{"id":2496,"date":"2025-11-25T12:54:15","date_gmt":"2025-11-25T09:54:15","guid":{"rendered":"https:\/\/www.dchost.com\/blog\/httpden-httpse-gecis-rehberi-301-yonlendirme-hsts-ve-seoyu-korumak\/"},"modified":"2025-11-25T12:54:15","modified_gmt":"2025-11-25T09:54:15","slug":"httpden-httpse-gecis-rehberi-301-yonlendirme-hsts-ve-seoyu-korumak","status":"publish","type":"post","link":"https:\/\/www.dchost.com\/blog\/httpden-httpse-gecis-rehberi-301-yonlendirme-hsts-ve-seoyu-korumak\/","title":{"rendered":"HTTP&#8217;den HTTPS&#8217;e Ge\u00e7i\u015f Rehberi: 301 Y\u00f6nlendirme, HSTS ve SEO\u2019yu Korumak"},"content":{"rendered":"<div class=\"dchost-blog-content-wrapper\"><div id=\"toc_container\" class=\"toc_transparent no_bullets\"><p class=\"toc_title\">\u0130&ccedil;indekiler<\/p><ul class=\"toc_list\"><li><a href=\"#Neden_HTTP8217den_HTTPS8217e_Gecmek_Artik_Zorunlu_Hale_Geldi\"><span class=\"toc_number toc_depth_1\">1<\/span> Neden HTTP&#8217;den HTTPS&#8217;e Ge\u00e7mek Art\u0131k Zorunlu Hale Geldi?<\/a><\/li><li><a href=\"#HTTPSe_Gecmeden_Once_Yapilmasi_Gereken_Planlama\"><span class=\"toc_number toc_depth_1\">2<\/span> HTTPS\u2019e Ge\u00e7meden \u00d6nce Yap\u0131lmas\u0131 Gereken Planlama<\/a><ul><li><a href=\"#Alan_adi_ve_alt_alan_adlarini_envanter_cikarma\"><span class=\"toc_number toc_depth_2\">2.1<\/span> Alan ad\u0131 ve alt alan adlar\u0131n\u0131 envanter \u00e7\u0131karma<\/a><\/li><li><a href=\"#Hangi_SSL_sertifika_turunu_sececeginize_karar_verme\"><span class=\"toc_number toc_depth_2\">2.2<\/span> Hangi SSL sertifika t\u00fcr\u00fcn\u00fc se\u00e7ece\u011finize karar verme<\/a><\/li><li><a href=\"#Altyapi_paylasimli_hosting_mi_VPSdedicated_mi\"><span class=\"toc_number toc_depth_2\">2.3<\/span> Altyap\u0131: payla\u015f\u0131ml\u0131 hosting mi, VPS\/dedicated mi?<\/a><\/li><\/ul><\/li><li><a href=\"#SSL_Sertifikasi_Kurulumu_cPanel_Plesk_Nginx_ve_Apache_Kisa_Ozet\"><span class=\"toc_number toc_depth_1\">3<\/span> SSL Sertifikas\u0131 Kurulumu: cPanel, Plesk, Nginx ve Apache K\u0131sa \u00d6zet<\/a><ul><li><a href=\"#cPanel_veya_Plesk_uzerinde_SSL_kurulumunun_mantigi\"><span class=\"toc_number toc_depth_2\">3.1<\/span> cPanel veya Plesk \u00fczerinde SSL kurulumunun mant\u0131\u011f\u0131<\/a><\/li><li><a href=\"#Nginx_uzerinde_temel_HTTPS_yapilandirmasi\"><span class=\"toc_number toc_depth_2\">3.2<\/span> Nginx \u00fczerinde temel HTTPS yap\u0131land\u0131rmas\u0131<\/a><\/li><li><a href=\"#Apache_uzerinde_temel_HTTPS_yapilandirmasi\"><span class=\"toc_number toc_depth_2\">3.3<\/span> Apache \u00fczerinde temel HTTPS yap\u0131land\u0131rmas\u0131<\/a><\/li><li><a href=\"#ACME_otomasyonu_ve_wildcard_sertifikalar\"><span class=\"toc_number toc_depth_2\">3.4<\/span> ACME otomasyonu ve wildcard sertifikalar<\/a><\/li><\/ul><\/li><li><a href=\"#HTTP8217den_HTTPS8217e_301_Yonlendirme_Nasil_Kurulur\"><span class=\"toc_number toc_depth_1\">4<\/span> HTTP&#8217;den HTTPS&#8217;e 301 Y\u00f6nlendirme Nas\u0131l Kurulur?<\/a><ul><li><a href=\"#Neden_mutlaka_301_kullanmalisiniz\"><span class=\"toc_number toc_depth_2\">4.1<\/span> Neden mutlaka 301 kullanmal\u0131s\u0131n\u0131z?<\/a><\/li><li><a href=\"#Apache_htaccess_ile_tum_trafigi_HTTPSe_yonlendirmek\"><span class=\"toc_number toc_depth_2\">4.2<\/span> Apache \/ .htaccess ile t\u00fcm trafi\u011fi HTTPS\u2019e y\u00f6nlendirmek<\/a><\/li><li><a href=\"#Nginx_ile_HTTP_HTTPS_yonlendirme\"><span class=\"toc_number toc_depth_2\">4.3<\/span> Nginx ile HTTP \u2192 HTTPS y\u00f6nlendirme<\/a><\/li><li><a href=\"#Panel_cPanelPlesk_uzerinden_yonlendirme\"><span class=\"toc_number toc_depth_2\">4.4<\/span> Panel (cPanel\/Plesk) \u00fczerinden y\u00f6nlendirme<\/a><\/li><\/ul><\/li><li><a href=\"#HSTS_Preload_ve_Diger_Guvenlik_Basliklari\"><span class=\"toc_number toc_depth_1\">5<\/span> HSTS, Preload ve Di\u011fer G\u00fcvenlik Ba\u015fl\u0131klar\u0131<\/a><ul><li><a href=\"#HSTS_nedir_neden_onemlidir\"><span class=\"toc_number toc_depth_2\">5.1<\/span> HSTS nedir, neden \u00f6nemlidir?<\/a><\/li><li><a href=\"#HSTS_preload_listesi_ve_dikkat_edilmesi_gerekenler\"><span class=\"toc_number toc_depth_2\">5.2<\/span> HSTS preload listesi ve dikkat edilmesi gerekenler<\/a><\/li><\/ul><\/li><li><a href=\"#SEO_Kaybi_Yasamadan_HTTPSe_Gecis_Kontrol_Listesi\"><span class=\"toc_number toc_depth_1\">6<\/span> SEO Kayb\u0131 Ya\u015famadan HTTPS\u2019e Ge\u00e7i\u015f Kontrol Listesi<\/a><ul><li><a href=\"#1_Tum_HTTP_URLleri_301_ile_HTTPSe_yonleniyor_mu\"><span class=\"toc_number toc_depth_2\">6.1<\/span> 1. T\u00fcm HTTP URL\u2019leri 301 ile HTTPS\u2019e y\u00f6nleniyor mu?<\/a><\/li><li><a href=\"#2_Canonical_etiketlerinizi_guncellediniz_mi\"><span class=\"toc_number toc_depth_2\">6.2<\/span> 2. Canonical etiketlerinizi g\u00fcncellediniz mi?<\/a><\/li><li><a href=\"#3_XML_sitemap_ve_robotstxt_guncellemesi\"><span class=\"toc_number toc_depth_2\">6.3<\/span> 3. XML sitemap ve robots.txt g\u00fcncellemesi<\/a><\/li><li><a href=\"#4_Ic_linkler_ve_mixed_content_sorunlari\"><span class=\"toc_number toc_depth_2\">6.4<\/span> 4. \u0130\u00e7 linkler ve mixed content sorunlar\u0131<\/a><\/li><li><a href=\"#5_Google_Search_Console_ve_Analytics_ayarlari\"><span class=\"toc_number toc_depth_2\">6.5<\/span> 5. Google Search Console ve Analytics ayarlar\u0131<\/a><\/li><li><a href=\"#6_Backlink_ve_harici_link_gozden_gecirmesi\"><span class=\"toc_number toc_depth_2\">6.6<\/span> 6. Backlink ve harici link g\u00f6zden ge\u00e7irmesi<\/a><\/li><li><a href=\"#7_Performans_HTTP2_HTTP3_ve_TLS_ayarlari\"><span class=\"toc_number toc_depth_2\">6.7<\/span> 7. Performans: HTTP\/2, HTTP\/3 ve TLS ayarlar\u0131<\/a><\/li><\/ul><\/li><li><a href=\"#Gercek_Dunya_Senaryolari_Blog_E-ticaret_ve_SaaS_Gecisleri\"><span class=\"toc_number toc_depth_1\">7<\/span> Ger\u00e7ek D\u00fcnya Senaryolar\u0131: Blog, E-ticaret ve SaaS Ge\u00e7i\u015fleri<\/a><ul><li><a href=\"#Kucuk_WordPress_blog_Tek_domain_tek_sertifika\"><span class=\"toc_number toc_depth_2\">7.1<\/span> K\u00fc\u00e7\u00fck WordPress blog: Tek domain, tek sertifika<\/a><\/li><li><a href=\"#E-ticaret_sitesi_Cok_alt_alan_sepetodeme_sayfalarinda_ekstra_dikkat\"><span class=\"toc_number toc_depth_2\">7.2<\/span> E-ticaret sitesi: \u00c7ok alt alan, sepet\/\u00f6deme sayfalar\u0131nda ekstra dikkat<\/a><\/li><li><a href=\"#SaaS_uygulamasi_Subdomain-temelli_cok_kiracili_yapi\"><span class=\"toc_number toc_depth_2\">7.3<\/span> SaaS uygulamas\u0131: Subdomain-temelli \u00e7ok kirac\u0131l\u0131 yap\u0131<\/a><\/li><\/ul><\/li><li><a href=\"#DCHost_Altyapisinda_HTTPS_Gecisini_Kolaylastiran_Noktalar\"><span class=\"toc_number toc_depth_1\">8<\/span> DCHost Altyap\u0131s\u0131nda HTTPS Ge\u00e7i\u015fini Kolayla\u015ft\u0131ran Noktalar<\/a><\/li><li><a href=\"#Ozet_Yol_Haritasi_ve_Son_Adim\"><span class=\"toc_number toc_depth_1\">9<\/span> \u00d6zet, Yol Haritas\u0131 ve Son Ad\u0131m<\/a><\/li><\/ul><\/div>\n<h2><span id=\"Neden_HTTP8217den_HTTPS8217e_Gecmek_Artik_Zorunlu_Hale_Geldi\">Neden HTTP&#8217;den HTTPS&#8217;e Ge\u00e7mek Art\u0131k Zorunlu Hale Geldi?<\/span><\/h2>\n<p>Art\u0131k sadece e-ticaret siteleri de\u011fil, en basit blog projeleri bile HTTPS kullanmak zorunda. Taray\u0131c\u0131lar <strong>HTTP siteleri &#8220;g\u00fcvenli de\u011fil&#8221;<\/strong> etiketiyle i\u015faretliyor, arama motorlar\u0131 HTTPS\u2019i do\u011frudan bir <strong>s\u0131ralama sinyali<\/strong> olarak kullan\u0131yor ve kullan\u0131c\u0131lar adres \u00e7ubu\u011funda kilit ikonu g\u00f6rmeden kart bilgilerini b\u0131rakmak istemiyor. Yani konu sadece teknik bir tercih de\u011fil, do\u011frudan <strong>g\u00fcven, d\u00f6n\u00fc\u015f\u00fcm ve SEO<\/strong> meselesi.<\/p>\n<p>Biz DCHost taraf\u0131nda projelerin mimari tasar\u0131m ve kapasite planlama toplant\u0131lar\u0131nda art\u0131k ilk soruyu genelde \u015f\u00f6yle soruyoruz: \u201cBu siteyi <strong>HTTPS-first<\/strong> olarak m\u0131 kurguluyoruz, yoksa sonradan yamalayacak m\u0131y\u0131z?\u201d Deneyim g\u00f6steriyor ki HTTPS\u2019i en ba\u015ftan do\u011fru kurgulayanlar, ileride HSTS, HTTP\/3, CDN, WAF ve performans iyile\u015ftirmelerinde \u00e7ok daha rahat hareket ediyor. Bu rehberde, HTTP\u2019den HTTPS\u2019e ge\u00e7erken:<\/p>\n<ul>\n<li>Do\u011fru <a href=\"https:\/\/www.dchost.com\/tr\/ssl\">SSL sertifikas\u0131<\/a>n\u0131 nas\u0131l se\u00e7ece\u011finizi,<\/li>\n<li>301 y\u00f6nlendirmeleri hatas\u0131z nas\u0131l kuraca\u011f\u0131n\u0131z\u0131,<\/li>\n<li>HSTS\u2019i ne zaman ve nas\u0131l devreye alaca\u011f\u0131n\u0131z\u0131,<\/li>\n<li>Ve en kritik nokta olarak <strong>SEO kayb\u0131 ya\u015famadan<\/strong> ge\u00e7i\u015fi nas\u0131l tamamlayaca\u011f\u0131n\u0131z\u0131<\/li>\n<\/ul>\n<p>ad\u0131m ad\u0131m ve pratik bir kontrol listesi e\u015fli\u011finde anlataca\u011f\u0131z. Anlatt\u0131klar\u0131m\u0131z hem <strong>payla\u015f\u0131ml\u0131 hosting<\/strong> ortamlar\u0131nda hem de DCHost \u00fczerindeki <strong>VPS ve dedicated<\/strong> sunucularda birebir uygulanabilir.<\/p>\n<h2><span id=\"HTTPSe_Gecmeden_Once_Yapilmasi_Gereken_Planlama\">HTTPS\u2019e Ge\u00e7meden \u00d6nce Yap\u0131lmas\u0131 Gereken Planlama<\/span><\/h2>\n<h3><span id=\"Alan_adi_ve_alt_alan_adlarini_envanter_cikarma\">Alan ad\u0131 ve alt alan adlar\u0131n\u0131 envanter \u00e7\u0131karma<\/span><\/h3>\n<p>Sa\u011flam bir HTTPS ge\u00e7i\u015fi, \u00f6nce neleri etkiledi\u011finizi bilmekle ba\u015flar. \u015eu sorulara net cevab\u0131n\u0131z olmal\u0131:<\/p>\n<ul>\n<li>Hangi alan adlar\u0131 var? (example.com, example.net vb.)<\/li>\n<li>Hangi alt alanlar yay\u0131nda? (www, api, shop, blog, panel vb.)<\/li>\n<li>Ayn\u0131 i\u00e7erik birden fazla alan ad\u0131nda m\u0131 yay\u0131nlan\u0131yor? (alias domainler)<\/li>\n<li>Mobil alt alan, \u00fclke bazl\u0131 alt alan (<code>tr.example.com<\/code>, <code>en.example.com<\/code>) var m\u0131?<\/li>\n<\/ul>\n<p>Bu envanter size \u015fu iki konuda yol g\u00f6sterecek:<\/p>\n<ol>\n<li>Hangi t\u00fcr SSL sertifikas\u0131na ihtiyac\u0131n\u0131z oldu\u011fu,<\/li>\n<li>301 y\u00f6nlendirmeleri nas\u0131l tasarlaman\u0131z gerekti\u011fi.<\/li>\n<\/ol>\n<h3><span id=\"Hangi_SSL_sertifika_turunu_sececeginize_karar_verme\">Hangi SSL sertifika t\u00fcr\u00fcn\u00fc se\u00e7ece\u011finize karar verme<\/span><\/h3>\n<p>Tek alan ad\u0131n\u0131z ve sadece <code>www<\/code> + k\u00f6k etki alan\u0131 kullan\u0131m\u0131n\u0131z varsa <strong>standart DV<\/strong> (Domain Validation) sertifika \u00e7o\u011fu zaman yeterli. \u00c7ok say\u0131da alt alan kullan\u0131yorsan\u0131z <strong>wildcard SSL<\/strong>, kurumsal kimli\u011finizi vurgulamak istiyorsan\u0131z <strong>OV\/EV sertifikalar<\/strong> g\u00fcndeme gelir.<\/p>\n<p>Bu karar s\u00fcrecini detayl\u0131 anlatt\u0131\u011f\u0131m\u0131z <a href=\"https:\/\/www.dchost.com\/blog\/ucretsiz-lets-encrypt-mi-kurumsal-ssl-sertifikasi-mi-e%e2%80%91ticaret-ve-kurumsal-siteler-icin-yol-haritasi\/\">&#8220;\u00dccretsiz Let\u2019s Encrypt mi, Kurumsal SSL Sertifikas\u0131 m\u0131?&#8221; rehberine<\/a> mutlaka g\u00f6z atman\u0131z\u0131 \u00f6neririz. Orada e-ticaret, kurumsal site ve SaaS senaryolar\u0131n\u0131 ayr\u0131 ayr\u0131 de\u011ferlendiriyoruz.<\/p>\n<h3><span id=\"Altyapi_paylasimli_hosting_mi_VPSdedicated_mi\">Altyap\u0131: <a href=\"https:\/\/www.dchost.com\/tr\/web-hosting\">payla\u015f\u0131ml\u0131 hosting<\/a> mi, VPS\/dedicated mi?<\/span><\/h3>\n<p>HTTPS ge\u00e7i\u015finin <strong>teknik zorlu\u011fu<\/strong> b\u00fcy\u00fck oranda altyap\u0131n\u0131za ba\u011fl\u0131:<\/p>\n<ul>\n<li><strong>Payla\u015f\u0131ml\u0131 hosting:<\/strong> Genellikle cPanel\/Plesk gibi paneller \u00fczerinden 1-2 t\u0131kla SSL kurulabiliyor, \u00e7o\u011fu zaman Let\u2019s Encrypt otomatik sunuluyor. 301 y\u00f6nlendirme ve HSTS ayarlar\u0131n\u0131 .htaccess veya panel \u00fczerinden yap\u0131yorsunuz.<\/li>\n<li><strong>VPS veya <a href=\"https:\/\/www.dchost.com\/tr\/fiziksel-sunucu\">dedicated sunucu<\/a>:<\/strong> Nginx\/Apache\/Caddy gibi web sunucular\u0131n\u0131 kendiniz y\u00f6netiyorsan\u0131z daha fazla esneklik ama ayn\u0131 zamanda daha fazla sorumluluk var. Sertifika yenileme otomasyonundan HSTS ve HTTP\/3 ayarlar\u0131na kadar her \u015feyi siz (veya bizim y\u00f6netilen hizmetlerimiz) kurguluyor.<\/li>\n<\/ul>\n<p>E\u011fer proje b\u00fcy\u00fcyor, trafik art\u0131yor ve g\u00fcvenlik\/g\u00fcncelleme y\u00fck\u00fc sizi zorluyorsa, DCHost \u00fczerinde <strong>y\u00f6netilen VPS veya dedicated<\/strong> \u00e7\u00f6z\u00fcmleri tercih edip SSL, y\u00f6nlendirme ve g\u00fcvenlik ba\u015fl\u0131klar\u0131n\u0131 ekibimize b\u0131rakabilirsiniz.<\/p>\n<h2><span id=\"SSL_Sertifikasi_Kurulumu_cPanel_Plesk_Nginx_ve_Apache_Kisa_Ozet\">SSL Sertifikas\u0131 Kurulumu: cPanel, Plesk, Nginx ve Apache K\u0131sa \u00d6zet<\/span><\/h2>\n<h3><span id=\"cPanel_veya_Plesk_uzerinde_SSL_kurulumunun_mantigi\">cPanel veya Plesk \u00fczerinde SSL kurulumunun mant\u0131\u011f\u0131<\/span><\/h3>\n<p>Payla\u015f\u0131ml\u0131 hosting veya y\u00f6netim paneli olan sunucularda s\u00fcre\u00e7 benzer ilerler:<\/p>\n<ol>\n<li>Alan ad\u0131n\u0131 hesab\u0131n\u0131za ekleyin (addon domain \/ subscription).<\/li>\n<li>Paneldeki <strong>SSL\/TLS<\/strong> veya <strong>SSL Sertifikalar\u0131<\/strong> b\u00f6l\u00fcm\u00fcne girin.<\/li>\n<li>Let\u2019s Encrypt veya benzeri \u00fccretsiz sa\u011flay\u0131c\u0131y\u0131 se\u00e7in, alan ad\u0131n\u0131 i\u015faretleyip sertifika kurulumunu ba\u015flat\u0131n.<\/li>\n<li>DNS kay\u0131tlar\u0131n\u0131z do\u011fruysa (\u00f6zellikle A\/AAAA), birka\u00e7 saniye i\u00e7inde sertifika kurulur.<\/li>\n<\/ol>\n<p>Modern panellerde genellikle <strong>otomatik yenileme<\/strong> varsay\u0131lan olarak aktif gelir. Yine de sertifika s\u00fcresini ve yenileme loglar\u0131n\u0131 takip etmenizi \u00f6neririz. Sertifika hatalar\u0131 ve taray\u0131c\u0131 uyar\u0131lar\u0131n\u0131 nas\u0131l okuyaca\u011f\u0131n\u0131z\u0131 detayl\u0131 olarak <a href=\"https:\/\/www.dchost.com\/blog\/ssl-sertifika-hatalari-rehberi-mixed-content-not-secure-ve-tarayici-uyarilarini-hosting-tarafinda-cozmek\/\">&#8220;SSL Sertifika Hatalar\u0131 Rehberi&#8221; yaz\u0131m\u0131zda<\/a> anlatt\u0131k.<\/p>\n<h3><span id=\"Nginx_uzerinde_temel_HTTPS_yapilandirmasi\">Nginx \u00fczerinde temel HTTPS yap\u0131land\u0131rmas\u0131<\/span><\/h3>\n<p>VPS veya dedicated \u00fczerinde Nginx kullan\u0131yorsan\u0131z, tipik bir HTTPS sunucu blo\u011fu \u015f\u00f6yle g\u00f6r\u00fcn\u00fcr:<\/p>\n<pre class=\"language-nginx line-numbers\"><code class=\"language-nginx\">server {\n    listen 443 ssl http2;\n    server_name example.com www.example.com;\n\n    ssl_certificate     \/etc\/letsencrypt\/live\/example.com\/fullchain.pem;\n    ssl_certificate_key \/etc\/letsencrypt\/live\/example.com\/privkey.pem;\n\n    # G\u00fcvenli protokol ve \u015fifreler i\u00e7in TLS 1.3 rehberimize bak\u0131n\n    # ...\n\n    root \/var\/www\/html;\n    index index.php index.html;\n\n    # Uygulama konfig\u00fcrasyonlar\u0131\n}\n<\/code><\/pre>\n<p>Burada dikkat edilmesi gereken noktalar:<\/p>\n<ul>\n<li><code>listen 443 ssl http2;<\/code> sat\u0131r\u0131yla HTTPS ve HTTP\/2 etkinle\u015ftirilir.<\/li>\n<li>Sertifika yollar\u0131n\u0131z Let\u2019s Encrypt veya kulland\u0131\u011f\u0131n\u0131z CA\u2019ya g\u00f6re de\u011fi\u015fir.<\/li>\n<li>HTTP\u2019den HTTPS\u2019e y\u00f6nlendirmeyi ayr\u0131 bir <code>server<\/code> blo\u011fu ile yapaca\u011f\u0131z (bir sonraki b\u00f6l\u00fcmde).<\/li>\n<\/ul>\n<p>Nginx\u2019te TLS 1.3, OCSP Stapling ve Brotli s\u0131k\u0131\u015ft\u0131rmay\u0131 ad\u0131m ad\u0131m kurmak i\u00e7in <a href=\"https:\/\/www.dchost.com\/blog\/nginxte-tls-1-3-ocsp-stapling-ve-brotli-nasil-kurulur-hizli-ve-guvenli-httpsnin-sicacik-rehberi\/\">&#8220;Nginx\u2019te TLS 1.3, OCSP Stapling ve Brotli&#8221; rehberimize<\/a> mutlaka bak\u0131n; HTTPS performans\u0131n\u0131 do\u011frudan etkileyen ayarlar orada.<\/p>\n<h3><span id=\"Apache_uzerinde_temel_HTTPS_yapilandirmasi\">Apache \u00fczerinde temel HTTPS yap\u0131land\u0131rmas\u0131<\/span><\/h3>\n<p>Apache taraf\u0131nda ise genellikle \u015fu yap\u0131ya benzer bir <code>VirtualHost<\/code> kullan\u0131l\u0131r:<\/p>\n<pre class=\"language-apache line-numbers\"><code class=\"language-apache\">&lt;VirtualHost *:443&gt;\n    ServerName example.com\n    ServerAlias www.example.com\n\n    DocumentRoot \/var\/www\/html\n\n    SSLEngine on\n    SSLCertificateFile \/etc\/letsencrypt\/live\/example.com\/fullchain.pem\n    SSLCertificateKeyFile \/etc\/letsencrypt\/live\/example.com\/privkey.pem\n\n    # Di\u011fer ayarlar (Rewrite, PHP-FPM, vb.)\n&lt;\/VirtualHost&gt;\n<\/code><\/pre>\n<p>Apache\u2019de HTTP\u2019den HTTPS\u2019e y\u00f6nlendirme i\u00e7in genellikle <code>mod_rewrite<\/code> veya <code>VirtualHost *:80<\/code> i\u00e7inde <code>Redirect 301<\/code> kullan\u0131l\u0131r; bunu da 301 y\u00f6nlendirme b\u00f6l\u00fcm\u00fcnde detayland\u0131raca\u011f\u0131z.<\/p>\n<h3><span id=\"ACME_otomasyonu_ve_wildcard_sertifikalar\">ACME otomasyonu ve wildcard sertifikalar<\/span><\/h3>\n<p>Birden fazla alt alan\u0131 olan, staging\/canl\u0131 ortamlar\u0131 ayr\u0131 subdomain\u2019lerde tutan SaaS projeleri i\u00e7in wildcard SSL ve otomatik yenileme kritik hale gelir. DNS tabanl\u0131 do\u011frulama ve wildcard otomasyonu i\u00e7in <a href=\"https:\/\/www.dchost.com\/blog\/lets-encrypt-wildcard-ssl-otomasyonu-dns-01-ile-cpanel-plesk-ve-nginxte-zahmetsiz-kurulum-ve-yenileme-nasil-yapilir\/\">&#8220;Let\u2019s Encrypt Wildcard SSL Otomasyonu&#8221; rehberinde<\/a> DNS-01 challenge ve panel entegrasyonlar\u0131n\u0131 ad\u0131m ad\u0131m anlatt\u0131k.<\/p>\n<h2><span id=\"HTTP8217den_HTTPS8217e_301_Yonlendirme_Nasil_Kurulur\">HTTP&#8217;den HTTPS&#8217;e 301 Y\u00f6nlendirme Nas\u0131l Kurulur?<\/span><\/h2>\n<h3><span id=\"Neden_mutlaka_301_kullanmalisiniz\">Neden mutlaka 301 kullanmal\u0131s\u0131n\u0131z?<\/span><\/h3>\n<p>HTTP\u2019den HTTPS\u2019e ge\u00e7i\u015f, arama motorlar\u0131 a\u00e7\u0131s\u0131ndan <strong>kal\u0131c\u0131 bir adres de\u011fi\u015fikli\u011fi<\/strong>dir. Bu nedenle <strong>301 (Moved Permanently)<\/strong> kullanmak zorundas\u0131n\u0131z. 302 gibi ge\u00e7ici y\u00f6nlendirmeler, hem SEO sinyallerinin tam ta\u015f\u0131nmamas\u0131na hem de arama motorlar\u0131n\u0131n yeni adresleri kal\u0131c\u0131 g\u00f6rmemesine neden olabilir.<\/p>\n<p>301, 302, 404, 410 ve 5xx kodlar\u0131n\u0131n SEO ve hosting taraf\u0131ndaki etkilerini detayl\u0131ca inceledi\u011fimiz <a href=\"https:\/\/www.dchost.com\/blog\/http-durum-kodlari-seo-ve-hosting-icin-301-302-404-410-ve-5xx-rehberi\/\">&#8220;HTTP Durum Kodlar\u0131 Rehberi&#8221; yaz\u0131m\u0131za<\/a> g\u00f6z atarsan\u0131z y\u00f6nlendirme stratejinizi \u00e7ok daha sa\u011flam kurabilirsiniz.<\/p>\n<h3><span id=\"Apache_htaccess_ile_tum_trafigi_HTTPSe_yonlendirmek\">Apache \/ .htaccess ile t\u00fcm trafi\u011fi HTTPS\u2019e y\u00f6nlendirmek<\/span><\/h3>\n<p>Payla\u015f\u0131ml\u0131 hosting veya .htaccess kullanan Apache kurulumlar\u0131nda temel senaryo \u015fudur: Gelen t\u00fcm HTTP isteklerini ayn\u0131 URL\u2019nin HTTPS versiyonuna kal\u0131c\u0131 (301) olarak y\u00f6nlendirirsiniz.<\/p>\n<p>.htaccess i\u00e7ine eklenecek tipik bir kural:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">RewriteEngine On\nRewriteCond %{HTTPS} !=on\nRewriteRule ^(.*)$ https:\/\/%{HTTP_HOST}\/$1 [L,R=301]\n<\/code><\/pre>\n<p>Birka\u00e7 \u00f6nemli not:<\/p>\n<ul>\n<li>Bu kural\u0131 m\u00fcmk\u00fcnse dosyan\u0131n ba\u015f\u0131na, di\u011fer rewrite kurallar\u0131ndan \u00f6nce ekleyin.<\/li>\n<li>E\u011fer alt dizin kurulumunuz varsa (<code>\/blog<\/code> gibi), DocumentRoot ve RewriteBase ayarlar\u0131n\u0131 ayr\u0131ca kontrol edin.<\/li>\n<li>Birden \u00e7ok kez HTTPS\u2019e y\u00f6nlendirme yapmamak i\u00e7in (redirect chain), var olan kurallar\u0131n\u0131zla \u00e7ak\u0131\u015fmad\u0131\u011f\u0131ndan emin olun.<\/li>\n<\/ul>\n<h3><span id=\"Nginx_ile_HTTP_HTTPS_yonlendirme\">Nginx ile HTTP \u2192 HTTPS y\u00f6nlendirme<\/span><\/h3>\n<p>Nginx\u2019te HTTP ve HTTPS i\u00e7in genellikle iki ayr\u0131 <code>server<\/code> blo\u011fu kullan\u0131r\u0131z. HTTP blo\u011fu sadece y\u00f6nlendirme yapar:<\/p>\n<pre class=\"language-nginx line-numbers\"><code class=\"language-nginx\">server {\n    listen 80;\n    server_name example.com www.example.com;\n\n    return 301 https:\/\/$host$request_uri;\n}\n<\/code><\/pre>\n<p>Bu yap\u0131:<\/p>\n<ul>\n<li>T\u00fcm <code>http:\/\/example.com\/*<\/code> ve <code>http:\/\/www.example.com\/*<\/code> isteklerini,<\/li>\n<li>Ayn\u0131 path ve query string ile <code>https:\/\/<\/code> versiyonuna y\u00f6nlendirir.<\/li>\n<\/ul>\n<p>HTTP ve HTTPS i\u00e7in <code>server_name<\/code> de\u011ferlerinin birebir uyumlu olmas\u0131, ileride HSTS ve preload a\u015famas\u0131nda kar\u0131\u015f\u0131kl\u0131k ya\u015famaman\u0131z a\u00e7\u0131s\u0131ndan \u00f6nemlidir.<\/p>\n<h3><span id=\"Panel_cPanelPlesk_uzerinden_yonlendirme\">Panel (cPanel\/Plesk) \u00fczerinden y\u00f6nlendirme<\/span><\/h3>\n<p>Bir\u00e7ok panel, &#8220;Domain y\u00f6nlendirme&#8221; veya &#8220;Force HTTPS&#8221; tarz\u0131 bir se\u00e7enek sunuyor. Bu t\u00fcr butonlar genellikle arka planda .htaccess veya sanal host yap\u0131land\u0131rmas\u0131n\u0131 bizim biraz \u00f6nce yazd\u0131\u011f\u0131m\u0131z kurallarla g\u00fcncelliyor. Yine de \u015fu konular\u0131 manuel kontrol etmenizde fayda var:<\/p>\n<ul>\n<li>Y\u00f6nlendirme ger\u00e7ekten <strong>301<\/strong> mi? (302 de\u011fil)<\/li>\n<li>Y\u00f6nlendirme hedefi tam olarak <code>https:\/\/alanadiniz.com\/<\/code> mu?<\/li>\n<li><strong>Redirect chain<\/strong> olu\u015fuyor mu? (HTTP \u2192 www \u2192 HTTPS gibi gereksiz \u00e7ift atlamalar)<\/li>\n<\/ul>\n<p>Taray\u0131c\u0131 geli\u015ftirici ara\u00e7lar\u0131ndaki Network sekmesi veya komut sat\u0131r\u0131nda <code>curl -I http:\/\/example.com<\/code> ile gelen yan\u0131t ba\u015fl\u0131klar\u0131n\u0131 inceleyerek 301\u2019in do\u011fru \u00e7al\u0131\u015ft\u0131\u011f\u0131n\u0131 do\u011frulayabilirsiniz.<\/p>\n<h2><span id=\"HSTS_Preload_ve_Diger_Guvenlik_Basliklari\">HSTS, Preload ve Di\u011fer G\u00fcvenlik Ba\u015fl\u0131klar\u0131<\/span><\/h2>\n<h3><span id=\"HSTS_nedir_neden_onemlidir\">HSTS nedir, neden \u00f6nemlidir?<\/span><\/h3>\n<p><strong>HSTS (HTTP Strict Transport Security)<\/strong>, taray\u0131c\u0131ya \u201cBu alan ad\u0131na bir daha asla HTTP \u00fczerinden gelme, her zaman HTTPS kullan\u201d diyen bir g\u00fcvenlik ba\u015fl\u0131\u011f\u0131d\u0131r. B\u00f6ylece:<\/p>\n<ul>\n<li>Kullan\u0131c\u0131 <code>http:\/\/<\/code> yazsa bile taray\u0131c\u0131 otomatik olarak HTTPS\u2019e \u00e7evirir.<\/li>\n<li>SSL strip gibi baz\u0131 sald\u0131r\u0131 vekt\u00f6rlerinin \u00f6n\u00fcne ge\u00e7ilir.<\/li>\n<li>G\u00fcvenlik denetimlerinde (\u00f6rn. PCI DSS) art\u0131 puan sa\u011flar.<\/li>\n<\/ul>\n<p>Temel HSTS ba\u015fl\u0131\u011f\u0131 \u00f6rne\u011fi:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">Strict-Transport-Security: max-age=31536000; includeSubDomains<\/code><\/pre>\n<p>Bunu Nginx i\u00e7in <code>add_header<\/code>, Apache i\u00e7in <code>Header always set<\/code> ile g\u00f6nderebilirsiniz.<\/p>\n<h3><span id=\"HSTS_preload_listesi_ve_dikkat_edilmesi_gerekenler\">HSTS preload listesi ve dikkat edilmesi gerekenler<\/span><\/h3>\n<p>HSTS\u2019i bir ad\u0131m ileri g\u00f6t\u00fcrmek i\u00e7in Chrome\u2019un HSTS <strong>preload<\/strong> listesine alan ad\u0131n\u0131z\u0131 ekleyebilirsiniz. Bu liste, taray\u0131c\u0131lara g\u00f6m\u00fcl\u00fc gelir; kullan\u0131c\u0131 sitenize ilk kez girerken bile taray\u0131c\u0131 HTTP\u2019ye hi\u00e7 dokunmadan do\u011frudan HTTPS\u2019e gider.<\/p>\n<p>Ancak burada b\u00fcy\u00fck bir sorumluluk var:<\/p>\n<ul>\n<li>Bir kez preload listesine girdikten sonra HTTP\u2019ye geri d\u00f6nmek \u00e7ok zordur.<\/li>\n<li>T\u00fcm alt alanlar\u0131n\u0131z (<code>includeSubDomains<\/code>) HTTPS desteklemiyorsa ciddi eri\u015fim sorunlar\u0131 ya\u015fanabilir.<\/li>\n<\/ul>\n<p>Bu nedenle:<\/p>\n<ol>\n<li>T\u00fcm alan ve alt alanlar\u0131n\u0131zda HTTPS\u2019in sorunsuz \u00e7al\u0131\u015ft\u0131\u011f\u0131ndan emin olun.<\/li>\n<li>\u00d6nce preload\u2019suz HSTS\u2019i (sadece header) birka\u00e7 hafta\/ay kullan\u0131n.<\/li>\n<li>Loglar\u0131, hatalar\u0131 ve kullan\u0131c\u0131 \u015fikayetlerini izleyin.<\/li>\n<li>Her \u015fey yolundaysa preload ba\u015fl\u0131\u011f\u0131n\u0131 ekleyip listeye ba\u015fvurun.<\/li>\n<\/ol>\n<p>HSTS ile birlikte CSP, X-Frame-Options gibi di\u011fer ba\u015fl\u0131klar\u0131 da do\u011fru kurmak i\u00e7in <a href=\"https:\/\/www.dchost.com\/blog\/http-guvenlik-basliklari-rehberi-hsts-csp-ve-digerlerini-ne-zaman-nasil-uygulamalisin\/\">&#8220;HTTP G\u00fcvenlik Ba\u015fl\u0131klar\u0131 Rehberi&#8221; yaz\u0131m\u0131za<\/a> mutlaka g\u00f6z at\u0131n.<\/p>\n<h2><span id=\"SEO_Kaybi_Yasamadan_HTTPSe_Gecis_Kontrol_Listesi\">SEO Kayb\u0131 Ya\u015famadan HTTPS\u2019e Ge\u00e7i\u015f Kontrol Listesi<\/span><\/h2>\n<h3><span id=\"1_Tum_HTTP_URLleri_301_ile_HTTPSe_yonleniyor_mu\">1. T\u00fcm HTTP URL\u2019leri 301 ile HTTPS\u2019e y\u00f6nleniyor mu?<\/span><\/h3>\n<p>\u0130lk ve en kritik ad\u0131m: <strong>Hi\u00e7bir HTTP URL\u2019si 200 d\u00f6nmemeli.<\/strong> Sitenizin:<\/p>\n<ul>\n<li>K\u00f6k adresini (<code>http:\/\/example.com<\/code>),<\/li>\n<li>\u00d6rnek bir kategori ve i\u00e7erik sayfas\u0131n\u0131,<\/li>\n<li>\u00d6zel sayfalar\u0131n\u0131z\u0131 (giri\u015f, sepet, \u00f6deme vb.),<\/li>\n<\/ul>\n<p>tek tek test edin. <code>curl -I<\/code> veya online HTTP header kontrol ara\u00e7lar\u0131yla d\u00f6nen kodun 301 oldu\u011fundan ve hedefin HTTPS oldu\u011fundan emin olun.<\/p>\n<h3><span id=\"2_Canonical_etiketlerinizi_guncellediniz_mi\">2. Canonical etiketlerinizi g\u00fcncellediniz mi?<\/span><\/h3>\n<p>Bir\u00e7ok sitede HTTPS\u2019e ge\u00e7ildikten sonra aylarca <code>&lt;link rel=\"canonical\" href=\"http:\/\/...\" \/&gt;<\/code> kald\u0131\u011f\u0131n\u0131 g\u00f6r\u00fcyoruz. Bu, arama motorlar\u0131na \u201cas\u0131l sayfa HTTP versiyonu\u201d mesaj\u0131 verir. Ge\u00e7i\u015ften hemen sonra:<\/p>\n<ul>\n<li>T\u00fcm sayfalar\u0131n canonical etiketlerini HTTPS olacak \u015fekilde g\u00fcncelleyin.<\/li>\n<li>CMS kullan\u0131yorsan\u0131z (WordPress, Magento vb.) site adresi ayar\u0131n\u0131 HTTPS\u2019e \u00e7ekin.<\/li>\n<\/ul>\n<p>WordPress \u00f6zelinde staging\/canl\u0131 ge\u00e7i\u015fi ve SSL sonras\u0131 adres d\u00fczenlemelerini nas\u0131l yapt\u0131\u011f\u0131m\u0131z\u0131 <a href=\"https:\/\/www.dchost.com\/blog\/wordpress-staging-ortami-nasil-kurulur-cpanelde-alt-alan-adi-klonlama-ve-guvenli-yayina-alma\/\">WordPress staging ortam\u0131 rehberimizde<\/a> ayr\u0131 bir senaryo olarak anlatt\u0131k.<\/p>\n<h3><span id=\"3_XML_sitemap_ve_robotstxt_guncellemesi\">3. XML sitemap ve robots.txt g\u00fcncellemesi<\/span><\/h3>\n<p>Arama motorlar\u0131na g\u00f6nderdi\u011finiz <strong>XML sitemap<\/strong> dosyalar\u0131 da art\u0131k HTTPS URL\u2019leri i\u00e7ermeli:<\/p>\n<ul>\n<li>CMS i\u00e7inde veya SEO eklentinizde (Yoast, RankMath vb.) site adresini HTTPS yap\u0131n.<\/li>\n<li>XML sitemap\u2019\u0131 yeniden olu\u015fturun ve <code>https:\/\/<\/code> ile ba\u015flad\u0131\u011f\u0131ndan emin olun.<\/li>\n<li><code>robots.txt<\/code> i\u00e7indeki <code>Sitemap:<\/code> sat\u0131r\u0131n\u0131n da HTTPS\u2019e g\u00fcncellendi\u011fini kontrol edin.<\/li>\n<\/ul>\n<p>Bu ad\u0131m, arama motorlar\u0131n\u0131n HTTPS URL\u2019lerinizi daha h\u0131zl\u0131 taramas\u0131na ve dizine eklemesine yard\u0131mc\u0131 olur.<\/p>\n<h3><span id=\"4_Ic_linkler_ve_mixed_content_sorunlari\">4. \u0130\u00e7 linkler ve mixed content sorunlar\u0131<\/span><\/h3>\n<p>Sayfalar\u0131n\u0131zda, men\u00fclerinizde ve i\u00e7eriklerinizde hala <code>http:\/\/<\/code> ile ba\u015flayan dahili linkler kalm\u0131\u015f olabilir. Bunlar iki soruna yol a\u00e7ar:<\/p>\n<ul>\n<li>Kullan\u0131c\u0131 gereksiz y\u00f6nlendirmeye maruz kal\u0131r (performans kayb\u0131).<\/li>\n<li>G\u00f6rsel, CSS, JS gibi varl\u0131klar HTTP\u2019den \u00e7a\u011fr\u0131l\u0131yorsa <strong>mixed content<\/strong> uyar\u0131lar\u0131 al\u0131rs\u0131n\u0131z.<\/li>\n<\/ul>\n<p>Mixed content, SSL kilidinin k\u0131r\u0131lmas\u0131n\u0131n en yayg\u0131n sebebidir. Bu konuyu, taray\u0131c\u0131 uyar\u0131lar\u0131n\u0131 ve \u00e7\u00f6z\u00fcm yollar\u0131n\u0131 detayl\u0131ca <a href=\"https:\/\/www.dchost.com\/blog\/ssl-sertifika-hatalari-rehberi-mixed-content-not-secure-ve-tarayici-uyarilarini-hosting-tarafinda-cozmek\/\">mixed content ve SSL hatalar\u0131 rehberimizde<\/a> ad\u0131m ad\u0131m anlatt\u0131k.<\/p>\n<p>Pratik yakla\u015f\u0131m:<\/p>\n<ul>\n<li>Veritaban\u0131 i\u00e7inde toplu <code>http:\/\/example.com<\/code> \u2192 <code>https:\/\/example.com<\/code> de\u011fi\u015ftirme (\u00f6zellikle WordPress).<\/li>\n<li>Temadaki sabit URL\u2019leri g\u00f6zden ge\u00e7irme.<\/li>\n<li>JS\/CSS dosyalar\u0131nda harici kaynak URL\u2019lerini kontrol etme.<\/li>\n<\/ul>\n<h3><span id=\"5_Google_Search_Console_ve_Analytics_ayarlari\">5. Google Search Console ve Analytics ayarlar\u0131<\/span><\/h3>\n<p>HTTPS ge\u00e7i\u015fi sonras\u0131 mutlaka:<\/p>\n<ul>\n<li>Google Search Console\u2019da HTTPS m\u00fclk\u00fcn\u00fc ekleyin.<\/li>\n<li>Eski HTTP m\u00fclk\u00fcn\u00fc silmeyin; hatalar ve eski backlink\u2019ler i\u00e7in hala i\u015finize yarar.<\/li>\n<li>Analytics taraf\u0131nda (UA\/GA4) referans URL\u2019leri ve filtreleri kontrol edin.<\/li>\n<\/ul>\n<p>Search Console\u2019da yeni sitemap\u2019\u0131 g\u00f6nderip tarama hatalar\u0131n\u0131 izleyin. \u0130lk birka\u00e7 hafta 404 ve y\u00f6nlendirme hatalar\u0131nda dalgalanmalar normaldir; \u00f6nemli olan bunlar\u0131 k\u0131sa s\u00fcrede temizlemeniz.<\/p>\n<h3><span id=\"6_Backlink_ve_harici_link_gozden_gecirmesi\">6. Backlink ve harici link g\u00f6zden ge\u00e7irmesi<\/span><\/h3>\n<p>T\u00fcm s\u00fcreci kendi sitenizde do\u011fru yapsan\u0131z bile, \u00f6nemli birka\u00e7 backlink hala HTTP\u2019ye i\u015faret ediyorsa:<\/p>\n<ul>\n<li>Bu linkler elbette 301 ile HTTPS\u2019e gidecek,<\/li>\n<li>Ancak m\u00fcmk\u00fcnse <strong>\u00f6nemli sitelerden d\u00fczeltme rica etmek<\/strong> uzun vadede daha temiz bir profil sa\u011flar.<\/li>\n<\/ul>\n<p>\u00d6zellikle ana men\u00fclerde, footer\u2019da yer alan sabit linklerinizi verdi\u011finiz i\u015f ortaklar\u0131 veya dizin siteleri varsa, onlara HTTPS\u2019e ge\u00e7ti\u011finizi bildirmek iyi bir pratiktir.<\/p>\n<h3><span id=\"7_Performans_HTTP2_HTTP3_ve_TLS_ayarlari\">7. Performans: HTTP\/2, HTTP\/3 ve TLS ayarlar\u0131<\/span><\/h3>\n<p>HTTPS\u2019e ge\u00e7i\u015f, do\u011fru yap\u0131ld\u0131\u011f\u0131nda performans\u0131 d\u00fc\u015f\u00fcrmek zorunda de\u011fildir; hatta \u00e7o\u011fu zaman <strong>HTTP\/2 ve HTTP\/3<\/strong> sayesinde sayfa y\u00fcklenme s\u00fcrelerini iyile\u015ftirebilirsiniz. Modern taray\u0131c\u0131lar bu protokolleri yaln\u0131zca HTTPS \u00fczerinden kullan\u0131r.<\/p>\n<p>HTTP\/3\u2019\u00fcn hosting performans\u0131na etkilerini detayl\u0131 \u015fekilde anlatt\u0131\u011f\u0131m\u0131z <a href=\"https:\/\/www.dchost.com\/blog\/http-3-protokolu-web-hosting-performansina-etkileri\/\">&#8220;HTTP\/3 Protokol\u00fc&#8221; rehberine<\/a> g\u00f6z atarak, TLS ayarlar\u0131n\u0131z\u0131 sadece g\u00fcvenli de\u011fil ayn\u0131 zamanda h\u0131zl\u0131 olacak \u015fekilde kurgulayabilirsiniz.<\/p>\n<h2><span id=\"Gercek_Dunya_Senaryolari_Blog_E-ticaret_ve_SaaS_Gecisleri\">Ger\u00e7ek D\u00fcnya Senaryolar\u0131: Blog, E-ticaret ve SaaS Ge\u00e7i\u015fleri<\/span><\/h2>\n<h3><span id=\"Kucuk_WordPress_blog_Tek_domain_tek_sertifika\">K\u00fc\u00e7\u00fck WordPress blog: Tek domain, tek sertifika<\/span><\/h3>\n<p>Senaryo: <code>example.com<\/code> \u00fczerinde tek WordPress blog, <code>www<\/code> kullan\u0131lm\u0131yor. DCHost \u00fczerindeki payla\u015f\u0131ml\u0131 hosting hesab\u0131nda cPanel mevcut.<\/p>\n<p>\u0130zleyece\u011finiz yol:<\/p>\n<ol>\n<li>cPanel\u2019den Let\u2019s Encrypt DV sertifikas\u0131 kurun.<\/li>\n<li>.htaccess\u2019e HTTP \u2192 HTTPS 301 kural\u0131n\u0131 ekleyin veya paneldeki &#8220;Force HTTPS&#8221; se\u00e7ene\u011fini aktif edin.<\/li>\n<li>WordPress genel ayarlarda Site Adresi ve WordPress Adresi\u2019ni <code>https:\/\/example.com<\/code> yap\u0131n.<\/li>\n<li>Veritaban\u0131 i\u00e7inde eski <code>http:\/\/example.com<\/code> linklerini HTTPS\u2019e \u00e7evirin.<\/li>\n<li>Hafif bir HSTS ba\u015fl\u0131\u011f\u0131 ekleyin (preload\u2019suz).<\/li>\n<li>Search Console ve sitemap\u2019lar\u0131 g\u00fcncelleyin.<\/li>\n<\/ol>\n<p>Bu \u00f6l\u00e7ek i\u00e7in ge\u00e7i\u015f genellikle dakikalar i\u00e7inde tamamlan\u0131r ve do\u011fru yap\u0131ld\u0131\u011f\u0131nda organik trafikte dalgalanma minimum olur.<\/p>\n<h3><span id=\"E-ticaret_sitesi_Cok_alt_alan_sepetodeme_sayfalarinda_ekstra_dikkat\">E-ticaret sitesi: \u00c7ok alt alan, sepet\/\u00f6deme sayfalar\u0131nda ekstra dikkat<\/span><\/h3>\n<p>Senaryo: <code>www.example.com<\/code> \u00fczerinde ma\u011faza, <code>shop.example.com<\/code> \u00fczerinde \u00f6deme altyap\u0131s\u0131, <code>cdn.example.com<\/code> statik i\u00e7erik sunuyor. Trafik y\u00fcksek, SEO kritik.<\/p>\n<p>\u0130zlemeniz gereken ek ad\u0131mlar:<\/p>\n<ul>\n<li>T\u00fcm alt alanlar\u0131 kapsayacak do\u011fru SSL tasar\u0131m\u0131 (gerekirse wildcard + tekil sertifikalar kombinasyonu).<\/li>\n<li>Hem <code>example.com<\/code> hem <code>www.example.com<\/code> i\u00e7in net bir kanonik yap\u0131 (genellikle biri 301 ile di\u011ferine y\u00f6nlenir).<\/li>\n<li>\u00d6deme sayfalar\u0131nda mixed content olmamas\u0131 i\u00e7in ekstra s\u0131k\u0131 test.<\/li>\n<li>HSTS\u2019i \u00f6nce <code>max-age<\/code> k\u0131sa tutarak (\u00f6rne\u011fin birka\u00e7 g\u00fcn) pilot olarak devreye almak.<\/li>\n<\/ul>\n<p>Bu \u00f6l\u00e7ekte, \u00e7o\u011fu zaman staging ortam\u0131nda (\u00f6rne\u011fin <code>staging.example.com<\/code>) tam ge\u00e7i\u015fi test edip, sorunlar\u0131 orada \u00e7\u00f6zd\u00fckten sonra canl\u0131ya almak en sa\u011fl\u0131kl\u0131s\u0131d\u0131r.<\/p>\n<h3><span id=\"SaaS_uygulamasi_Subdomain-temelli_cok_kiracili_yapi\">SaaS uygulamas\u0131: Subdomain-temelli \u00e7ok kirac\u0131l\u0131 yap\u0131<\/span><\/h3>\n<p>Senaryo: Her m\u00fc\u015fteri i\u00e7in <code>musteri1.example.com<\/code>, <code>musteri2.example.com<\/code> gibi alt alan adlar\u0131, baz\u0131 b\u00fcy\u00fck m\u00fc\u015fterilerde \u00f6zel alan adlar\u0131 (<code>app.musteri.com<\/code>) kullan\u0131l\u0131yor.<\/p>\n<p>Bu senaryoda dikkat edilmesi gerekenler:<\/p>\n<ul>\n<li>ACME otomasyonu ve wildcard sertifikalarla t\u00fcm alt alanlar\u0131n HTTPS\u2019ini y\u00f6netmek.<\/li>\n<li>M\u00fc\u015fterilerin \u00f6zel alan adlar\u0131 i\u00e7in DNS-01 challenge ve otomatik SSL kurulumu.<\/li>\n<li>HSTS\u2019i <strong>includeSubDomains<\/strong> ile kullanacaksan\u0131z, t\u00fcm m\u00fc\u015fteri alt alanlar\u0131n\u0131n HTTPS haz\u0131r oldu\u011fundan emin olmak.<\/li>\n<\/ul>\n<p>Bu t\u00fcr \u00e7ok kirac\u0131l\u0131 mimarilerde, <a href=\"https:\/\/www.dchost.com\/blog\/acme-challenge-turleri-derinlemesine-http%e2%80%9101-dns%e2%80%9101-ve-tls%e2%80%91alpn%e2%80%9101-ne-zaman-hangisi\/\">ACME challenge t\u00fcrlerini anlatt\u0131\u011f\u0131m\u0131z rehber<\/a> ve wildcard otomasyon yaz\u0131lar\u0131 \u00f6zellikle i\u015finize yarayacakt\u0131r.<\/p>\n<h2><span id=\"DCHost_Altyapisinda_HTTPS_Gecisini_Kolaylastiran_Noktalar\">DCHost Altyap\u0131s\u0131nda HTTPS Ge\u00e7i\u015fini Kolayla\u015ft\u0131ran Noktalar<\/span><\/h2>\n<p>DCHost olarak hem payla\u015f\u0131ml\u0131 hosting hem de <strong>VPS\/dedicated<\/strong> taraf\u0131nda, HTTP\u2019den HTTPS\u2019e ge\u00e7i\u015fi m\u00fcmk\u00fcn oldu\u011funca <strong>otomatik ve hatas\u0131z<\/strong> hale getirmek i\u00e7in altyap\u0131m\u0131z\u0131 s\u00fcrekli g\u00fcncelliyoruz.<\/p>\n<ul>\n<li>Bir\u00e7ok pakette <strong>otomatik Let\u2019s Encrypt kurulumu<\/strong> ve yenilemesi.<\/li>\n<li>cPanel\/Plesk ortamlar\u0131nda tek t\u0131kla HTTPS zorunlu k\u0131lma (301).<\/li>\n<li>VPS\/dedicated m\u00fc\u015fterilerimiz i\u00e7in y\u00f6netilen hizmetlerde Nginx\/Apache \u00fczerinde TLS 1.3, HTTP\/2\/HTTP\/3 ve HSTS yap\u0131land\u0131rmas\u0131.<\/li>\n<li>Colocation taraf\u0131nda kendi donan\u0131m\u0131n\u0131 bar\u0131nd\u0131ran m\u00fc\u015fterilere SSL\/TLS ve g\u00fcvenlik ba\u015fl\u0131klar\u0131 dan\u0131\u015fmanl\u0131\u011f\u0131.<\/li>\n<\/ul>\n<p>\u00d6zellikle y\u00fcksek trafikli WordPress, WooCommerce, Laravel veya Node.js projelerinizde; SSL sadece &#8220;sertifika takma&#8221;dan ibaret de\u011fil, performans ve \u00f6l\u00e7eklenebilirlik i\u015fin i\u00e7ine girdi\u011finde daha geni\u015f bir mimari konusu haline geliyor. Bu noktada DCHost\u2019un VPS, dedicated ve colocation \u00e7\u00f6z\u00fcmlerini, proje gereksinimlerinize g\u00f6re birlikte planlayabiliriz.<\/p>\n<h2><span id=\"Ozet_Yol_Haritasi_ve_Son_Adim\">\u00d6zet, Yol Haritas\u0131 ve Son Ad\u0131m<\/span><\/h2>\n<p>HTTP\u2019den HTTPS\u2019e ge\u00e7i\u015f, do\u011fru planlama ile yapt\u0131\u011f\u0131n\u0131zda bir \u201crisk\u201d de\u011fil, tam tersine <strong>g\u00fcvenlik, g\u00fcven ve SEO a\u00e7\u0131s\u0131ndan ciddi bir f\u0131rsat<\/strong>t\u0131r. \u00d6zetle:<\/p>\n<ul>\n<li>Alan ad\u0131 ve alt alan envanterinizi \u00e7\u0131kar\u0131n, do\u011fru SSL tipini se\u00e7in.<\/li>\n<li>\u00d6nce sertifikay\u0131 kurun, sonra HTTP \u2192 HTTPS <strong>301 y\u00f6nlendirmesini<\/strong> eksiksiz uygulay\u0131n.<\/li>\n<li>Canonical, sitemap, robots.txt, i\u00e7 linkler ve mixed content\u2019i temizleyin.<\/li>\n<li>Search Console, Analytics ve backlink\u2019lerinizi HTTPS\u2019e g\u00fcncelleyin.<\/li>\n<li>Her \u015fey stabil olduktan sonra HSTS (ve gerekiyorsa preload) ile g\u00fcvenli\u011fi bir seviye daha yukar\u0131 ta\u015f\u0131y\u0131n.<\/li>\n<\/ul>\n<p>Bu rehberi bir <strong>kontrol listesi<\/strong> gibi kullanarak, hem k\u00fc\u00e7\u00fck bir blogu hem de yo\u011fun trafikli bir e-ticaret veya SaaS uygulamas\u0131n\u0131 g\u00fcvenle HTTPS\u2019e ta\u015f\u0131yabilirsiniz. Daha ileri seviyede, TLS 1.3, HTTP\/3, OCSP Stapling, g\u00fcvenlik ba\u015fl\u0131klar\u0131 ve WAF gibi konulara girmek isterseniz, DCHost blogunda onlarca detayl\u0131 makale ve pratik rehber sizi bekliyor.<\/p>\n<p>E\u011fer kendi kendinize u\u011fra\u015fmak istemiyorsan\u0131z veya kritik bir projeyi s\u0131f\u0131r hata tolerans\u0131yla HTTPS\u2019e ge\u00e7irmek istiyorsan\u0131z, DCHost \u00fczerinde <strong>do\u011fru hosting (payla\u015f\u0131ml\u0131, VPS, dedicated veya colocation)<\/strong> se\u00e7imini yap\u0131p, ge\u00e7i\u015f plan\u0131n\u0131 birlikte tasarlayabiliriz. B\u00f6ylece siz i\u015finize odaklan\u0131rken, SSL, 301, HSTS ve performans taraf\u0131n\u0131 biz g\u00fcvenle arka planda y\u00fcr\u00fct\u00fcr\u00fcz.<\/p>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>\u0130&ccedil;indekiler1 Neden HTTP&#8217;den HTTPS&#8217;e Ge\u00e7mek Art\u0131k Zorunlu Hale Geldi?2 HTTPS\u2019e Ge\u00e7meden \u00d6nce Yap\u0131lmas\u0131 Gereken Planlama2.1 Alan ad\u0131 ve alt alan adlar\u0131n\u0131 envanter \u00e7\u0131karma2.2 Hangi SSL sertifika t\u00fcr\u00fcn\u00fc se\u00e7ece\u011finize karar verme2.3 Altyap\u0131: payla\u015f\u0131ml\u0131 hosting mi, VPS\/dedicated mi?3 SSL Sertifikas\u0131 Kurulumu: cPanel, Plesk, Nginx ve Apache K\u0131sa \u00d6zet3.1 cPanel veya Plesk \u00fczerinde SSL kurulumunun mant\u0131\u011f\u01313.2 Nginx \u00fczerinde [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":2497,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-2496","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-teknoloji"],"_links":{"self":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/posts\/2496","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/comments?post=2496"}],"version-history":[{"count":0,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/posts\/2496\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/media\/2497"}],"wp:attachment":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/media?parent=2496"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/categories?post=2496"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/tags?post=2496"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}