Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wp-mail-logging domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/html/wp-includes/functions.php on line 6114

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the ninja-forms domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/html/wp-includes/functions.php on line 6114

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the updraftplus domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/html/wp-includes/functions.php on line 6114

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the rocket domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/html/wp-includes/functions.php on line 6114
{"id":56441,"date":"2022-09-07T09:51:07","date_gmt":"2022-09-07T07:51:07","guid":{"rendered":"https:\/\/nextcloud.com\/?page_id=56441"},"modified":"2022-10-07T09:45:31","modified_gmt":"2022-10-07T07:45:31","slug":"threat-model","status":"publish","type":"page","link":"https:\/\/staging.nextcloud.com\/security\/threat-model\/","title":{"rendered":"Threat model"},"content":{"rendered":"

[vc_row][vc_column][vc_column_text]

\r\n\t
\r\n\t\t
\r\n\t\t\t
\r\n\t\t\t\t

Threat model & accepted risks<\/h1>

This page is constantly evolving. So check back over time to see new additions.<\/p>\t\t\t<\/div>\r\n\t\t<\/div>\r\n\t<\/div>\r\n<\/div>\r\n<\/section>[\/vc_column_text][\/vc_column][\/vc_row][vc_section][vc_row equal_height=”yes” css=”.vc_custom_1662476609904{margin-bottom: 2rem !important;}”][vc_column][vc_column_text css=”.vc_custom_1665128736737{margin-bottom: 2rem !important;}”]<\/p>\r\n

Security overview<\/a>\u00a0\u00a0|\u00a0\u00a0Security Advisories<\/a><\/div>\r\n

[\/vc_column_text][\/vc_column][vc_column width=”1\/2″][vc_icon icon_fontawesome=”fas fa-user-lock” color=”custom” size=”lg” custom_color=”#0082c9″ css=”.vc_custom_1662476966895{margin-bottom: 15px !important;}”][vc_column_text]<\/p>\r\n

Administrator privileges<\/h4>\r\n

[\/vc_column_text][vc_column_text]<\/p>\r\n

We consider Nextcloud administrators ultimately trusted. It is for example expected behavior that a Nextcloud administrator can execute arbitrary code.<\/p>\r\n

[\/vc_column_text][\/vc_column][vc_column width=”1\/2″][vc_icon icon_fontawesome=”fas fa-cogs” color=”custom” size=”lg” custom_color=”#0082c9″ css=”.vc_custom_1662530600195{margin-bottom: 15px !important;}”][vc_column_text]<\/p>\r\n

Denial of Service<\/h4>\r\n

[\/vc_column_text][vc_column_text]<\/p>\r\n

Due to the usage of the PHP scripting language we do consider Denial of Service not something that can at the moment be completely prevented. See also the article \u201cPHP Denial of Service Attack Revisited<\/a>\u201c.<\/p>\r\n

[\/vc_column_text][\/vc_column][\/vc_row][vc_row css=”.vc_custom_1662476615310{margin-top: 2rem !important;margin-bottom: 2rem !important;}”][vc_column width=”1\/4″][\/vc_column][vc_column width=”1\/2″][vc_icon icon_fontawesome=”fas fa-certificate” color=”custom” size=”lg” align=”center” custom_color=”#0082c9″ css=”.vc_custom_1662536779734{margin-bottom: 15px !important;}”][vc_column_text]<\/p>\r\n

Local external storage systems
are considered trusted<\/h4>\r\n

[\/vc_column_text][vc_column_text]<\/p>\r\n

We do consider local mounted storage systems as trusted, so if a symlink or something else is configured on the external storage the Nextcloud server will follow it with the web server privileges.<\/p>\r\n

For this reason we do recommend administrators to only use the external storage mount for ultimately trusted content.<\/p>\r\n

[\/vc_column_text][\/vc_column][vc_column width=”1\/4″][\/vc_column][\/vc_row][vc_row css=”.vc_custom_1662476619902{margin-top: 2rem !important;margin-bottom: 2rem !important;}”][vc_column width=”1\/2″][vc_icon icon_fontawesome=”fas fa-server” color=”custom” size=”lg” custom_color=”#0082c9″ css=”.vc_custom_1662530722286{margin-bottom: 15px !important;}”][vc_column_text]<\/p>\r\n

Server-side encryption<\/h4>\r\n

[\/vc_column_text][vc_column_text]<\/p>\r\n

Nextcloud can be configured to encrypt data at rest. This has two options: server-wide key (default since Nextcloud 13) or per-user key. With the former, the keys are on the server and thus the only protection offered is against external storage. With per-user keys, the keys are encrypted by the user password and handled as securely as possible, thus securing data when the user is not logged in. We are aware that a Nextcloud administrator could still intercept the user password to manually decrypt the encryption key. We do thus only consider attack scenarios bounty-worthy if they include an external storage vector or, with per-user-keys, data-at-rest.<\/p>\r\n

[\/vc_column_text][\/vc_column][vc_column width=”1\/2″][vc_icon icon_fontawesome=”fas fa-laptop” color=”custom” size=”lg” custom_color=”#0082c9″ css=”.vc_custom_1662530726331{margin-bottom: 15px !important;}”][vc_column_text]<\/p>\r\n

Client-side encryption<\/h4>\r\n

[\/vc_column_text][vc_column_text]<\/p>\r\n

Nextcloud client-side (or end-to-end) encryption is designed to protect user data from the server in nearly all scenario\u2019s, as described in the RFC.<\/a> Any way to circumvent the protection as covered by the security properties<\/a> would be treated by us as a security issue. Note that, as of May 2018, the client-side or end-to-end encryption feature is not considered \u2018finished\u2019 and no bug bounties are paid out until it is released as a final, stable version, expected in 2020.<\/p>\r\n

[\/vc_column_text][\/vc_column][\/vc_row][vc_row css=”.vc_custom_1662477090190{margin-top: 2rem !important;margin-bottom: 2rem !important;}”][vc_column width=”1\/2″][vc_icon icon_fontawesome=”fas fa-check-circle” color=”custom” size=”lg” custom_color=”#0082c9″ css=”.vc_custom_1662530770082{margin-bottom: 15px !important;}”][vc_column_text]<\/p>\r\n

Features intentionally marked as insecure<\/h4>\r\n

[\/vc_column_text][vc_column_text]<\/p>\r\n

Some features in Nextcloud are intentionally marked as insecure and disabled by default (plus have a big warning above them). One example includes the preview providers such as the LibreOffice preview provider. At the moment we consider vulnerabilities in those disabled features as not bounty-worthy.<\/p>\r\n

[\/vc_column_text][\/vc_column][vc_column width=”1\/2″][vc_icon icon_fontawesome=”fas fa-check-circle” color=”custom” size=”lg” custom_color=”#0082c9″ css=”.vc_custom_1662530770082{margin-bottom: 15px !important;}”][vc_column_text]<\/p>\r\n

Audit logging<\/h4>\r\n

[\/vc_column_text][vc_column_text]<\/p>\r\n

The audit logging feature in Nextcloud is at the moment missing some logs for things like \u201cAccessing previews of files\u201d, these will be added in a future release and known issues are tracked in our issue tracker<\/a>.<\/p>\r\n

[\/vc_column_text][\/vc_column][\/vc_row][vc_row css=”.vc_custom_1662477094704{margin-top: 2rem !important;margin-bottom: 2rem !important;}”][vc_column width=”1\/2″][vc_icon icon_fontawesome=”fas fa-check-circle” color=”custom” size=”lg” custom_color=”#0082c9″ css=”.vc_custom_1662530770082{margin-bottom: 15px !important;}”][vc_column_text]<\/p>\r\n

Version disclosure<\/h4>\r\n

[\/vc_column_text][vc_column_text]<\/p>\r\n

At the moment we consider version disclosure an accepted risk as an attacker can enumerate service versions using other means as well. (e.g. comparing behaviour)<\/p>\r\n

[\/vc_column_text][\/vc_column][vc_column width=”1\/2″][vc_icon icon_fontawesome=”fab fa-android” color=”custom” size=”lg” custom_color=”#0082c9″ css=”.vc_custom_1662530789329{margin-bottom: 15px !important;}”][vc_column_text]<\/p>\r\n

Attacks involving other Android apps on the device<\/h4>\r\n

[\/vc_column_text][vc_column_text]<\/p>\r\n

We do consider attacks involving other Android apps on the device as low or medium risk. Stored files can be hidden from other apps if appropriate storage option is selected inside the app. This should be secure, however, if the phone is compromised we don\u2019t guarantee data safety.<\/p>\r\n

[\/vc_column_text][\/vc_column][\/vc_row][vc_row css=”.vc_custom_1662477103473{margin-top: 2rem !important;margin-bottom: 2rem !important;}”][vc_column width=”1\/2″][vc_icon icon_fontawesome=”fas fa-check-circle” color=”custom” size=”lg” custom_color=”#0082c9″ css=”.vc_custom_1662530770082{margin-bottom: 15px !important;}”][vc_column_text]<\/p>\r\n

Content spoofing<\/h4>\r\n

[\/vc_column_text][vc_column_text]<\/p>\r\n

Generally speaking we consider content spoofing not a bounty-worthy vulnerability.<\/p>\r\n

[\/vc_column_text][\/vc_column][vc_column width=”1\/2″][vc_icon icon_fontawesome=”fas fa-check-circle” color=”custom” size=”lg” custom_color=”#0082c9″ css=”.vc_custom_1662530770082{margin-bottom: 15px !important;}”][vc_column_text]<\/p>\r\n

User enumeration<\/h4>\r\n

[\/vc_column_text][vc_column_text]<\/p>\r\n

We do not consider user enumeration a security risk as for convenience and for features such as Server-to-Server sharing this is an expected behaviour.<\/p>\r\n

[\/vc_column_text][\/vc_column][\/vc_row][vc_row css=”.vc_custom_1662477108563{margin-top: 2rem !important;margin-bottom: 2rem !important;}”][vc_column width=”1\/2″][vc_icon icon_fontawesome=”fas fa-sign-in-alt” color=”custom” size=”lg” custom_color=”#0082c9″ css=”.vc_custom_1662530822868{margin-bottom: 15px !important;}”][vc_column_text]<\/p>\r\n

Brute force of credentials<\/h4>\r\n

[\/vc_column_text][vc_column_text]<\/p>\r\n

Nextcloud 12 introduced brute force protection. If you find a way in which it is broken, it could qualify as a security issue. Of course we\u2019re aware that using TOR or similar solutions can be used to circumvent IP address based brute force protection. It is also not implemented in all endpoints, but should not allow guessing passwords at great speed from a single IP address.<\/p>\r\n

[\/vc_column_text][\/vc_column][vc_column width=”1\/2″][vc_icon icon_fontawesome=”fas fa-check-circle” color=”custom” size=”lg” custom_color=”#0082c9″ css=”.vc_custom_1662530770082{margin-bottom: 15px !important;}”][vc_column_text]<\/p>\r\n

Server-side request forgery<\/h4>\r\n

[\/vc_column_text][vc_column_text]<\/p>\r\n

Nextcloud ships with multiple features that perform sending requests to other hosts, we do consider this accepted behaviour and advocate people to deploy Nextcloud into its own seggregated network segment.<\/p>\r\n

[\/vc_column_text][\/vc_column][\/vc_row][\/vc_section]<\/p><\/div>","protected":false},"excerpt":{"rendered":"

[vc_row][vc_column][vc_column_text][\/vc_column_text][\/vc_column][\/vc_row][vc_section][vc_row equal_height=”yes” css=”.vc_custom_1662476609904{margin-bottom: 2rem !important;}”][vc_column][vc_column_text css=”.vc_custom_1665128736737{margin-bottom: 2rem !important;}”] Security overview\u00a0\u00a0|\u00a0\u00a0Security Advisories [\/vc_column_text][\/vc_column][vc_column width=”1\/2″][vc_icon icon_fontawesome=”fas fa-user-lock” color=”custom” size=”lg” custom_color=”#0082c9″ css=”.vc_custom_1662476966895{margin-bottom: 15px !important;}”][vc_column_text] Administrator privileges [\/vc_column_text][vc_column_text] We consider Nextcloud administrators ultimately trusted. It is for example expected behavior that a Nextcloud administrator can execute arbitrary code. [\/vc_column_text][\/vc_column][vc_column width=”1\/2″][vc_icon icon_fontawesome=”fas fa-cogs” color=”custom” size=”lg” custom_color=”#0082c9″ css=”.vc_custom_1662530600195{margin-bottom: 15px !important;}”][vc_column_text] Denial […]<\/p>\n","protected":false},"author":26,"featured_media":0,"parent":2255,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"inline_featured_image":false,"publish_to_discourse":"","publish_post_category":"","wpdc_auto_publish_overridden":"","wpdc_topic_tags":"","wpdc_pin_topic":"","wpdc_pin_until":"","discourse_post_id":"","discourse_permalink":"","wpdc_publishing_response":"","wpdc_publishing_error":"","footnotes":""},"class_list":["post-56441","page","type-page","status-publish","hentry"],"acf":[],"yoast_head":"\nThreat model - Nextcloud<\/title>\n<meta name=\"robots\" content=\"noindex, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Threat model - Nextcloud\" \/>\n<meta property=\"og:description\" content=\"[vc_row][vc_column][vc_column_text][\/vc_column_text][\/vc_column][\/vc_row][vc_section][vc_row equal_height=”yes” css=”.vc_custom_1662476609904{margin-bottom: 2rem !important;}”][vc_column][vc_column_text css=”.vc_custom_1665128736737{margin-bottom: 2rem !important;}”] Security overview\u00a0\u00a0|\u00a0\u00a0Security Advisories [\/vc_column_text][\/vc_column][vc_column width=”1\/2″][vc_icon icon_fontawesome=”fas fa-user-lock” color=”custom” size=”lg” custom_color=”#0082c9″ css=”.vc_custom_1662476966895{margin-bottom: 15px !important;}”][vc_column_text] Administrator privileges [\/vc_column_text][vc_column_text] We consider Nextcloud administrators ultimately trusted. It is for example expected behavior that a Nextcloud administrator can execute arbitrary code. [\/vc_column_text][\/vc_column][vc_column width=”1\/2″][vc_icon icon_fontawesome=”fas fa-cogs” color=”custom” size=”lg” custom_color=”#0082c9″ css=”.vc_custom_1662530600195{margin-bottom: 15px !important;}”][vc_column_text] Denial […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/staging.nextcloud.com\/security\/threat-model\/\" \/>\n<meta property=\"og:site_name\" content=\"Nextcloud\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/Nextclouders\/\" \/>\n<meta property=\"article:modified_time\" content=\"2022-10-07T07:45:31+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/staging.nextcloud.com\/wp-content\/uploads\/2022\/04\/mobileDesktop-4.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1920\" \/>\n\t<meta property=\"og:image:height\" content=\"1000\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@nextclouders\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/staging.nextcloud.com\/security\/threat-model\/\",\"url\":\"https:\/\/staging.nextcloud.com\/security\/threat-model\/\",\"name\":\"Threat model - Nextcloud\",\"isPartOf\":{\"@id\":\"https:\/\/staging.nextcloud.com\/#website\"},\"datePublished\":\"2022-09-07T07:51:07+00:00\",\"dateModified\":\"2022-10-07T07:45:31+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/staging.nextcloud.com\/security\/threat-model\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/staging.nextcloud.com\/security\/threat-model\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/staging.nextcloud.com\/security\/threat-model\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/staging.nextcloud.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Security\",\"item\":\"https:\/\/staging.nextcloud.com\/security\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Threat model\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/staging.nextcloud.com\/#website\",\"url\":\"https:\/\/staging.nextcloud.com\/\",\"name\":\"Nextcloud\",\"description\":\"Regain control over your data\",\"publisher\":{\"@id\":\"https:\/\/staging.nextcloud.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/staging.nextcloud.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/staging.nextcloud.com\/#organization\",\"name\":\"Nextcloud\",\"url\":\"https:\/\/staging.nextcloud.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/staging.nextcloud.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/staging.nextcloud.com\/wp-content\/uploads\/2023\/02\/logo_nextcloud_white.svg\",\"contentUrl\":\"https:\/\/staging.nextcloud.com\/wp-content\/uploads\/2023\/02\/logo_nextcloud_white.svg\",\"caption\":\"Nextcloud\"},\"image\":{\"@id\":\"https:\/\/staging.nextcloud.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/Nextclouders\/\",\"https:\/\/x.com\/nextclouders\",\"https:\/\/www.linkedin.com\/company\/10827569\/\",\"https:\/\/youtube.com\/nextcloud\",\"https:\/\/www.instagram.com\/nextclouders\/\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Threat model - Nextcloud","robots":{"index":"noindex","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"og_locale":"en_US","og_type":"article","og_title":"Threat model - Nextcloud","og_description":"[vc_row][vc_column][vc_column_text][\/vc_column_text][\/vc_column][\/vc_row][vc_section][vc_row equal_height=”yes” css=”.vc_custom_1662476609904{margin-bottom: 2rem !important;}”][vc_column][vc_column_text css=”.vc_custom_1665128736737{margin-bottom: 2rem !important;}”] Security overview\u00a0\u00a0|\u00a0\u00a0Security Advisories [\/vc_column_text][\/vc_column][vc_column width=”1\/2″][vc_icon icon_fontawesome=”fas fa-user-lock” color=”custom” size=”lg” custom_color=”#0082c9″ css=”.vc_custom_1662476966895{margin-bottom: 15px !important;}”][vc_column_text] Administrator privileges [\/vc_column_text][vc_column_text] We consider Nextcloud administrators ultimately trusted. It is for example expected behavior that a Nextcloud administrator can execute arbitrary code. [\/vc_column_text][\/vc_column][vc_column width=”1\/2″][vc_icon icon_fontawesome=”fas fa-cogs” color=”custom” size=”lg” custom_color=”#0082c9″ css=”.vc_custom_1662530600195{margin-bottom: 15px !important;}”][vc_column_text] Denial […]","og_url":"https:\/\/staging.nextcloud.com\/security\/threat-model\/","og_site_name":"Nextcloud","article_publisher":"https:\/\/www.facebook.com\/Nextclouders\/","article_modified_time":"2022-10-07T07:45:31+00:00","og_image":[{"width":1920,"height":1000,"url":"https:\/\/staging.nextcloud.com\/wp-content\/uploads\/2022\/04\/mobileDesktop-4.png","type":"image\/png"}],"twitter_card":"summary_large_image","twitter_site":"@nextclouders","twitter_misc":{"Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/staging.nextcloud.com\/security\/threat-model\/","url":"https:\/\/staging.nextcloud.com\/security\/threat-model\/","name":"Threat model - Nextcloud","isPartOf":{"@id":"https:\/\/staging.nextcloud.com\/#website"},"datePublished":"2022-09-07T07:51:07+00:00","dateModified":"2022-10-07T07:45:31+00:00","breadcrumb":{"@id":"https:\/\/staging.nextcloud.com\/security\/threat-model\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/staging.nextcloud.com\/security\/threat-model\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/staging.nextcloud.com\/security\/threat-model\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/staging.nextcloud.com\/"},{"@type":"ListItem","position":2,"name":"Security","item":"https:\/\/staging.nextcloud.com\/security\/"},{"@type":"ListItem","position":3,"name":"Threat model"}]},{"@type":"WebSite","@id":"https:\/\/staging.nextcloud.com\/#website","url":"https:\/\/staging.nextcloud.com\/","name":"Nextcloud","description":"Regain control over your data","publisher":{"@id":"https:\/\/staging.nextcloud.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/staging.nextcloud.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/staging.nextcloud.com\/#organization","name":"Nextcloud","url":"https:\/\/staging.nextcloud.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/staging.nextcloud.com\/#\/schema\/logo\/image\/","url":"https:\/\/staging.nextcloud.com\/wp-content\/uploads\/2023\/02\/logo_nextcloud_white.svg","contentUrl":"https:\/\/staging.nextcloud.com\/wp-content\/uploads\/2023\/02\/logo_nextcloud_white.svg","caption":"Nextcloud"},"image":{"@id":"https:\/\/staging.nextcloud.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/Nextclouders\/","https:\/\/x.com\/nextclouders","https:\/\/www.linkedin.com\/company\/10827569\/","https:\/\/youtube.com\/nextcloud","https:\/\/www.instagram.com\/nextclouders\/"]}]}},"_links":{"self":[{"href":"https:\/\/staging.nextcloud.com\/wp-json\/wp\/v2\/pages\/56441","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/staging.nextcloud.com\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/staging.nextcloud.com\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/staging.nextcloud.com\/wp-json\/wp\/v2\/users\/26"}],"replies":[{"embeddable":true,"href":"https:\/\/staging.nextcloud.com\/wp-json\/wp\/v2\/comments?post=56441"}],"version-history":[{"count":33,"href":"https:\/\/staging.nextcloud.com\/wp-json\/wp\/v2\/pages\/56441\/revisions"}],"predecessor-version":[{"id":67303,"href":"https:\/\/staging.nextcloud.com\/wp-json\/wp\/v2\/pages\/56441\/revisions\/67303"}],"up":[{"embeddable":true,"href":"https:\/\/staging.nextcloud.com\/wp-json\/wp\/v2\/pages\/2255"}],"wp:attachment":[{"href":"https:\/\/staging.nextcloud.com\/wp-json\/wp\/v2\/media?parent=56441"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}