{"id":1374,"date":"2025-02-25T08:23:06","date_gmt":"2025-02-25T05:23:06","guid":{"rendered":"https:\/\/shedov.top\/ru\/?p=1374"},"modified":"2026-03-17T01:48:29","modified_gmt":"2026-03-16T22:48:29","slug":"nastrojka-servera-nginx-s-uchetom-bezopasnosti-na-proekte-crystal-v1-0","status":"publish","type":"post","link":"https:\/\/shedov.top\/ru\/nastrojka-servera-nginx-s-uchetom-bezopasnosti-na-proekte-crystal-v1-0\/","title":{"rendered":"\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 Nginx \u0441 \u0443\u0447\u0435\u0442\u043e\u043c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043d\u0430 \u043f\u0440\u043e\u0435\u043a\u0442\u0435 CRYSTAL v1.0"},"content":{"rendered":"<div class=\"single_contents\">\n    <h2>\u0421\u043e\u0434\u0435\u0440\u0436\u0430\u043d\u0438\u0435:<\/h2>\n    <nav>\n    <ul>\n\t<li>1. <a href=\"#paragraph_1\">\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043f\u0440\u0430\u0432\u0438\u043b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438<\/a><\/li>\n    <li>2. <a href=\"#paragraph_2\">\u0421\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u0434\u0438\u0440\u0435\u043a\u0442\u043e\u0440\u0438\u0438 - 'nginxconf', \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0431\u0443\u0434\u0443\u0442 \u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 - 'security.conf'<\/a><\/li>\n    <li>3. <a href=\"#paragraph_3\">\u041f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 'security.conf' \u043a \u0441\u0435\u0440\u0432\u0435\u0440\u0443<\/a><\/li>\n    <\/ul> \n    <\/nav>\n    <\/div>\n    \n<p>\u0414\u0430\u043d\u043d\u0430\u044f \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u044f \u043f\u043e\u0434\u0440\u0430\u0437\u0443\u043c\u0435\u0432\u0430\u0435\u0442, \u0447\u0442\u043e \u0443 \u0432\u0430\u0441 \u0443\u0436\u0435 <a\n\t\thref=\"https:\/\/shedov.top\/ru\/ustanovka-i-nastrojka-avtomaticheskogo-prodleniya-besplatnogo-ssl-sertifikata-lets-encrypt-dlya-domena-na-proekte-crystal-v1-0\/\"\n\t\ttarget=\"_blank\" rel=\"noopener\"\n>\u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d<\/a>\n\tSSL-\u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442.<\/p>\n\t\n\n<h2 id=\"paragraph_1\">1. \u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043f\u0440\u0430\u0432\u0438\u043b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438<\/h2>\n\n\n<p><strong>server_tokens off;<\/strong>\n - \u041e\u0442\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u043e\u0442\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 Nginx \u0432 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u0430\u0445 \u043e\u0442\u0432\u0435\u0442\u0430. \u042d\u0442\u043e \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0430\u0435\u0442 \u0443\u0442\u0435\u0447\u043a\u0443 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0435, \u0443\u0441\u043b\u043e\u0436\u043d\u044f\u044f \u0440\u0430\u0431\u043e\u0442\u0443 \u0434\u043b\u044f \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0445.<\/p>\n\n<p><strong>add_header X-XSS-Protection \"1; mode=block\" always;<\/strong>\n - \u0412\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0437\u0430\u0449\u0438\u0442\u0443 \u043e\u0442 XSS-\u0430\u0442\u0430\u043a (\u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u0443\u044e \u0432 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u044b). \u041f\u0440\u0438 \u043f\u043e\u043f\u044b\u0442\u043a\u0435 \u0432\u043d\u0435\u0434\u0440\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 JavaScript, \u0431\u0440\u0430\u0443\u0437\u0435\u0440 \u0431\u043b\u043e\u043a\u0438\u0440\u0443\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u044b.<\/p>\n\n<p><strong>add_header X-Content-Type-Options \"nosniff\" always;<\/strong>\n - \u0417\u0430\u043f\u0440\u0435\u0449\u0430\u0435\u0442 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0443 \"\u0443\u0433\u0430\u0434\u044b\u0432\u0430\u0442\u044c\" \u0442\u0438\u043f \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u043e\u0433\u043e, \u0435\u0441\u043b\u0438 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043e\u043a Content-Type \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u0435\u0442 \u0438\u043b\u0438 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u044b\u0439. \u042d\u0442\u043e \u043f\u043e\u043c\u043e\u0433\u0430\u0435\u0442 \u0438\u0437\u0431\u0435\u0436\u0430\u0442\u044c MIME-\u0430\u0442\u0430\u043a.<\/p>\n\n<p><strong>add_header Referrer-Policy \"no-referrer-when-downgrade\" always;<\/strong>\n - \u0423\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 \u0442\u0435\u043c, \u043a\u0430\u043a\u0438\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u043f\u0435\u0440\u0435\u0434\u0430\u044e\u0442\u0441\u044f \u0432 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u0435 Referer. \u0412 \u044d\u0442\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u0440\u0435\u0444\u0435\u0440\u0435\u0440 \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u0440\u0438 \u043f\u0435\u0440\u0435\u0445\u043e\u0434\u0435 \u0441 HTTPS \u043d\u0430 HTTPS, \u043d\u043e \u043d\u0435 \u0441 HTTPS \u043d\u0430 HTTP.<\/p>\n\n<p><strong>add_header Permissions-Policy \"interest-cohort=()\" always;<\/strong>\n - \u041e\u0442\u043a\u043b\u044e\u0447\u0430\u0435\u0442 FLoC (Federated Learning of Cohorts) \u2014 \u0441\u043f\u043e\u0440\u043d\u0443\u044e \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u044e Google \u0434\u043b\u044f \u0442\u0430\u0440\u0433\u0435\u0442\u0438\u043d\u0433\u0430 \u0440\u0435\u043a\u043b\u0430\u043c\u044b. \u0417\u0430\u0449\u0438\u0449\u0430\u0435\u0442 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.<\/p>\n\n<p><strong>add_header Strict-Transport-Security \"max-age=31536000; includeSubDomains\" always;<\/strong>\n - \u041f\u0440\u0438\u043d\u0443\u0436\u0434\u0430\u0435\u0442 \u0431\u0440\u0430\u0443\u0437\u0435\u0440 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c HTTPS \u0434\u043b\u044f \u0432\u0441\u0435\u0445 \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0445 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0439 \u043d\u0430 \u043f\u0440\u043e\u0442\u044f\u0436\u0435\u043d\u0438\u0438 1 \u0433\u043e\u0434\u0430. \u0422\u0430\u043a\u0436\u0435 \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u043f\u043e\u0434\u0434\u043e\u043c\u0435\u043d\u044b.<\/p>\n\n<p><strong>add_header X-Frame-Options \"DENY\";<\/strong>\n - \u0417\u0430\u043f\u0440\u0435\u0449\u0430\u0435\u0442 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0443 \u0441\u0430\u0439\u0442\u0430 \u0432\u043d\u0443\u0442\u0440\u0438 \u0444\u0440\u0435\u0439\u043c\u043e\u0432\/\u0430\u0439\u0444\u0440\u0435\u0439\u043c\u043e\u0432, \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0430\u044f \u0430\u0442\u0430\u043a\u0438 clickjacking.<\/p>\n\n<p><strong>add_header Content-Security-Policy \"default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https:\/\/www.google.com\/recaptcha\/ https:\/\/www.gstatic.com\/recaptcha\/; frame-ancestors 'self' https:\/\/www.google.com\/ https:\/\/www.gstatic.com\/; img-src 'self' data: blob:; style-src 'self'; script-src 'self' blob: https:\/\/www.google.com\/ https:\/\/www.gstatic.com\/;\" always;<\/strong><\/p>\n<p>- \u0420\u0430\u0437\u0440\u0435\u0448\u0430\u0435\u0442 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0443 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432 \u0442\u043e\u043b\u044c\u043a\u043e \u0441 \u0442\u0435\u043a\u0443\u0449\u0435\u0433\u043e \u0434\u043e\u043c\u0435\u043d\u0430 ('self'), Google ReCAPTCHA \u0438 blob: URL.<\/p>\n<p>- \u0411\u043b\u043e\u043a\u0438\u0440\u0443\u0435\u0442 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0443 \u0432\u043d\u0435\u0448\u043d\u0438\u0445 \u0441\u043a\u0440\u0438\u043f\u0442\u043e\u0432 \u0438 \u0441\u0442\u0438\u043b\u0435\u0439 (\u0435\u0441\u043b\u0438 \u043e\u043d\u0438, \u043d\u0435 \u0443\u043a\u0430\u0437\u0430\u043d\u044b \u044f\u0432\u043d\u043e).<\/p>\n<p>- \u0417\u0430\u043f\u0440\u0435\u0449\u0430\u0435\u0442 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0443 \u0441\u0430\u0439\u0442\u0430 \u0432\u043e \u0444\u0440\u0435\u0439\u043c\u0435 \u0441 \u0447\u0443\u0436\u043e\u0433\u043e \u0434\u043e\u043c\u0435\u043d\u0430, \u043a\u0440\u043e\u043c\u0435 google.com.<\/p>\n<p>- \u0420\u0430\u0437\u0440\u0435\u0448\u0430\u0435\u0442 \u0438\u0437\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u0438\u0437 self, data: \u0438 blob:.<\/p>\n<p>- CSP \u043f\u043e\u043c\u043e\u0433\u0430\u0435\u0442 \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0442\u0438\u0442\u044c XSS, \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0443 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432 \u0438 iframe-\u0430\u0442\u0430\u043a\u0438.<\/p> \n\n<h2 id=\"paragraph_2\">2. \u0421\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u0434\u0438\u0440\u0435\u043a\u0442\u043e\u0440\u0438\u0438 - 'nginxconf', \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0431\u0443\u0434\u0443\u0442 \u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 - 'security.conf'<\/h2>\n\n<p style=\"text-align:center; margin-bottom: 4px;\"><strong>\u26a0\ufe0f \u041f\u0440\u0438\u043c\u0435\u0447\u0430\u043d\u0438\u0435 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438<\/strong><\/p>\n\n<p>\u0412 \u0434\u0430\u043d\u043d\u043e\u0439 \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438 \u0438 \u0432 \u0434\u0440\u0443\u0433\u0438\u0445 \u043f\u0443\u043d\u043a\u0442\u0430\u0445 <a rel=\"noopener\" href=\"https:\/\/shedov.top\/ru\/dokumentaciya-crystal-v1-0\/\" data-type=\"URL\" target=\"_blank\">\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u0446\u0438\u0438<\/a>, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043a\u043e\u043c\u0430\u043d\u0434\u0430 <code class=\"inline-code\">sudo -i<\/code>, \u0434\u043b\u044f \u043f\u0435\u0440\u0435\u0445\u043e\u0434\u0430 \u0432 \u0440\u0435\u0436\u0438\u043c\n  \u0441\u0443\u043f\u0435\u0440\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f (<code class=\"inline-code\">root<\/code>). \u042d\u0442\u043e \u0441\u0434\u0435\u043b\u0430\u043d\u043e \u0434\u043b\u044f \u0443\u0441\u043a\u043e\u0440\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430 \u0438 \u0441\u043e\u043a\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434.<\/p>\n\n<p>\u0412 production-\u0441\u0440\u0435\u0434\u0435, \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u0430\u044f \u0440\u0430\u0431\u043e\u0442\u0430 \u0438\u0437-\u043f\u043e\u0434 <code class=\"inline-code\">root<\/code>, <strong>\u043d\u0435\n      \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f<\/strong>, \u0442\u0430\u043a \u043a\u0430\u043a \u044d\u0442\u043e \u043d\u0430\u0440\u0443\u0448\u0430\u0435\u0442 \u043f\u0440\u0438\u043d\u0446\u0438\u043f \u043d\u0430\u0438\u043c\u0435\u043d\u044c\u0448\u0438\u0445 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0438 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u0441\u043d\u0438\u0436\u0430\u0435\u0442 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c\n    \u0441\u0435\u0440\u0432\u0435\u0440\u0430.<\/p>\n\n\n<p>\u0412\u043a\u043b\u044e\u0447\u0438\u0442\u0435 sudo:<\/p>\n\n<pre class=\"wp-block-code language-default\">\n<code>sudo -i<\/code><\/pre>\n\n\n<p>\u0412\u0432\u0435\u0434\u0438\u0442\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u0443:<\/p>\n\n<pre class=\"wp-block-code language-default\">\n<code>mkdir \/etc\/nginx\/nginxconf<\/code><\/pre>\n\n\n<p>\u0417\u0430\u0442\u0435\u043c:<\/p>\n\n<pre class=\"wp-block-code language-default\">\n<code>nano \/etc\/nginx\/nginxconf\/security.conf<\/code><\/pre>\n\n\n<p>\u0414\u043e\u0431\u0430\u0432\u044c\u0442\u0435 \u0432 \u043e\u0442\u043a\u0440\u044b\u0432\u0448\u0438\u0435\u0441\u044f \u043e\u043a\u043d\u043e, \u043a\u043e\u0434 \u043d\u0438\u0436\u0435:<\/p>\n\n<pre class=\"wp-block-code language-default line-numbers\">\n<code>server_tokens off;\n\tadd_header X-XSS-Protection \"1; mode=block\" always;\n\tadd_header X-Content-Type-Options \"nosniff\" always;\n\tadd_header Referrer-Policy \"no-referrer-when-downgrade\" always;\n\tadd_header Permissions-Policy \"interest-cohort=()\" always;\n\tadd_header Strict-Transport-Security \"max-age=31536000; includeSubDomains\" always;\n\tadd_header X-Frame-Options \"DENY\";\n\tadd_header Content-Security-Policy \"default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https:\/\/www.google.com\/recaptcha\/ https:\/\/www.gstatic.com\/recaptcha\/; frame-ancestors 'self' https:\/\/www.google.com\/ https:\/\/www.gstatic.com\/; img-src 'self' data: blob:; style-src 'self'; script-src 'self' blob: https:\/\/www.google.com\/ https:\/\/www.gstatic.com\/;\" always;<\/code><\/pre>\n\n\n<p>\u041f\u043e\u0441\u043b\u0435 \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430, \u043d\u0430\u0436\u043c\u0438\u0442\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u043e - 'ctrl + x', 'y', 'Enter'.<\/p>\n\n<h2 id=\"paragraph_3\">3. \u041f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 'security.conf' \u043a \u0441\u0435\u0440\u0432\u0435\u0440\u0443<\/h2>\n\n<p>\u0412\u0432\u0435\u0434\u0438\u0442\u0435 \u043a\u043e\u0434:<\/p>\n\n<pre class=\"wp-block-code language-default\">\n<code>nano \/etc\/nginx\/sites-available\/crystal<\/code><\/pre>\n\n\n<p>\u0414\u043e\u0431\u0430\u0432\u044c\u0442\u0435 \u0432 \u043e\u0442\u043a\u0440\u044b\u0432\u0448\u0438\u043c\u0441\u044f \u043e\u043a\u043d\u0435, \u043a\u043e\u0434 \u043d\u0438\u0436\u0435, \u043f\u043e\u0441\u043b\u0435 \u0432\u0442\u043e\u0440\u043e\u0439 \u0441\u0442\u0440\u043e\u043a\u0438 \u0441\u0432\u0435\u0440\u0445\u0443 - 'server_name \u0412\u0430\u0448\u0414\u043e\u043c\u0435\u043d www.\u0412\u0430\u0448\u0414\u043e\u043c\u0435\u043d;':<\/p>\n\n<pre class=\"wp-block-code language-default line-numbers\">\n<code># security\ninclude \/etc\/nginx\/nginxconf\/security.conf;\n# \/security<\/code><\/pre>\n\n\n<p>\u041f\u0440\u0438\u043c\u0435\u0440:<\/p>\n\n<pre class=\"wp-block-code language-default line-numbers\">\n<code>server {\n    server_name crysty.ru www.crysty.ru;\n    # security\n    include \/etc\/nginx\/nginxconf\/security.conf;\n    # \/security\n    location \/\n    {\n\t    root \/var\/www\/crystal\/frontend\/dist;\n\t    try_files $uri $uri \/index.html;\n    }.....<\/code><\/pre>\n\n\n<p>\u041f\u043e\u0441\u043b\u0435 \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430, \u043d\u0430\u0436\u043c\u0438\u0442\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u043e - 'ctrl + x', 'y', 'Enter'.<\/p>\n\n<p>\u0417\u0430\u0442\u0435\u043c \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u0435 nginx, \u043a\u043e\u043c\u0430\u043d\u0434\u043e\u0439:<\/p>\n\n<pre class=\"wp-block-code language-default\">\n<code>systemctl restart nginx<\/code><\/pre>\n\n\n<p>\u0427\u0442\u043e\u0431\u044b \u043e\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u0438\u0442\u044c \u0441\u0430\u0439\u0442 \u043e\u0442 \u0431\u043e\u0442\u043e\u0432, \u0432\u044b \u043c\u043e\u0436\u0435\u0442\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c - reCAPTCHA v3, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u0443\u0434\u0435\u0442 \u0441\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0442\u044c \u043f\u0440\u0438 \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0446\u0438\u0438\n\t\u043d\u043e\u0432\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f, \u0434\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0439\u0442\u0435\u0441\u044c \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0439 <a\n\t\thref=\"https:\/\/shedov.top\/ru\/ustanovka-recaptcha-v3-na-proekte-crystal-v1-0\/\" target=\"_blank\" rel=\"noopener\"\n>\u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0435\u0439<\/a>.<\/p>\n\n<div class=\"browserstack_testing__announcement___wrap\">\n         <div class=\"browserstack_testing__announcement\">\n            <div class=\"browserstack_testing__announcement___top\">\n               <p>CRYSTAL \u0442\u0435\u0441\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0432 <\/p>\n            <\/div>\n            <div class=\"browserstack_testing__announcement___bottom\">\n               <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" xmlns:xlink=\"http:\/\/www.w3.org\/1999\/xlink\" viewBox=\"0 -1.5 31 33\">\n               <g fill=\"none\" fill-rule=\"evenodd\"> <\/g>\n               <g>\n                  <path d=\"m31.0344828 15.5172414c0 8.5701882-6.9470532 15.5172414-15.5172414 15.5172414-8.56989423 0-15.5172414-6.9470532-15.5172414-15.5172414 0-8.56989423 6.94734717-15.5172414 15.5172414-15.5172414 8.5701882 0 15.5172414 6.94734717 15.5172414 15.5172414\" fill=\"#ecb360\"><\/path>\n                  <path d=\"m26.8965517 13.9655172c0 7.7128847-6.0213369 13.9655173-13.4482758 13.9655173-7.42722227 0-13.4482759-6.2526326-13.4482759-13.9655173 0-7.71288459 6.02105363-13.9655172 13.4482759-13.9655172 7.4269389 0 13.4482758 6.25263261 13.4482758 13.9655172\" fill=\"#d76835\"><\/path>\n                  <path d=\"m27.9310345 12.4136422c0 6.8560652-5.3263006 12.413944-11.8969855 12.413944-6.5698174 0-11.89611797-5.5578788-11.89611797-12.413944 0-6.85576335 5.32630057-12.4136422 11.89611797-12.4136422 6.5706849 0 11.8969855 5.55787885 11.8969855 12.4136422\" fill=\"#d33a41\"><\/path>\n                  <path d=\"m26.8965517 13.4484262c0 6.2843054-4.8632703 11.37916-10.8622124 11.37916-5.9989422 0-10.86192551-5.0948546-10.86192551-11.37916 0-6.28490677 4.86298331-11.37946068 10.86192551-11.37946068 5.9989421 0 10.8622124 5.09455391 10.8622124 11.37946068\" fill=\"#b6cb46\"><\/path>\n                  <path d=\"m25.862069 14.4826111c0 5.7133106-4.6316645 10.3449751-10.3449751 10.3449751-5.71301565 0-10.34468011-4.6316645-10.34468011-10.3449751 0-5.71331065 4.63166446-10.34468007 10.34468011-10.34468007 5.7133106 0 10.3449751 4.63136942 10.3449751 10.34468007\" fill=\"#66ad4a\"><\/path>\n                  <path d=\"m21.7241379 12.4137931c0 4.5706247-3.7052373 8.2758621-8.275862 8.2758621-4.57090515 0-8.27586211-3.7052374-8.27586211-8.2758621 0-4.57062469 3.70495696-8.27586207 8.27586211-8.27586207 4.5706247 0 8.275862 3.70523738 8.275862 8.27586207\" fill=\"#aed7dc\"><\/path>\n                  <path d=\"m22.7586207 11.3793103c0 3.9991764-3.2419755 7.2413794-7.2415259 7.2413794-3.9995505 0-7.24123273-3.242203-7.24123273-7.2413794 0-3.99946945 3.24168223-7.24137927 7.24123273-7.24137927 3.9995504 0 7.2415259 3.24190982 7.2415259 7.24137927\" fill=\"#5bb1cf\"><\/path>\n                  <path d=\"m22.7586207 11.8963967c0 3.7136422-2.7788402 6.724293-6.2068966 6.724293s-6.2068965-3.0106508-6.2068965-6.724293c0-3.71333217 2.7788401-6.72398291 6.2068965-6.72398291s6.2068966 3.01065074 6.2068966 6.72398291\" fill=\"#25a8c3\"><\/path>\n                  <path d=\"m20.6896552 12.9308813c0 3.1423524-2.315869 5.6898084-5.1725531 5.6898084-2.8564055 0-5.1722745-2.547456-5.1722745-5.6898084 0-3.14235241 2.315869-5.68950199 5.1722745-5.68950199 2.8566841 0 5.1725531 2.54714958 5.1725531 5.68950199\"><\/path>\n                  <path d=\"m15.5171021 18.6206897c-2.8564055 0-5.1722745-2.547456-5.1722745-5.6898084 0-3.14235241 2.315869-5.68950199 5.1722745-5.68950199 2.8566841 0 5.1725531 2.54714958 5.1725531 5.68950199 0 3.1423524-2.315869 5.6898084-5.1725531 5.6898084z\" fill=\"#1b1a18\"><\/path>\n                  <path d=\"m18.3395432 11.2904163c-.4920811.8231975-1.4595626 1.299291-2.16129 1.062668-.7017274-.2363383-.8715674-1.0956984-.3798654-1.9191807.4920811-.82348231 1.4595626-1.29929107 2.16129-1.06295279s.8715674 1.09569839.3798654 1.91946549\" fill=\"#fffffe\"><\/path>\n               <\/g>\n               <\/svg>\n               <p>BrowserStack<\/p>\n            <\/div>\n            <a href=\"https:\/\/www.browserstack.com\/\" target=\"blank\" rel=\"noopener\" aria-label=\"\u0421\u0441\u044b\u043b\u043a\u0430 \u043d\u0430 browserstack\">\n            <\/a>\n         <\/div>\n      <\/div>","protected":false},"excerpt":{"rendered":"\u0421\u043e\u0434\u0435\u0440\u0436\u0430\u043d\u0438\u0435: 1. \u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043f\u0440\u0430\u0432\u0438\u043b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 2. \u0421\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u0434\u0438\u0440\u0435\u043a\u0442\u043e\u0440\u0438\u0438 - 'nginxconf', \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0431\u0443\u0434\u0443\u0442 \u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 - 'security.conf' 3. \u041f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 'security.conf' \u043a \u0441\u0435\u0440\u0432\u0435\u0440\u0443 \u0414\u0430\u043d\u043d\u0430\u044f \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u044f \u043f\u043e\u0434\u0440\u0430\u0437\u0443\u043c\u0435\u0432\u0430\u0435\u0442, \u0447\u0442\u043e \u0443 \u0432\u0430\u0441 \u0443\u0436\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d SSL-\u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442. 1. \u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043f\u0440\u0430\u0432\u0438\u043b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 server_tokens off; - \u041e\u0442\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u043e\u0442\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 Nginx \u0432 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u0430\u0445 \u043e\u0442\u0432\u0435\u0442\u0430. \u042d\u0442\u043e \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0430\u0435\u0442 \u0443\u0442\u0435\u0447\u043a\u0443 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0435, \u0443\u0441\u043b\u043e\u0436\u043d\u044f\u044f \u0440\u0430\u0431\u043e\u0442\u0443 \u0434\u043b\u044f \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 [&hellip;]","protected":false},"author":1,"featured_media":1397,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[36,20,43,37,66,27,31,35],"tags":[],"class_list":["post-1374","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-add_header","category-crystal","category-crystal-v1-0","category-csp","category-devsecops","category-nginx","category-dokumentaciya-crystal","category-kiberbezopasnost"],"_links":{"self":[{"href":"https:\/\/shedov.top\/ru\/wp-json\/wp\/v2\/posts\/1374","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/shedov.top\/ru\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/shedov.top\/ru\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/shedov.top\/ru\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/shedov.top\/ru\/wp-json\/wp\/v2\/comments?post=1374"}],"version-history":[{"count":32,"href":"https:\/\/shedov.top\/ru\/wp-json\/wp\/v2\/posts\/1374\/revisions"}],"predecessor-version":[{"id":4410,"href":"https:\/\/shedov.top\/ru\/wp-json\/wp\/v2\/posts\/1374\/revisions\/4410"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/shedov.top\/ru\/wp-json\/wp\/v2\/media\/1397"}],"wp:attachment":[{"href":"https:\/\/shedov.top\/ru\/wp-json\/wp\/v2\/media?parent=1374"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/shedov.top\/ru\/wp-json\/wp\/v2\/categories?post=1374"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/shedov.top\/ru\/wp-json\/wp\/v2\/tags?post=1374"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}