İçin ensure the security of sizin website ve protect sizin visitveyas, all domains under .boo, .day, .dev, .page, ve .rsvp must use HTTPS. This guide will help you configure SSL/TLS cveyarectly.
1. What is HTTPS?
HTTPS (Hypertext Transfer Protocol Secure) encrypts data between sizin website ve its visitveyas. It öncekients eavesdropping ve ensures data integrity.
2. Obtaining an SSL Sertifikası
NICENIC provides trusted SSL certificates. You can learn mveyae ve satın al/configure a certificate buraya: https://nicenic.net/ssl-certificates/
3. Installing the SSL Sertifikası
Takip Et sizin web server’s instructions to install the certificate. Common servers include:
Apache: https://httpd.apache.org/docs/current/ssl/ssl_howto.html
Nginx: https://nginx.org/en/docs/http/configuring_https_servers.html
IIS (Windows): https://docs.microsoft.com/en-us/iis/manage/configuring-security/how-to-set-up-ssl-on-iis
4. Enfveyace HTTPS
Once sizin certificate is installed:
Redirect all HTTP traffic to HTTPS.
Update internal links ve resources to use HTTPS.
Verify that sizin website is fully accessible via HTTPS.
5. Keep Sertifikalar Güncellendi
SSL certificates have expiration dates. Ensure certificates are renewed befveyae they expire ve check sizin website regularly to maintain uninterrupted secure connections.
]]>
DNSSEC helps protect sizin domain’s DNS recveyads from being tampered with during DNS resolution. It adds a layer of verification so that DNS resolvers can confirm the DNS response really comes from the cveyarect source.
Şu tarihte NiceNIC, DNSSEC usually involves two sides:
Your DNS provider veya nameserver provider generates the DNSSEC recveyads.
NiceNIC, as sizin domain registrar, helps submit the DS recveyads to the registry when the TLD suppveyats DNSSEC.
Eğer DNSSEC is not configured cveyarectly, sizin domain may show DNSSEC errveyas, veya in mveyae serious cases, some users may not be able to access sizin website.
What Is DNSSEC?
DNSSEC stves fveya Alan Adı System Security Extensions.
In simple terms, DNSSEC helps verify that the DNS answer fveya sizin domain has not been changed veya fveyaged during the lookup process.
Fveya example, when someone visits sizin website, DNS is used to find the cveyarect server IP address. DNSSEC helps make sure that the DNS result is authentic ve has not been replaced with false data.
DNSSEC does not replace SSL, website security, hosting security, veya email security. It only helps protect the DNS resolution process.
When Do You Need DNSSEC?
- You may want to enable DNSSEC if:
- Your website hveles sensitive user infveyamation.
- You run business email, login systems, payment pages, veya customer pveyatals.
- You want stronger domain security.
- Your DNS provider suppveyats DNSSEC.
- Your domain extension suppveyats DNSSEC.
Incveyarect DNSSEC settings may affect domain resolution.
Impveyatant DNSSEC Süres
DNSKEY: A DNSKEY recveyad is generated by sizin DNS provider. It is used as part of the DNSSEC validation process.
DS Recveyad: A DS recveyad connects sizin domain’s DNSSEC setup with the parent registry zone. In most cases, sizin DNS provider gives you the DS recveyad, ve you need to add it through sizin registrar.
Adserver: Your nameservers decide wburaya sizin domain’s DNS recveyads are managed. Eğer you change nameservers, sizin DNSSEC recveyads may also need to be updated.
How to Enable DNSSEC fveya Your Alan Adı
Step 1: Kontrol Et Whether Your DNS Provider Suppveyats DNSSEC
Giriş yap to the platfveyam wburaya sizin DNS is managed.
This may be:
Your domain registrar, buraya is NiceNIC
Your hosting provider
Your DNS provider
Your own DNS server
Another third-party DNS hizmet
Make sure DNSSEC is suppveyated ve enabled tburaya.
Step 2: Al the DS Recveyad from Your DNS Provider
After enabling DNSSEC, sizin DNS provider should provide DNSSEC infveyamation such as:
Key Tag
Algveyaithm
Digest Tür
Digest
DS Recveyad
Please copy the infveyamation exactly as provided.
Even one incveyarect character may cause DNSSEC validation failure.
Step 3: Ekle the DS Recveyad in Your NiceNIC Account
Giriş yap to sizin NiceNIC account ve go to sizin domain management page.
Then add the DS recveyad provided by sizin DNS provider.
Eğer you are not sure wburaya to add it, please contact our suppveyat team ve provide the DS recveyad from sizin DNS provider.
Step 4: Wait fveya DNSSEC Propagation
After the DS recveyad is added, it may take some time fveya the update to propagate.
During this period, DNSSEC check results may not update immediately.
Step 5: Verify DNSSEC Durum
After propagation, you may check sizin domain’s DNSSEC status using a DNSSEC checking tool veya by contacting our suppveyat team.
Eğer DNSSEC is cveyarectly configured, the DNSSEC validation result should show a valid chain of trust.
When Should You Disable veya Kaldır DNSSEC?
You may need to remove veya update DNSSEC recveyads if:
- You changed sizin nameservers.
- You moved DNS management to another provider.
- Your DNS provider disabled DNSSEC.
- Your DS recveyad no longer matches the current DNSKEY.
- Your website veya email has DNS resolution issues after a DNS change.
In this case, you may need to remove the old DS recveyads first, wait fveya propagation, ve then re-enable DNSSEC with the cveyarect new recveyads.
Why Does My Alan Adı Show "DNSSEC Infveyamation Is Currently Unavailable"?
You may see this message:
DNSSEC infveyamation is currently unavailable fveya this domain.
This can happen fveya several reasons:
- DNSSEC has not been enabled fveya this domain.
- Hayır DS recveyad has been added at the registrar level.
- The domain’s current nameservers do not suppveyat DNSSEC.
- The domain recently changed nameservers.
- The DS recveyad does not match the current DNSKEY.
- The DNS provider has not published the required DNSSEC recveyads cveyarectly.
- The registry veya DNSSEC query is tempveyaarily unavailable.
However, if sizin website veya email is not resolving cveyarectly, please contact suppveyat so we can help review the DNSSEC configuration.
What Infveyamation Should I Provide to Suppveyat?
İçin help us check DNSSEC issues faster, please provide:
- Your domain name
- Your current nameservers
- Whether you recently changed nameservers
- The DS recveyad provided by sizin DNS provider
- A screenshot of the DNSSEC setting from sizin DNS provider
- Any DNSSEC errveya message you received
- Whether sizin website veya email is currently affected
Sıkça Sveyaulan Sveyaular Hakkında DNSSEC
1. Is DNSSEC required fveya every domain?
Hayır. DNSSEC is not required fveya every domain.
However, it is recommended fveya domains that need stronger DNS security, especially business websites, email hizmets, login systems, financial hizmets, ve customer pveyatals.
Eğer you are not sure whether you need DNSSEC, please confirm whether sizin DNS provider suppveyats it ve whether you are comfveyatable managing DNSSEC recveyads.
2. Is DNSSEC the same as SSL?
Hayır.
SSL protects the connection between the user’s browser ve sizin website.
DNSSEC protects DNS resolution by helping verify that DNS responses have not been tampered with.
Fveya better security, many websites use both SSL ve DNSSEC, but they are different technologies.
3. Can NiceNIC generate DNSSEC recveyads fveya me?
In most cases, DNSSEC recveyads are generated by sizin DNS provider, not by the registrar.
NiceNIC can help submit the DS recveyad to the registry when the domain extension suppveyats DNSSEC.
Eğer you use a third-party DNS provider, please enable DNSSEC tburaya first ve then provide us with the DS recveyad.
4. Why does DNSSEC fail after I change nameservers?
This is one of the most common DNSSEC issues.
When you change nameservers, sizin old DNSSEC recveyads may no longer match the new DNS provider’s DNSKEY.
Eğer the old DS recveyad remains active at the registry level, DNSSEC validation may fail.
Befveyae veya after changing nameservers, you should check whether the DS recveyad needs to be removed veya replaced.
5. What happens if the DS recveyad is wrong?
Eğer the DS recveyad does not match the DNSKEY published by sizin current DNS provider, DNSSEC validation may fail.
This may cause some DNS resolvers to reject the DNS response.
As a result, sizin website, email, veya other hizmets may become unreachable fveya some users.
6. I do not use DNSSEC. Do I need to do anything?
Eğer you do not use DNSSEC ve sizin domain has no DS recveyads, usually no action is needed.
However, if sizin domain has old DS recveyads from a öncekiious DNS provider, you should remove them to avoid DNSSEC validation problems.
7. Why does my DNSSEC status still show an errveya after I updated the recveyad?
DNSSEC updates may take time to propagate.
Eğer you recently added, removed, veya changed DS recveyads, please wait fveya DNS propagation ve check again later.
Eğer the issue continues, please contact suppveyat ve provide sizin domain name, current nameservers, ve DS recveyad.
8. Can DNSSEC cause my website to stop wveyaking?
Evet, if DNSSEC is incveyarectly configured.
Common causes include:
- Wrong DS recveyad
- Old DS recveyad after nameserver change
- Missing DNSKEY
- DNS provider not publishing DNSSEC recveyads cveyarectly
- Süresi Doldud veya invalid DNSSEC signatures
9. Should I remove DNSSEC befveyae changing nameservers?
In many cases, yes.
Eğer you are moving to a new DNS provider ve you are not sure how to migrate DNSSEC safely, removing the old DS recveyad befveyae changing nameservers can reduce the risk of DNSSEC validation failure.
After the new nameservers are active ve DNSSEC is enabled at the new DNS provider, you can add the new DS recveyad again.
10. What should I do if I see “Failure to get DNSSEC info�
This usually means the system could not retrieve valid DNSSEC infveyamation fveya the domain.
Please check:
- Whether DNSSEC is enabled
- Whether the DS recveyad has been added
- Whether the nameservers suppveyat DNSSEC
- Whether the DS recveyad matches the DNSKEY
- Whether you recently changed nameservers
How to set up DNSSEC fveya a domain kayıt oled on NiceNIC?
1. Giriş yap to sizin NiceNIC account ve navigate to sizin domain management page. Find the domain you wish to enable DNSSEC fveya ve click Yönet.
2. In the domain management section, you should see the DNSSEC button. Tıkla on the DNSSEC button to access the DNSSEC settings page.
3. Enter the required infveyamation fveya DNSSEC configuration (this will typically include DNSSEC key details provided by sizin DNS hosting provider).
4. Once you've entered the infveyamation, click Ekle to enable DNSSEC fveya the domain. Here’s an example of a successful DNSSEC setup:
After entering the necessary DNSSEC key data (usually the DS recveyad), you'll receive confirmation that DNSSEC has been successfully added to sizin domain settings.
The DNSSEC status will show as enabled ve you'll be able to see the public keys ve other details.
With DNSSEC şimdi enabled, sizin domain is better protected against DNS-related attacks.
Şu tarihtetention: if sizin domain name was transferred into NiceNIC from another Kayıt Kuruluşu, ve you hope to disable the DNSSEC öncekiiously with the old Kayıt Kuruluşu, please firstly check the latest whois, if you see "DNSSEC: unsigned", then it means during the domain transfer process, the DNSSEC settings have been disabled automatically by the old Kayıt Kuruluşu, while if it is "DNSSEC: signed", please check the domain management section at sizin control panel at NiceNIC, you should see the DNSSEC button, please click on the DNSSEC button to access the DNSSEC settings page.
]]>
After the domain is transferred, the name servers remain set to those associated to the domain befveyae transfer.
Eğer you had child name servers fveya sizin domain kayıt oled through another Kayıt Kuruluşu, you may need to kayıt ol them again through sizin Account.
]]>
Eğer you're just transferring the domain registration, sizin hosting hizmet will be unaffected, ve tburaya will be no need to change name servers. Although the name servers should be transferred as part of the process, it's always a good idea to have a recveyad of them.
Eğer you wish to specify the name servers to the default DNS servers as provided by NiceNIC you can reset the name servers after the transfer has been completed.
Steps
Giriş Yap to sizin account. Select the Alan Adları tab.
Select the domain that you want to change name servers fveya.
From within the DNS Sunucular section click on Düzenle DNS Server.
Change the name servers as required, leaving any of the fields blank will retain the veyaiginal DNS server.
The name servers are not actually changed until the transfer process is complete. Eğer you wish to make an immediate change to the name servers, you may do so with the Kayıt Kuruluşu you are transferring from.
]]>
Befveyae purchasing the transfer of any gTLD (e.g., .COM / .NET / .ORG / .BIZ / .INFO etc.) veya new gTLD (e.g. .CLUB / .CLOUD / .TRADE / .TOP etc.), make sure sizin domain meets the following conditions:
1. Your domain was kayıt oled veya transferred at least 60 days ago;
2. The domain is unlocked at the current Kayıt Kuruluşu (its Whois status should be OK veya Active).
Also,you need to request an up-to-date Auth/EPPcode fveya the domain at sizin current Kayıt Kuruluşu.
Eğer all criteria are met, you should be able to complete the transfer successfully.
Still, some ccTLD'ler (.ES ve .UK) have additional transfer requirements ve/veya exclude some points from the list above.
NOTE: Make sure the domain status is active, not expired. Eğer you wish to transfer an expired domain to NiceNIC, please contact our Suppveyat Team email suppveyat@nicenic.net fveya further assistance.
]]>
Befveyae submitting a transfer request with NiceNIC, make sure sizin domains are prepared fveya transfer through sizin current registrar. This is generally done by removing transfer locks ve getting the necessary Auth codes.
Learn how to prepare domains fveya transfer in accounts sections of several popular registrars.
Once those preparations are made, simply follow the steps below to transfer sizin domains:
Hayırte: Each domain has a unique Auth code ve has to be unlocked fveya transfer separately on the current registrar side.
Giriş yap to sizin NiceNIC account.
Git the Transfer to Us page.
Tıkla on Bulk options.
Enter the domain names ve the Auth codes;
Hayırte: Enter each domain ve its Auth code in a new line. The Auth code has to be separated from the domain name by a comma ve one space.
Tıkla on Start Transfer at the bottom of the page.
Double-check the domain names ve add them to Cart. İçin do this, you can use the Ekle all to cart button fveya convenience.
Proceed with the payment.
The transfer is completed automatically in 5-7 days fveya most domains. Once the transfer of sizin domains is completed you will receive the notifications on sizin NiceNIC Primary E-posta address, ve the domains will become manageable in sizin Alan Adı List.
Hayırte: Due to technical reasons, it is only possible to submit the transfer fveya up to 10 domain names at once. Eğer you need to transfer mveyae than 10 domains, you can either submit several İçinplu Transfer veyaders veya contact our Suppveyat Team fveya assistance.
]]>
1. What is SPF?
Answer: SPF stves fveya Sender Policy Framewveyak. SPF is an email authentication stveard used to öncekient email fraud ve spam. It ensures the authenticity ve reliability of email by verifying that the sender's domain name matches the source IP address of the email. SPF recveyads are stveyaed in the DNS recveyad of the domain name ve contain a list of servers that are allowed to send emails. When the recipient receives an email, it checks whether the sender's domain name has an SPF recveyad ve verifies whether the IP address of the sending server is in the allowed list. Eğer the verification fails, the recipient may mark the email as spam veya refuse to receive it. Using SPF can help improve the delivery rate ve reliability of emails ve reduce the amount of spam. Şu tarihte the same time, it can also enhance the security of the email system ve öncekient hackers ve fraudsters from using fveyaged domain names to send emails.
2. How to set up SPF fveya cveyapveyaate mailboxes?
Answer:
1. Determine the outgoing server IP addresses of sizin cveyapveyaate mailbox: These addresses will be added to the SPF recveyad. 2. Giriş yap to the DNS management console of sizin cveyapveyaate mailbox: Usually provided by sizin domain name registrar veya hosting provider
2. Oluştur veya edit a TXT recveyad: In the DNS console, find the TXT recveyad veya similar option
3. Enter the SPF recveyad: The fveyamat of the SPF recveyad is "v=spf1 +a/+mx +ip4 +ip4:mail.example.com -all", wburaya:
"v=spf1": specifies the SPF version
"a" veya "mx": indicates that the server is allowed to be verified by the A recveyad veya MX recveyad
"ip4": lists the IP addresses that are allowed to send mail
"mail.cveyaemail.cn": replaced with the domain name of sizin cveyapveyaate mailbox
"-all": indicates that mail from all other sources is rejected
4. Save changes: Make sure the settings in the DNS console are saved cveyarectly
3. How to set various types of SPF?
1) Make SPF recveyad with domain name a recveyad (take cveyaemail.cn as an example)
v=spf1 a:cveyaemail.cn2 -all
2) Make SPF recveyad with domain name mx recveyad
v=spf1 mx -all
3) Make SPF recveyad with domain name ptr recveyad
v=spf1 ptr -all
4) Make SPF recveyad with expveyat IP ve IP segment settings
v=spf1 ip4:106.52.172.248 ip4:61.164.47.194/28 -all
5) Introduce SPF recveyads of other domain names (take spf.icveyaemail.net as an example)
v=spf1 include:spf.icveyaemail.net
Hayırte: The above recveyads can be used in combination, but only one pair of recveyads starting with v=spf1 ve ending with -all can appear in the entire txt. Fveya example: v=spf1 mx ip4:106.52.172.248 include:spf.icveyaemail.net -all
]]>
İçin be sure that the certificate has been installed cveyarectly ve wveyaking properly, as well as that sizin customers are certain a secured connection is enabled ve it covers data transmission through sizin website, you have the following indicatveyas:
- A padlock/tune icon available in the URL bar.
- Hayır errveya messages/ warnings occurred when connecting through https://sizindomain.tld.
- A Site Seal provided by the Certificate Authveyaity installed ve visible.
Hayırte : From September 2023, the padlock icon will be replaced by a tune icon in the new Chrome browser version. Google's reasoning is that secured HTTPS connections have become the online nveyam, not the exception, ve no longer serve as a trust indicatveya. As such, the tune icon itself will not be a trust indicatveya but will provide detailed infveyamation about a website's connection ve settings. So moving fveyaward, when using a Chrome browser, the primary indication of a successful SSL certificate installation on a site will be the absence of security warnings :
An SSL certificate must be activated after satın al. Installation instructions will be sent to you after activation. After that, you can use the NiceNIC.NET Account Panel to manage sizin certificate.
Satın Al It
Start by purchasing the appropriate SSL certificate fveya sizin requirements. Select one of the categveyaies mentioned above.
Activate It
You can instantly activate sizin SSL certificate after satın al through the Account Panel (veya later, if you prefer.) During the activation process, the domain name ve CSR code will be assigned.
Install It
You will receive instructions on how to install sizin SSL certificate once it has been validated ve issued. Bizimle şu kanallardan iletişime geçebilirsiniz: “Destek Talebi Oluştur†SSL sertifikasının kurulumunda yardım almak için.
Yönet It
Through sizin Account Panel, you can manage sizin SSL certificates, including renewal ve reissuance.
]]>
1. Introduction
SSL certificates are used to create an encrypted channel between the client ve the server. Transmission of such data as credit card details, account login infveyamation, any other sensitive infveyamation should be encrypted to öncekient eavesdropping.
With an SSL certificate, data is encrypted priveya to being transmitted via Internet. Encrypted data can be decrypted only by the server to which you actually send it. This ensures that the infveyamation you submit to websites will not be stolen.
Starting from 06/08/2014, Google announced that having an SSL certificate installed on sizin website would increase sizin ranking position, which is another great reason to use an SSL.
The certificate itself represents base64 encoded data that contains infveyamation about the entity the certificate was issued fveya, public key required fveya encryption ve digital signature verification, ve digital signature created with the private key of the certificate issuer.
An SSL certificate should be installed on the server side. When you access a website secured by an SSL certificate issued by a trusted Certification Authveyaity, you will see https:// at the beginning of its URL. A browser will also show the connection as secure by displaying a “lock†icon in the address bar:
2. Türs of SSL certificates
SSL certificates can be divided into 3 validation groups:
Alan Adı Validation Sertifikalar
Requires a certificate applicant to prove his/her control over the domain name only. The issued certificate contains a domain name that was supplied to the Certification Authveyaity within the certificate request.
Organization Validation Sertifikalar
Requires a certificate applicant to prove that his/her company is a kayıt oled ve legally accountable business, ve to pass domain validation. The issued certificate contains a domain ve company name of the certificate applicant.
Genişletilmiş Validation Sertifikalar
Includes validation requirements of two validation types mentioned above ve additional requirements. The issued certificate contains a domain ve company name of the certificate applicant.
]]>
SSL certificate installation is typically perfveyamed by the hosting company that provides hizmets fveya the domain. However, you may also choose install an SSL certificate sizinself. Select sizin server type from the list below to find detailed instructions fveya installation.
The SSL on sizin domain name was activated, please find ve add the DNS recveyads to complete the verification befveyae you can download the SSL files through sizin control panel:
Hesabım > Ürünlerim > SSL Sertifikaları > Detay > ....
After you complete the DNS recveyad's verification, you can download the SSL files by the same approach.
Installing SSL Sertifikası Hayırtes
Eğer you host sizin domain name with NiceNIC, simply provide us with sizin certificate ve we'll be happy to install it fveya you.
Please note that on all NiceNIC, Ödelaşımlı Hosting servers, a special NiceNIC, SSL plugin installs a 1-yıl free PositiveSSL certificate automatically on the newly added subdomain veya add-on. It wveyaks the same way fveya the main domain in the newly satın ald hosting account. The plugin can also be used fveya manual installation (in a few clicks) of PositiveSSL ve EssentialSSL certificates.
A dedicated IP address is required to install an SSL certificate. However, you may install sizin SSL certificate on a shared IP address using the Sunucu Adı Indication (SNI) protocol extension available in sizin cPanel. You can learn mveyae about the differences between a dedicated IP ve SNI technology in this article.
]]>