HTTPS
一、HTTPS介绍
## 1.概述
为什么需要使用HTTPS,因为HTTP不安全,当我们使用http网站时,会被黑客的劫持和篡改,如果采用https协议,那么数据在传输过程中是加密的,所以HTTPS安全的!
2.模拟网站劫持
# 1、配置一个正常网站
[root@web01 ~]# vim /etc/nginx/conf.d/linux12.jc.com.conf
server {
listen 80;
server_name linux12.jc.com;
location / {
root /mm;
index index.html;
}
}
# 2、配置一个正经页面
[root@web01 ~]# vim /mm/index.html
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>LOVE YOU</title>
<script src="http://apps.bdimg.com/libs/jquery/2.1.4/jquery.min.js"></script>
<link rel="stylesheet" href="http://apps.bdimg.com/libs/bootstrap/3.3.4/css/bootstrap.min.css" >
<script src="http://apps.bdimg.com/libs/bootstrap/3.3.4/js/bootstrap.min.js" ></script>
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no">
</head>
<body>
<div class="container">
<div class="row col-md-3"></div>
<div class="row col-md-6" >
<div class="row question">
<div class="col-md-6 col-xs-12">
<p style="line-height: 50px;font-size: 10px;">“小萍萍,我观察你很久了”</p>
<p style="line-height: 50px;font-size: 20px;">做我女朋友好不好?</p>
</div>
<div class="col-md-6 col-xs-12">
<img src="http://ozef40uqu.bkt.clouddn.com/1.png" alt="" style="height: 200px;">
</div>
</div>
<div class="row question" style="margin-top: 20px;">
<div class="col-md-6 col-xs-6" style="text-align: center;">
<button type="button" class="btn btn-success" style="width: 80%" id="no">好</button>
</div>
<div class="col-md-6 col-xs-6" style="text-align: center;">
<button type="button" class="btn btn-danger" style="width: 80%" id="ok">不好</button>
</div>
</div>
<div class="col-md-12 col-xs-12 hide" id="success">
<img src="http://ozef40uqu.bkt.clouddn.com/666.jpg" alt="" style="width: 100%;">
</div>
</div>
<div class="row col-md-3"></div>
</div>
<script>
var i=1;
var ok=false;
$(document).ready(function(){
$("#no").click(function(){
alert("真的吗?你答应了?");
alert("给我发消息吧,爱你");
$(".question").addClass('hide');
$("#success").removeClass('hide');
ok=true;
});
$("#ok").click(function(){
switch(i){
case 1:
alert("工资上交");
break;
case 2:
alert("家务全包");
break;
case 3:
alert("房产证写你的名字");
break;
case 4:
alert("保大");
break;
case 5:
alert("我妈会游泳");
break;
case 6:
alert("不跟你吵架,会撒娇 会卖萌");
break;
default:
alert("答应我吧");
}
i++;
});
});
</script>
</body>
</html>
## 授权
[root@web01 ~]# chown -R www.www /mm/
## nginx -t检查并重启
[root@web01 ~]# systemctl restart nginx
3.配置本地hosts
10.10.0.7 linux12.jc.com
# 4.被配置劫持的网站
1.配置文件
[root@lb01 ~]# vim /etc/nginx/conf.d/linux12.jc.com.conf
server {
listen 80;
server_name linux12.jc.com;
location / {
proxy_pass http://10.10.0.7:80;
include proxy_params;
}
}
2.授权并检查
## 授权
[root@web01 ~]# chown -R www.www /mm/
## nginx -t检查并重启
[root@web01 ~]# systemctl restart nginx
3.配置本地hosts
1、篡改hosts测试
10.10.0.7 linux12.jc.com
4.篡改网站
[root@lb01 conf.d]# cat linux12.jc.com.conf
server {
listen 80;
server_name linux12.jc.com;
location / {
proxy_pass http://10.10.0.7:80;
include proxy_params;
sub_filter '<title>LOVE YOU</title>' <title>霉霉</title> ;
}
}
## nginx -t检查并重启
[root@web01 ~]# systemctl restart nginx
5.重启配置本地hosts
10.10.0.5 linux12.jc.com
6.HTTPS证书下发流程
![[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-TLB4qoOf-1617875662917)(C:\Users\17155\Desktop\下载图片\1617800341441.png)]](https://img-blog.csdnimg.cn/20210408175610220.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L21tOTcwOTE5,size_16,color_FFFFFF,t_70)
7 HTTP 流程
