[{"data":1,"prerenderedAt":117},["ShallowReactive",2],{"legacy-question-bd227318de55e0d3a4a8a81343e185a2":3,"legacy-question-author-koji-kadoma":90,"legacy-question-category-website-building":106},{"id":4,"title":5,"author":6,"body":7,"category":77,"date":78,"description":5,"extension":79,"locale":80,"meta":81,"navigation":82,"path":83,"seo":84,"slug":85,"stem":86,"tag":87,"updated":78,"__hash__":89},"legacyQuestions\u002F20210903010000-Cockpit CMSのセキュリティ強化はどうやればいいですか？.md","Cockpit CMSのセキュリティ強化はどうやればいいですか？","koji-kadoma",{"type":8,"value":9,"toc":68},"minimark",[10,15,19,28,31,36,39,42,45,48,55,58,65],[11,12,14],"h2",{"id":13},"サーバー側で認証を入れるかauth0がベストです","サーバー側で認証を入れるかAuth0がベストです",[16,17,18],"p",{},"公式の二段階認証（2FA）アドオンが開発されているのでそれを使うのが良いのですが、まだ公開版になっていないだけでなく、レポジトリの更新が3年も止まっているので、現在開発が止まっているようです。",[16,20,21],{},[22,23,27],"a",{"href":24,"rel":25},"https:\u002F\u002Fgithub.com\u002Fagentejo\u002F2FA",[26],"nofollow","agentejo \u002F 2FA",[16,29,30],{},"実際に最新のCockpit CMS(0.12.1)で使ってみると、アカウントの設定画面がバグってしまうので、実質自分で書き換えて使う形になります。",[32,33,35],"h3",{"id":34},"一番簡単なのはサーバー側のbasicdigest認証","一番簡単なのはサーバー側のBasic\u002FDigest認証",[16,37,38],{},"そう考えると、簡単でベストなのはサーバー側でBasic認証か、Digest認証を入れるのではないかと思います。",[16,40,41],{},"設定も楽ですし、PHPが動くサーバーならほとんどがBasic認証には対応しているので、セキュリティはやや弱くなりますが、誰でも導入できるというメリットがあります。",[32,43,44],{"id":44},"auth0を使う",[16,46,47],{},"認証系APIサービスのauth0を使っている方は、有志の方がリリースされたauth0用のアドオンを使うことで、auth0を使った認証を追加できます。",[16,49,50],{},[22,51,54],{"href":52,"rel":53},"https:\u002F\u002Fgithub.com\u002Fjoona\u002FCockpitCMS-Auth0",[26]," joona \u002F CockpitCMS-Auth0 ",[16,56,57],{},"auth0は、アクティブユーザー7,000人までは無料で使えるます。Cockpit CMSを使うのが不特定多数ではなく、小規模なプロジェクトなのであれば、auth0の無料プランは有用です。",[16,59,60],{},[22,61,64],{"href":62,"rel":63},"https:\u002F\u002Fauth0.com\u002Fjp\u002Fpricing",[26],"料金体型 | auth0 ",[16,66,67],{},"auth0の知識などが必要になるのがデメリットでしょうか。",{"title":69,"searchDepth":70,"depth":70,"links":71},"",2,[72],{"id":13,"depth":70,"text":14,"children":73},[74,76],{"id":34,"depth":75,"text":35},3,{"id":44,"depth":75,"text":44},"website-building","2021-09-03T01:00:00.000Z","md","ja",{},true,"\u002F20210903010000-cockpit-cms",{"title":5,"description":5},"bd227318de55e0d3a4a8a81343e185a2","20210903010000-Cockpit CMSのセキュリティ強化はどうやればいいですか？",[88],"cockpit-cms","JzPOMIwPrvxiCJ_uEElFk3J_2q-GRTpRWdc9qbSYk8w",{"id":91,"title":92,"body":93,"date":97,"description":98,"extension":79,"locale":80,"meta":99,"name":102,"navigation":82,"path":103,"seo":104,"slug":6,"stem":6,"updated":97,"__hash__":105},"legacyAuthors\u002Fkoji-kadoma.md","Koji Kadoma",{"type":8,"value":94,"toc":95},[],{"title":69,"searchDepth":70,"depth":70,"links":96},[],"2021-04-01T00:00:00.000Z","Webエンジニアです。Javascript、PHP、Ruby、Dockerなどをメインで使っています。",{"image":100,"url":101},"https:\u002F\u002Fwww.codit.work\u002Fimgs\u002Favatar\u002Fkoji-kadoma.png","https:\u002F\u002Fkoji.pages.dev\u002F",null,"\u002Fkoji-kadoma",{"title":92,"description":98},"H1yaGicrsv1CzYTbFeEXQosuYx93lIutD3_XwXMhAFk",{"id":107,"title":108,"body":109,"date":97,"description":108,"extension":79,"locale":80,"meta":113,"navigation":82,"path":114,"seo":115,"slug":77,"stem":77,"updated":97,"__hash__":116},"legacyCategories\u002Fwebsite-building.md","Webサイト構築",{"type":8,"value":110,"toc":111},[],{"title":69,"searchDepth":70,"depth":70,"links":112},[],{},"\u002Fwebsite-building",{"title":108,"description":108},"h9jPLD2mzMm3L4sFN5qWSiSirySQQLdnxLhQcvw8VlQ",1783320299761]