如何防止网站被扫、防止SSL证书泄露域名
一、创建一个站点、我习惯是创建HTML站点
二、域名随意、例如: default.cn
三、配置证书、可以是自签的或者无效的、测试证书生成 https://myssl.com/create_test_cert.html
私钥
-----BEGIN EC PRIVATE KEY----- MHcCAQEEIJkpE4pTgTqmfD9zQKxrh0iO7kfZgR9oOJeRQ4VgSXNaoAoGCCqGSM49 AwEHoUQDQgAEapxkQCt0mx9nFndaOaOC3yC7uRNDigLSTXY6/8O474p1dbDw/cxr saFxI4M5oXmixwxit/Q4kc5+vCph4o5zkw== -----END EC PRIVATE KEY-----
证书
-----BEGIN CERTIFICATE----- MIICTjCCAfSgAwIBAgIQSzp8ZX5BTY6bNnvhTKMLRTAKBggqhkjOPQQDAjBeMQsw CQYDVQQGEwJDTjEOMAwGA1UEChMFTXlTU0wxKzApBgNVBAsTIk15U1NMIFRlc3Qg RUNDIC0gRm9yIHRlc3QgdXNlIG9ubHkxEjAQBgNVBAMTCU15U1NMLmNvbTAeFw0y NTA3MTgxNjIzMzFaFw0zMDA3MTcxNjIzMzFaMCIxCzAJBgNVBAYTAkNOMRMwEQYD VQQDEwpkZWZhdWx0LmNuMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEapxkQCt0 mx9nFndaOaOC3yC7uRNDigLSTXY6/8O474p1dbDw/cxrsaFxI4M5oXmixwxit/Q4 kc5+vCph4o5zk6OBzzCBzDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYB BQUHAwEGCCsGAQUFBwMCMB8GA1UdIwQYMBaAFFsRslcQ9HwYU8t7R+His50RVxQm MGMGCCsGAQUFBwEBBFcwVTAhBggrBgEFBQcwAYYVaHR0cDovL29jc3AubXlzc2wu Y29tMDAGCCsGAQUFBzAChiRodHRwOi8vY2EubXlzc2wuY29tL215c3NsdGVzdGVj Yy5jcnQwFQYDVR0RBA4wDIIKZGVmYXVsdC5jbjAKBggqhkjOPQQDAgNIADBFAiBR 8V2aXdVkz8oEn/qmV/WRnUAdSma3kVzSbXk316ou1gIhAOfnLkCZpSaV7YCYb0uP WqL3a0Q+Pkxfr20U62+V+vzs -----END CERTIFICATE-----
四、修改配置文件
server
{
listen 80 default_server;
listen 443 ssl default_server;
server_name default.cn;
ssl_certificate /www/server/panel/vhost/cert/default.cn/fullchain.pem;
ssl_certificate_key /www/server/panel/vhost/cert/default.cn/privkey.pem;
return 444;
}
