hasalaonline
commented
1 month ago Thanks for pointing that out! 🙌 I’ve implemented server-side rendering (SSR) for the Next.js route to address the issue and hide the actual API call from the client. This approach ensures that the Ghost CMS content API remains secure and prevents unauthorized access to the content.🔒
I think you have implement the Ghost CMS content API call in client side. Try server side rendering. Otherwise the content API is expose to public and anyone can build a website with connecting to your content API.
If you are going to implement the SSR then you have to rebuilt the website when you publish a new post and edit an existing post. You can trigger rebuilt with using webhooks.