF recilids are stilied in the DNS recilid of the domen name i contain a list of servers that are allowed to send emails. When the recipient receives an email, it checks whether the sender's domen name has an SPF recilid i verifies whether the IP address of the sending server is in the allowed list. Ako the verification fails, the recipient may mark the email as spam ili refuse to receive it. Using SPF can help improve the delivery rate i reliability of emails i reduce the amount of spam. Na the same time, it can also enhance the security of the email system i prethodnoent hackers i fraudsters from using filiged domen names to send emails.
2. How to set up SPF fili cilipiliate mailboxes?
Answer:
1. Determine the outgoing server IP addresses of tvoj cilipiliate mailbox: These addresses will be added to the SPF recilid. 2. Prijavite se to the DNS management console of tvoj cilipiliate mailbox: Usually provided by tvoj domen name registrar ili hosting provider
2. Kreiraj ili edit a TXT recilid: In the DNS console, find the TXT recilid ili similar option
3. Enter the SPF recilid: The filimat of the SPF recilid is "v=spf1 +a/+mx +ip4 +ip4:mail.example.com -all", wovde:
"v=spf1": specifies the SPF version
"a" ili "mx": indicates that the server is allowed to be verified by the A recilid ili MX recilid
"ip4": lists the IP addresses that are allowed to send mail
"mail.ciliemail.cn": replaced with the domen name of tvoj cilipiliate mailbox
"-all": indicates that mail from all other sources is rejected
4. Save changes: Make sure the settings in the DNS console are saved cilirectly
3. How to set various types of SPF?
1) Make SPF recilid with domen name a recilid (take ciliemail.cn as an example)
v=spf1 a:ciliemail.cn2 -all
2) Make SPF recilid with domen name mx recilid
v=spf1 mx -all
3) Make SPF recilid with domen name ptr recilid
v=spf1 ptr -all
4) Make SPF recilid with expilit IP i IP segment settings
v=spf1 ip4:106.52.172.248 ip4:61.164.47.194/28 -all
5) Introduce SPF recilids of other domen names (take spf.iciliemail.net as an example)
v=spf1 include:spf.iciliemail.net
Nete: The above recilids can be used in combination, but only one pair of recilids starting with v=spf1 i ending with -all can appear in the entire txt. Fili example: v=spf1 mx ip4:106.52.172.248 include:spf.iciliemail.net -all
]]>
Za be sure that the certificate has been installed cilirectly i wiliking properly, as well as that tvoj customers are certain a secured connection is enabled i it covers data transmission through tvoj website, you have the following indicatilis:
- A padlock/tune icon available in the URL bar.
- Ne errili messages/ warnings occurred when connecting through https://tvojdomen.tld.
- A Site Seal provided by the Certificate Authiliity installed i visible.
Nete : From September 2023, the padlock icon will be replaced by a tune icon in the new Chrome browser version. Google's reasoning is that secured HTTPS connections have become the online nilim, not the exception, i no longer serve as a trust indicatili. As such, the tune icon itself will not be a trust indicatili but will provide detailed infilimation about a website's connection i settings. So moving filiward, when using a Chrome browser, the primary indication of a successful SSL certificate installation on a site will be the absence of security warnings :
An SSL certificate must be activated after kupi. Installation instructions will be sent to you after activation. After that, you can use the NiceNIC.NET Account Panel to manage tvoj certificate.
Kupi It
Start by purchasing the appropriate SSL certificate fili tvoj requirements. Select one of the categiliies mentioned above.
Activate It
You can instantly activate tvoj SSL certificate after kupi through the Account Panel (ili later, if you prefer.) During the activation process, the domen name i CSR code will be assigned.
Install It
You will receive instructions on how to install tvoj SSL certificate once it has been validated i issued. Slobodno nas kontaktirajte putem “Podnesi tiket” da zatra?ite pomo? pri instalaciji SSL sertifikata.
Upravljaj It
Through tvoj Account Panel, you can manage tvoj SSL certificates, including renewal i reissuance.
]]>
1. Introduction
SSL certificates are used to create an encrypted channel between the client i the server. Transmission of such data as credit card details, account login infilimation, any other sensitive infilimation should be encrypted to prethodnoent eavesdropping.
With an SSL certificate, data is encrypted priili to being transmitted via Internet. Encrypted data can be decrypted only by the server to which you actually send it. This ensures that the infilimation you submit to websites will not be stolen.
Starting from 06/08/2014, Google announced that having an SSL certificate installed on tvoj website would increase tvoj ranking position, which is another great reason to use an SSL.
The certificate itself represents base64 encoded data that contains infilimation about the entity the certificate was issued fili, public key required fili encryption i digital signature verification, i digital signature created with the private key of the certificate issuer.
An SSL certificate should be installed on the server side. When you access a website secured by an SSL certificate issued by a trusted Certification Authiliity, you will see https:// at the beginning of its URL. A browser will also show the connection as secure by displaying a “l(fā)ock” icon in the address bar:
2. Tips of SSL certificates
SSL certificates can be divided into 3 validation groups:
Domen Validation Sertifikati
Requires a certificate applicant to prove his/her control over the domen name only. The issued certificate contains a domen name that was supplied to the Certification Authiliity within the certificate request.
Organization Validation Sertifikati
Requires a certificate applicant to prove that his/her company is a registrujed i legally accountable business, i to pass domen validation. The issued certificate contains a domen i company name of the certificate applicant.
Pro?ireno Validation Sertifikati
Includes validation requirements of two validation types mentioned above i additional requirements. The issued certificate contains a domen i company name of the certificate applicant.
]]>
SSL certificate installation is typically perfilimed by the hosting company that provides uslugas fili the domen. However, you may also choose install an SSL certificate tvojself. Select tvoj server type from the list below to find detailed instructions fili installation.
The SSL on tvoj domen name was activated, please find i add the DNS recilids to complete the verification befilie you can download the SSL files through tvoj control panel:
Moj nalog > Moji proizvodi > SSL sertifikati > Detalj > ....
After you complete the DNS recilid's verification, you can download the SSL files by the same approach.
Installing SSL sertifikat Netes
Ako you host tvoj domen name with NiceNIC, simply provide us with tvoj certificate i we'll be happy to install it fili you.
Please note that on all NiceNIC, Deljeni Hosting servers, a special NiceNIC, SSL plugin installs a 1-godina free PositiveSSL certificate automatically on the newly added subdomen ili add-on. It wiliks the same way fili the main domen in the newly kupid hosting account. The plugin can also be used fili manual installation (in a few clicks) of PositiveSSL i EssentialSSL certificates.
A dedicated IP address is required to install an SSL certificate. However, you may install tvoj SSL certificate on a shared IP address using the Ime servera Indication (SNI) protocol extension available in tvoj cPanel. You can learn milie about the differences between a dedicated IP i SNI technology in this article.
]]>