Sitenizde HTTPS kullanman\u0131z tek ba\u015f\u0131na yeterli de\u011fildir: ziyaret\u00e7inin ilk iste\u011fi h\u00e2l\u00e2 \u015fifresiz HTTP \u00fczerinden gidebilir ve araya giren bir sald\u0131rgan bu k\u0131sa an\u0131 “SSL stripping” tekni\u011fiyle k\u00f6t\u00fcye kullanabilir. HSTS tam da bu a\u00e7\u0131\u011f\u0131 kapat\u0131r.<\/p>\n
HSTS (HTTP Strict Transport Security), sunucunun taray\u0131c\u0131ya “bu siteye yaln\u0131zca HTTPS ile ba\u011flan” talimat\u0131 veren bir yan\u0131t ba\u015fl\u0131\u011f\u0131d\u0131r: Web sunucunuza ba\u015fl\u0131\u011f\u0131 ekleyin. Nginx i\u00e7in: G\u00fcvenlik Ba\u015fl\u0131klar\u0131 arac\u0131m\u0131z<\/a> ile sitenizde HSTS’in aktif olup olmad\u0131\u011f\u0131n\u0131, max-age ve includeSubDomains de\u011ferlerini an\u0131nda g\u00f6rebilirsiniz. Sertifikan\u0131z\u0131n ge\u00e7erlili\u011fini ise SSL Sorgulama arac\u0131yla<\/a> do\u011frulay\u0131n. Yeni veya yenileme bir sertifikaya ihtiyac\u0131n\u0131z varsa \u0130HS Telekom SSL sertifikalar\u0131n\u0131<\/a> inceleyebilirsiniz.<\/p>\n Sitenizde HTTPS kullanman\u0131z tek ba\u015f\u0131na yeterli de\u011fildir: ziyaret\u00e7inin ilk iste\u011fi h\u00e2l\u00e2 \u015fifresiz HTTP \u00fczerinden gidebilir ve araya giren bir sald\u0131rgan bu k\u0131sa an\u0131 “SSL stripping” tekni\u011fiyle k\u00f6t\u00fcye kullanabilir. HSTS tam da bu a\u00e7\u0131\u011f\u0131 kapat\u0131r. HSTS Nedir? HSTS (HTTP Strict Transport Security), sunucunun taray\u0131c\u0131ya “bu siteye yaln\u0131zca HTTPS ile ba\u011flan” talimat\u0131 veren bir yan\u0131t ba\u015fl\u0131\u011f\u0131d\u0131r: Strict-Transport-Security: … Devam\u0131n\u0131 oku<\/a><\/p>\n","protected":false},"author":1,"featured_media":30,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[],"class_list":["post-31","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-guvenlik"],"_links":{"self":[{"href":"https:\/\/secradar.net\/blog\/wp-json\/wp\/v2\/posts\/31","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/secradar.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/secradar.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/secradar.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/secradar.net\/blog\/wp-json\/wp\/v2\/comments?post=31"}],"version-history":[{"count":1,"href":"https:\/\/secradar.net\/blog\/wp-json\/wp\/v2\/posts\/31\/revisions"}],"predecessor-version":[{"id":41,"href":"https:\/\/secradar.net\/blog\/wp-json\/wp\/v2\/posts\/31\/revisions\/41"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/secradar.net\/blog\/wp-json\/wp\/v2\/media\/30"}],"wp:attachment":[{"href":"https:\/\/secradar.net\/blog\/wp-json\/wp\/v2\/media?parent=31"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/secradar.net\/blog\/wp-json\/wp\/v2\/categories?post=31"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/secradar.net\/blog\/wp-json\/wp\/v2\/tags?post=31"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}Strict-Transport-Security: max-age=31536000; includeSubDomains<\/code>. Taray\u0131c\u0131 bu ba\u015fl\u0131\u011f\u0131 bir kez g\u00f6rd\u00fckten sonra, belirtilen s\u00fcre (max-age) boyunca adres \u00e7ubu\u011funa http:\/\/<\/code> yaz\u0131lsa bile iste\u011fi otomatik olarak HTTPS’e \u00e7evirir.<\/p>\nHangi Sald\u0131r\u0131lar\u0131 Engeller?<\/h2>\n
\n
HSTS Nas\u0131l Etkinle\u015ftirilir?<\/h2>\n
add_header Strict-Transport-Security \"max-age=31536000; includeSubDomains\" always;<\/code> Taray\u0131c\u0131 \u00f6n-y\u00fckleme listesine (preload) girmek i\u00e7in preload<\/code> direktifini ekleyip hstspreload.org<\/a> \u00fczerinden kaydolabilirsiniz. \u00d6nemli \u00f6n ko\u015ful: HSTS yaln\u0131zca ge\u00e7erli bir SSL sertifikan\u0131z<\/strong> varken anlaml\u0131d\u0131r; aksi halde site tamamen eri\u015filemez hale gelebilir.<\/p>\nDurumunuzu Kontrol Edin<\/h2>\n