[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"academy-blogs-th-1-1-all-go-websocket-security-all--*":3,"academy-blog-translations-5x8fyd9f4bw3fd0":174},{"data":4,"page":162,"perPage":162,"totalItems":162,"totalPages":162},[5],{"alt":6,"collectionId":7,"collectionName":8,"content":9,"cover_image":10,"cover_image_path":11,"created":12,"created_by":13,"expand":14,"id":168,"keywords":169,"locale":144,"published_at":170,"scheduled_at":13,"school_blog":166,"short_description":171,"slug":172,"status":164,"title":6,"updated":173,"updated_by":13,"views":167},"Ep.28 Go กับ WebSocket Security - เพิ่มความปลอดภัยให้ระบบของคุณ!","sclblg987654321","school_blog_translations","\u003Cp class=\"p1\">\u003Cstrong>Go กับ WebSocket Security - เพิ่มความปลอดภัยให้ระบบของคุณ!\u003C\u002Fstrong>\u003C\u002Fp>\u003Cp class=\"p3\">ใน EP นี้ เราจะมาดูวิธีเพิ่มความปลอดภัยให้ WebSocket Cluster ของคุณ ด้วยการใช้ การเข้ารหัส (Encryption) และ การจัดการสิทธิ์ (Authorization) เพื่อป้องกันการโจมตีและรักษาความเป็นส่วนตัวของข้อมูลครับ\u003C\u002Fp>\u003Cp class=\"p4\">&nbsp;\u003C\u002Fp>\u003Cp class=\"p3\">\u003Cstrong>ทำไม WebSocket Cluster ต้องมีความปลอดภัย?\u003C\u002Fstrong>\u003C\u002Fp>\u003Cp class=\"p3\">1. ป้องกันการดักจับข้อมูล (Eavesdropping) : ข้อมูลที่ส่งผ่าน WebSocket ต้องปลอดภัยจากผู้ไม่หวังดี\u003C\u002Fp>\u003Cp class=\"p3\">2. จำกัดการเข้าถึง (Access Control) : ให้เฉพาะผู้ที่ได้รับอนุญาตเท่านั้นที่สามารถใช้งาน WebSocket ได้\u003C\u002Fp>\u003Cp class=\"p3\">3. ป้องกันการโจมตี DDOS : ลดความเสี่ยงจากการโจมตีที่มุ่งเน้นไปยัง WebSocket Cluster\u003C\u002Fp>\u003Cp class=\"p4\">&nbsp;\u003C\u002Fp>\u003Cp class=\"p3\">\u003Cstrong>การเพิ่มความปลอดภัยให้ WebSocket Cluster\u003C\u002Fstrong>\u003C\u002Fp>\u003Cp class=\"p3\">1. ใช้ WSS (WebSocket Secure)\u003C\u002Fp>\u003Cp class=\"p3\">WSS คือ WebSocket ที่ทำงานผ่าน TLS (Transport Layer Security) ซึ่งช่วยเข้ารหัสข้อมูลที่ส่งผ่านเครือข่าย\u003C\u002Fp>\u003Cp class=\"p3\">การตั้งค่า NGINX สำหรับ WSS :\u003C\u002Fp>\u003Cpre>\u003Ccode class=\"language-plaintext\">server {\n    listen 443 ssl;\n    server_name yourdomain.com;\n\n    ssl_certificate \u002Fpath\u002Fto\u002Fyour\u002Fcertificate.pem;\n    ssl_certificate_key \u002Fpath\u002Fto\u002Fyour\u002Fkey.pem;\n\n    location \u002Fws\u002F {\n        proxy_pass http:\u002F\u002Flocalhost:8080; # ชี้ไปยัง WebSocket Server\n        proxy_http_version 1.1;\n        proxy_set_header Upgrade $http_upgrade;\n        proxy_set_header Connection \"upgrade\";\n        proxy_set_header Host $host;\n    }\n}\u003C\u002Fcode>\u003C\u002Fpre>\u003Cp>&nbsp;\u003C\u002Fp>\u003Cp class=\"p3\">2. เพิ่ม Authentication Token\u003C\u002Fp>\u003Cp class=\"p3\">ก่อนการเชื่อมต่อ WebSocket ให้ตรวจสอบ Token เพื่อยืนยันตัวตนผู้ใช้\u003C\u002Fp>\u003Cp class=\"p3\">ตัวอย่างการตรวจสอบ Token ใน Go :\u003C\u002Fp>\u003Cp class=\"p3\">ในตัวอย่างนี้ :\u003C\u002Fp>\u003Cp class=\"p3\">Middleware authMiddleware ตรวจสอบ Token ก่อนอนุญาตการเชื่อมต่อ\u003C\u002Fp>\u003Cpre>\u003Ccode class=\"language-plaintext\">func authMiddleware(next http.HandlerFunc) http.HandlerFunc {\n    return func(w http.ResponseWriter, r *http.Request) {\n        token := r.URL.Query().Get(\"token\")\n        if token != \"valid-token\" { \u002F\u002F ตัวอย่างตรวจสอบ Token แบบง่าย\n            http.Error(w, \"Unauthorized\", http.StatusUnauthorized)\n            return\n        }\n        next(w, r)\n    }\n}\n\nfunc handleConnections(w http.ResponseWriter, r *http.Request) {\n    conn, err := upgrader.Upgrade(w, r, nil)\n    if err != nil {\n        log.Println(\"Error upgrading connection:\", err)\n        return\n    }\n    defer conn.Close()\n\n    log.Println(\"Client connected with valid token\")\n    for {\n        _, msg, err := conn.ReadMessage()\n        if err != nil {\n            log.Println(\"Error reading message:\", err)\n            break\n        }\n        log.Printf(\"Received: %s\", msg)\n    }\n}\n\nfunc main() {\n    http.HandleFunc(\"\u002Fws\", authMiddleware(handleConnections))\n    log.Println(\"WebSocket server with token authentication started at :8080\")\n    log.Fatal(http.ListenAndServe(\":8080\", nil))\n}\u003C\u002Fcode>\u003C\u002Fpre>\u003Cp>&nbsp;\u003C\u002Fp>\u003Cp class=\"p3\">3. ใช้ Role-Based Access Control (RBAC)\u003C\u002Fp>\u003Cp class=\"p3\">กำหนดสิทธิ์ผู้ใช้แต่ละประเภท เช่น Admin และ Member เพื่อให้สามารถจำกัดการกระทำได้\u003C\u002Fp>\u003Cp class=\"p3\">ตัวอย่างการใช้ RBAC :\u003C\u002Fp>\u003Cp class=\"p3\">ในตัวอย่างนี้ :\u003C\u002Fp>\u003Cp class=\"p3\">หากผู้ใช้ไม่ได้เป็น Admin จะไม่สามารถดำเนินการบางอย่างได้\u003C\u002Fp>\u003Cpre>\u003Ccode class=\"language-plaintext\">func handleConnections(w http.ResponseWriter, r *http.Request) {\n    token := r.URL.Query().Get(\"token\")\n    role := \"member\" \u002F\u002F สมมติว่าได้ Role จาก Token\n\n    conn, err := upgrader.Upgrade(w, r, nil)\n    if err != nil {\n        log.Println(\"Error upgrading connection:\", err)\n        return\n    }\n    defer conn.Close()\n\n    for {\n        _, msg, err := conn.ReadMessage()\n        if err != nil {\n            log.Println(\"Error reading message:\", err)\n            break\n        }\n\n        if string(msg) == \"admin-action\" &amp;&amp; role != \"admin\" {\n            conn.WriteMessage(websocket.TextMessage, []byte(\"Unauthorized action\"))\n            continue\n        }\n\n        log.Printf(\"Message from %s: %s\", role, msg)\n    }\n}\u003C\u002Fcode>\u003C\u002Fpre>\u003Cp>&nbsp;\u003C\u002Fp>\u003Cp class=\"p3\">4. ป้องกันการโจมตี DDOS ด้วย Rate Limiting\u003C\u002Fp>\u003Cp class=\"p3\">Rate Limiting ช่วยจำกัดจำนวนคำขอที่ผู้ใช้แต่ละคนสามารถส่งได้ในช่วงเวลาที่กำหนด\u003C\u002Fp>\u003Cp class=\"p3\">ตัวอย่างการใช้งาน Rate Limiting :\u003C\u002Fp>\u003Cpre>\u003Ccode class=\"language-plaintext\">var rateLimiter = make(map[string]int)\n\nfunc rateLimitMiddleware(next http.HandlerFunc) http.HandlerFunc {\n    return func(w http.ResponseWriter, r *http.Request) {\n        ip := r.RemoteAddr\n        rateLimiter[ip]++\n\n        if rateLimiter[ip] &gt; 10 { \u002F\u002F อนุญาต 10 คำขอต่อ 1 นาที\n            http.Error(w, \"Too many requests\", http.StatusTooManyRequests)\n            return\n        }\n\n        next(w, r)\n    }\n}\u003C\u002Fcode>\u003C\u002Fpre>\u003Cp>&nbsp;\u003C\u002Fp>\u003Cp class=\"p3\">\u003Cstrong>การปรับปรุงเพิ่มเติม\u003C\u002Fstrong>\u003C\u002Fp>\u003Cul class=\"ul1\">\u003Cli class=\"li3\">ใช้ JWT (JSON Web Token) : สำหรับการตรวจสอบสิทธิ์แบบปลอดภัย\u003C\u002Fli>\u003Cli class=\"li3\">เข้ารหัสข้อมูลที่สำคัญ : ใช้ AES หรือ RSA สำหรับข้อมูลที่ต้องการความปลอดภัยสูง\u003C\u002Fli>\u003Cli class=\"li3\">Monitor การใช้งาน : ใช้ Prometheus และ Grafana เพื่อตรวจสอบปริมาณการใช้งาน\u003C\u002Fli>\u003C\u002Ful>\u003Cp class=\"p4\">&nbsp;\u003C\u002Fp>\u003Cp class=\"p3\">\u003Cstrong>สรุปง่ายๆ\u003C\u002Fstrong>\u003C\u002Fp>\u003Cul class=\"ul1\">\u003Cli class=\"li3\">ใช้ WSS (WebSocket Secure) เพื่อเข้ารหัสการเชื่อมต่อ\u003C\u002Fli>\u003Cli class=\"li3\">ตรวจสอบสิทธิ์ผู้ใช้ด้วย Token หรือ JWT\u003C\u002Fli>\u003Cli class=\"li3\">เพิ่ม Role-Based Access Control (RBAC) เพื่อจัดการสิทธิ์\u003C\u002Fli>\u003Cli class=\"li3\">\u003Cspan class=\"s2\">ป้องกัน\u003C\u002Fspan> DDOS \u003Cspan class=\"s2\">ด้วย\u003C\u002Fspan> Rate Limiting\u003C\u002Fli>\u003C\u002Ful>","25_11zon_gdjd1y0bzt.webp","https:\u002F\u002Ftwsme-r2.tumwebsme.com\u002Fsclblg987654321\u002Fe95plluvlsje6f8\u002F25_11zon_gdjd1y0bzt.webp","2026-03-04 08:34:16.503Z","",{"keywords":15,"locale":138,"school_blog":148},[16,23,28,33,38,43,48,53,58,63,68,73,78,83,88,93,98,103,108,113,118,123,128,133],{"collectionId":17,"collectionName":18,"created":19,"created_by":13,"id":20,"name":21,"updated":22,"updated_by":13},"sclkey987654321","school_keywords","2026-03-04 08:20:11.547Z","ey3puyme01a9bsw","Go","2026-04-10 16:07:25.893Z",{"collectionId":17,"collectionName":18,"created":24,"created_by":13,"id":25,"name":26,"updated":27,"updated_by":13},"2026-03-04 08:20:14.253Z","ah6lvy4x8qe08l5","Golang","2026-04-10 16:07:26.172Z",{"collectionId":17,"collectionName":18,"created":29,"created_by":13,"id":30,"name":31,"updated":32,"updated_by":13},"2026-03-04 08:33:59.518Z","7pqn3y8ffwzzde5","ภาษา Go","2026-04-10 16:08:04.777Z",{"collectionId":17,"collectionName":18,"created":34,"created_by":13,"id":35,"name":36,"updated":37,"updated_by":13},"2026-03-04 08:34:00.920Z","ecac9y661or1xka","WebSocket","2026-04-10 16:08:05.227Z",{"collectionId":17,"collectionName":18,"created":39,"created_by":13,"id":40,"name":41,"updated":42,"updated_by":13},"2026-03-04 08:34:03.189Z","yqlfsj6oely2c95","ความปลอดภัย","2026-04-10 16:08:06.027Z",{"collectionId":17,"collectionName":18,"created":44,"created_by":13,"id":45,"name":46,"updated":47,"updated_by":13},"2026-03-04 08:34:02.324Z","r9akapsc75q5l3w","WSS","2026-04-10 16:08:05.711Z",{"collectionId":17,"collectionName":18,"created":49,"created_by":13,"id":50,"name":51,"updated":52,"updated_by":13},"2026-03-04 08:34:07.001Z","0w6brqjqc0zm0bd","การเข้ารหัส","2026-04-10 16:08:07.438Z",{"collectionId":17,"collectionName":18,"created":54,"created_by":13,"id":55,"name":56,"updated":57,"updated_by":13},"2026-03-04 08:34:08.824Z","nkdo50apa7nibqm","การจัดการสิทธิ์","2026-04-10 16:08:08.158Z",{"collectionId":17,"collectionName":18,"created":59,"created_by":13,"id":60,"name":61,"updated":62,"updated_by":13},"2026-03-04 08:34:05.981Z","2uacq4bcskvu8dc","DDOS","2026-04-10 16:08:07.122Z",{"collectionId":17,"collectionName":18,"created":64,"created_by":13,"id":65,"name":66,"updated":67,"updated_by":13},"2026-03-04 08:34:07.915Z","921nl48h9in67sw","Rate Limiting","2026-04-10 16:08:07.808Z",{"collectionId":17,"collectionName":18,"created":69,"created_by":13,"id":70,"name":71,"updated":72,"updated_by":13},"2026-03-04 08:34:10.485Z","5v113gy6l7vswbr","RBAC","2026-04-10 16:08:08.785Z",{"collectionId":17,"collectionName":18,"created":74,"created_by":13,"id":75,"name":76,"updated":77,"updated_by":13},"2026-03-04 08:34:11.541Z","67xrlmvqwizocfz","Token","2026-04-10 16:08:09.135Z",{"collectionId":17,"collectionName":18,"created":79,"created_by":13,"id":80,"name":81,"updated":82,"updated_by":13},"2026-03-04 08:34:09.187Z","3zp82zk9hqz13ko","การเขียนโปรแกรม Go","2026-04-10 16:08:08.225Z",{"collectionId":17,"collectionName":18,"created":84,"created_by":13,"id":85,"name":86,"updated":87,"updated_by":13},"2026-03-04 08:32:27.645Z","vfe4f15x4b3afpm","การศึกษาการเขียนโปรแกรม","2026-04-10 16:07:54.538Z",{"collectionId":17,"collectionName":18,"created":89,"created_by":13,"id":90,"name":91,"updated":92,"updated_by":13},"2026-03-04 08:31:30.863Z","oyltq82epf0vqka","การเขียนโปรแกรม","2026-04-10 16:07:41.883Z",{"collectionId":17,"collectionName":18,"created":94,"created_by":13,"id":95,"name":96,"updated":97,"updated_by":13},"2026-03-04 08:32:29.161Z","uewvwdt9cf41o8n","การเขียนโปรแกรมสำหรับมือใหม่","2026-04-10 16:07:54.935Z",{"collectionId":17,"collectionName":18,"created":99,"created_by":13,"id":100,"name":101,"updated":102,"updated_by":13},"2026-03-04 08:27:15.893Z","keubtbdqa4mblx3","การพัฒนาโปรแกรม","2026-04-10 16:07:38.769Z",{"collectionId":17,"collectionName":18,"created":104,"created_by":13,"id":105,"name":106,"updated":107,"updated_by":13},"2026-03-04 08:32:27.254Z","xl8ixz1jmfnab5f","ฝึกเขียนโปรแกรม","2026-04-10 16:07:54.377Z",{"collectionId":17,"collectionName":18,"created":109,"created_by":13,"id":110,"name":111,"updated":112,"updated_by":13},"2026-03-04 08:32:35.062Z","o0u15pkykswaj0k","พัฒนาโปรแกรม","2026-04-10 16:07:56.758Z",{"collectionId":17,"collectionName":18,"created":114,"created_by":13,"id":115,"name":116,"updated":117,"updated_by":13},"2026-03-04 08:31:53.015Z","801w5t09mfaa9hl","ภาษาโปรแกรม","2026-04-10 16:07:46.625Z",{"collectionId":17,"collectionName":18,"created":119,"created_by":13,"id":120,"name":121,"updated":122,"updated_by":13},"2026-03-04 08:20:37.794Z","x2c5z8w1cr41ij3","ภาษาโปรแกรมมิ่ง","2026-04-10 16:07:27.917Z",{"collectionId":17,"collectionName":18,"created":124,"created_by":13,"id":125,"name":126,"updated":127,"updated_by":13},"2026-03-04 08:32:24.473Z","xquecx7u5svb567","โปรแกรม","2026-04-10 16:07:53.714Z",{"collectionId":17,"collectionName":18,"created":129,"created_by":13,"id":130,"name":131,"updated":132,"updated_by":13},"2026-03-04 08:26:56.612Z","yf74wkqyamfc5qx","โปรแกรมเมอร์","2026-04-10 16:07:36.426Z",{"collectionId":17,"collectionName":18,"created":134,"created_by":13,"id":135,"name":136,"updated":137,"updated_by":13},"2026-03-04 08:26:59.195Z","gab60xd583s3qaw","Superdev School","2026-04-10 16:07:37.087Z",{"code":139,"collectionId":140,"collectionName":141,"created":142,"flag":143,"id":144,"is_default":145,"label":146,"updated":147},"th","pbc_1989393366","locales","2026-01-22 10:59:55.832Z","twemoji:flag-thailand","s8wri3bt4vgg2ji",true,"Thai","2026-04-10 15:42:46.614Z",{"category":149,"collectionId":150,"collectionName":151,"expand":152,"id":166,"views":167},"wqxt7ag2gn7xcmk","pbc_2105096300","school_blogs",{"category":153},{"blogIds":154,"collectionId":155,"collectionName":156,"created":157,"created_by":13,"id":149,"image":158,"image_alt":13,"image_path":159,"label":160,"name":161,"priority":162,"publish_at":163,"scheduled_at":13,"status":164,"updated":165,"updated_by":13},[],"sclcatblg987654321","school_category_blogs","2026-03-04 08:33:53.210Z","59ty92ns80w_15oc1implw.png","https:\u002F\u002Ftwsme-r2.tumwebsme.com\u002Fsclcatblg987654321\u002Fwqxt7ag2gn7xcmk\u002F59ty92ns80w_15oc1implw.png",{"en":161,"th":161},"Golang The Series",1,"2026-03-16 04:39:38.440Z","published","2026-04-25 02:32:15.470Z","5x8fyd9f4bw3fd0",304,"e95plluvlsje6f8",[20,25,30,35,40,45,50,55,60,65,70,75,80,85,90,95,100,105,110,115,120,125,130,135],"2025-01-27 04:42:22.079Z","เรียนรู้วิธีเพิ่มความปลอดภัยให้ WebSocket Cluster ของคุณด้วยการใช้ WSS, การตรวจสอบ Token, RBAC และ Rate Limiting เพื่อป้องกันการโจมตีและรักษาความเป็นส่วนตัวของข้อมูล","go-websocket-security","2026-04-25 02:47:30.633Z",{"th":172}]