Сайтостроение Ssl Everywhere Manager - Https Mode, Hsts Policy, Csp Anti-xss

    Голосов: 0
  • #1
SSL Everywhere Manager - HTTPS Mode, HSTS Policy, CSP Anti-XSS
Dhaupin

1175

Why encrypt your store? Customers love to see a green lock! Opencart supports SSL, but it doesn't force all pages to use HTTPS. These extensions will fix that and more.

"SSL Manager" is a pack of vQmods that will extend the OpenCart SSL system and allow you to force SSL everywhere, as well as set custom encryption policies for each store. You will be able to manage SSL forced HTTPS 301 redirects, HSTS transport policies, and content protection without having to use code or htaccess. Your stores will gain the search boost they deserve, and because of the extra policies, run more secure.

The new settings will be available in the "server" tab under the SSL settings already found for each of your stores. You can choose between a variety of SSL modes or even lock down your content like big institutions and banks.

SSL Manager Features:

SSL Forced HTTPS Redirect
- It is important that your site is not accessible in HTTP mode. This setting will force all pages to 301 redirect to their HTTPS version and make SSL mode everywhere. All pages in store will now have HTTPS (a green lock) in the URL. Non-secure URL's will no longer be available.

SSL With HSTS Policy - Strict Transport Security (HSTS) is a policy that tells browsers to run your domain HTTPS. It makes browsers remember that they should always be looking for secure pages even if a non-SSL page is available. If a user tries to access a non-SSL page, HSTS will use a client side 307 redirect to force them to HTTPS mode. This setting has a cache time and extra flags that you may set.

SSL With Content Security Policy - Modern browsers are able to understand a Content Security Policy (CSP) which regulates what HTTPS scripts are allowed to load in your store. The goal of CSP is to prevent "cross site scripting" and "man in the middle" attacks. This is an advanced setting for those who want to lock down their stores.

SSL Protocol-Relative Media - OpenCart uses non-secure URLs when uploading media with the file manager. Things like images may cause a "broken lock" on your pages. This setting automatically removes protocol to generate correct relative URLs for new media.


Standalone SSL Mods:

SSL Forced Protocol Assets
- This extra mod will detect whether HTTPS links are needed in self generating areas of your store, and fall back to standard HTTP mode if SSL-OFF setting demands it.

SSL Proxy & Balancer Support - This extra mod will detect whether or not OpenCart is using a reverse proxy or load balancer such as CloudFlare. If correct headers are present, OC can even use CF with its free SSL.

SSL Old Source Data Bully - This extra mod will try to render WYSIWYG descriptions using relative src URLs. Disable once you repair the old data.


Продажник:

Ссылка доступна для пользователей с группой: Премиум 


Скачать:

Ссылка доступна для пользователей с группой: Премиум 

Материал может быть удален по просьбе
 
Похожие темы
Ответы
0
Просмотры
401
Сверху