mirror of
https://code.castopod.org/adaures/castopod
synced 2025-07-22 05:05:41 +00:00
New translations security.mdx (Breton)
[ci skip]
This commit is contained in:
crowdin
parent
483400cc49
commit
1749a37ef8
@ -1,19 +1,18 @@
|
|||||||
---
|
---
|
||||||
title: Bezbednosni interesi
|
title: Security concerns
|
||||||
---
|
---
|
||||||
|
|
||||||
Castopod je napravljen na [CodeIgniter4](https://codeigniter.com/), PHP okviru
|
Castopod je napravljen na [CodeIgniter4](https://codeigniter.com/), PHP okviru
|
||||||
koji podstiče
|
koji podstiče
|
||||||
[dobre bezbednosne prakse](https://codeigniter.com/user_guide/concepts/security.html).
|
[dobre bezbednosne prakse](https://codeigniter.com/user_guide/concepts/security.html).
|
||||||
|
|
||||||
Da biste maksimalno povećali bezbednost vaše instance i sprečili bilo kakav
|
To maximize your instance's safety and prevent any malicious attack, we
|
||||||
zlonamerni napad, mi preporučujemo da ažurirate sve dozvole Castopod datoteka
|
recommend you update all your Castopod files permissions after installation or
|
||||||
nakon instalacije ili ažuriranja (da biste izbegli bilo kakvu grešku prethodne
|
updates (to avoid any prior permission error):
|
||||||
dozvole):
|
|
||||||
|
|
||||||
- `writable/` direktorijum mora biti **readable** i **writable**.
|
- `writable/` direktorijum mora biti **readable** i **writable**.
|
||||||
- `public/media/` direktorijum mora biti **readable** i **writable**.
|
- `public/media/` direktorijum mora biti **readable** i **writable**.
|
||||||
- bilo koja druga datoteka mora biti podešena na **readonly**.
|
- any other file must be set to **readonly**.
|
||||||
|
|
||||||
Na primer, ukoliko koristite Apache ili NGINX sa Ubuntu-om možete uraditi
|
Na primer, ukoliko koristite Apache ili NGINX sa Ubuntu-om možete uraditi
|
||||||
sledeće:
|
sledeće:
|
||||||
@ -23,3 +22,23 @@ sudo chown -R root:root /path/to/castopod
|
|||||||
sudo chown -R www-data:www-data /path/to/castopod/writable
|
sudo chown -R www-data:www-data /path/to/castopod/writable
|
||||||
sudo chown -R www-data:www-data /path/to/castopod/public/media
|
sudo chown -R www-data:www-data /path/to/castopod/public/media
|
||||||
```
|
```
|
||||||
|
|
||||||
|
## Third-party Plugins
|
||||||
|
|
||||||
|
Since v2's [Plugins Architecture](../../plugins), Castopod can be extended with
|
||||||
|
all sorts of cool features. Anyone can choose to create their own plugins and
|
||||||
|
even share them with the community.
|
||||||
|
|
||||||
|
👉 Plugins are a way to inject code in parts of Castopod through
|
||||||
|
[Hooks](../../plugins/hooks).
|
||||||
|
|
||||||
|
Now, if you create your own plugin and install it in your own Castopod, that
|
||||||
|
means you control both the code that gets injected and the environment: all is
|
||||||
|
good!
|
||||||
|
|
||||||
|
But as for **third-party plugins**, you must treat them as a **potential
|
||||||
|
security risk _by default_**:
|
||||||
|
|
||||||
|
1. Make sure you **trust the source before installing any third-party plugin**
|
||||||
|
2. **Review the plugin's code** yourself if you can or
|
||||||
|
[ask developers from the community for help](https://castopod.org/chat)
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user