你可以做什么?#
¥What you can do
作为客户,你有责任确保你的代码和数据安全。本文档列出了你可以采取的一些步骤。
¥It's also your responsibility as a customer to ensure you are securing your code and data. This document lists some steps you can take.
所有用户#
¥All users
- 向 security@n8n.io 报告安全问题和 服务条款 违规行为。
¥Report security issues and terms of service violations to security@n8n.io.
¥If more than one person uses your n8n instance, set up User management and follow the Best practices.
- 尽可能使用 OAuth 连接集成。
¥Use OAuth to connect integrations whenever possible.
自托管用户#
¥Self-hosted users
如果你自行托管 n8n,你可以执行以下额外步骤:
¥If you self-host n8n, there are additional steps you can take:
- 设置为反向代理以处理 TLS,确保数据在传输过程中加密。
¥Set up a reverse proxy to handle TLS, ensuring data is encrypted in transit.
- 确保静态数据加密,方法是使用加密分区或硬件级加密,并确保 n8n 及其数据库写入到该位置。
¥Ensure data is encrypted at rest by using encrypted partitions, or encryption at the hardware level, and ensuring n8n and its database is written to that location.
- 运行 安全审计。
¥Run a Security audit.
- 安装社区节点时请注意 风险,或者选择禁用它们。
¥Be aware of the Risks when installing community nodes, or choose to disable them.
- 确保用户无法在代码节点中导入外部模块。有关更多信息,请参阅 环境变量 |节点。
¥Make sure users can't import external modules in the Code node. Refer to Environment variables | Nodes for more information.
- 选择排除某些节点。例如,你可以禁用“执行命令”或“SSH”等节点。有关更多信息,请参阅 环境变量 |节点。
¥Choose to exclude certain nodes. For example, you can disable nodes like Execute Command or SSH. Refer to Environment variables | Nodes for more information.
- 为了最大限度地保护隐私,你可以参考 隔离 n8n。
¥For maximum privacy, you can Isolate n8n.
自托管用户的 GDPR 合规性#
¥GDPR for self-hosted users
If you self-host n8n, you are responsible for deleting user data. If you need to delete data on behalf of one of your users, you can delete the respective execution. n8n recommends configuring n8n to prune execution data automatically every few days to avoid effortful GDPR request handling as much as possible. Configure this using the EXECUTIONS_DATA_MAX_AGE environment variable. Refer to Environment variables for more information.