diff --git a/app/controllers/posts_controller.rb b/app/controllers/posts_controller.rb
index e1b137b..d8914bc 100644
--- a/app/controllers/posts_controller.rb
+++ b/app/controllers/posts_controller.rb
@@ -1,15 +1,20 @@
 class PostsController < ApplicationController
+  include Pundit
   before_action :authenticate!
 
   def index
     @site     = find_site
+    authorize @site
     @lang     = find_lang(@site)
     @category = session[:category] = params.dig(:category)
-    @posts    = @site.posts_for(@lang)
+    @posts    = policy_scope(@site.posts_for(@lang), policy_scope_class: PostPolicy::Scope)
 
     if params[:sort_by].present?
-      @posts.sort_by! do |p|
-        p.send(params[:sort_by].to_s)
+      begin
+        @posts.sort_by! do |p|
+          p.send(params[:sort_by].to_s)
+        end
+      rescue ArgumentError
       end
     end
   end
diff --git a/app/models/post.rb b/app/models/post.rb
index 01ea00a..f921533 100644
--- a/app/models/post.rb
+++ b/app/models/post.rb
@@ -135,6 +135,10 @@ class Post
     get_front_matter 'title'
   end
 
+  def author
+    get_front_matter 'author'
+  end
+
   def date
     get_front_matter 'date'
   end
diff --git a/app/policies/sutty_policy.rb b/app/policies/sutty_policy.rb
index 620dc2f..4ca31a4 100644
--- a/app/policies/sutty_policy.rb
+++ b/app/policies/sutty_policy.rb
@@ -8,4 +8,13 @@ class SuttyPolicy
   def usuaria?
     usuarix.is_a? Usuaria
   end
+
+  class Scope < SuttyPolicy
+    attr_reader :scope
+
+    def initialize(usuarix, scope)
+      @usuarix = usuarix
+      @scope = scope
+    end
+  end
 end