So, I guess that means disabling the functionality behind the Special:Export page along with removing the page itself.
Thanks, Al
Old way of thinking I guess.
________________________________ From: Platonides Platonides@gmail.com To: mediawiki-l@lists.wikimedia.org Sent: Monday, December 24, 2012 6:00 PM Subject: Re: [MediaWiki-l] Can I turn-off wiki exports?
On 24/12/12 02:36, Al Johnson wrote:
So, I guess that means disabling the functionality behind the Special:Export page along with removing the page itself.
Thanks, Al
Why do you want to do so?
_______________________________________________ MediaWiki-l mailing list MediaWiki-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
Even if you did this, Without checking I imagine it will require hacking at the core since I doubt we already have a config switch for this, People can still scrape the page or grab it via the API...
As long as the person can see the page, they will be able to copy it...
On Wed, Dec 26, 2012 at 11:25 AM, Al Johnson alj62888@yahoo.com wrote:
Old way of thinking I guess.
From: Platonides Platonides@gmail.com To: mediawiki-l@lists.wikimedia.org Sent: Monday, December 24, 2012 6:00 PM Subject: Re: [MediaWiki-l] Can I turn-off wiki exports?
On 24/12/12 02:36, Al Johnson wrote:
So, I guess that means disabling the functionality behind the Special:Export page along with removing the page itself.
Thanks, Al
Why do you want to do so?
MediaWiki-l mailing list MediaWiki-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-l _______________________________________________ MediaWiki-l mailing list MediaWiki-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
According to https://www.mediawiki.org/wiki/Export#Stopping_the_export_of_your_Mediawiki you can disable Special:Export (see code snippet there – no core hacking needed), but the functionality will still be available via the API.
Thanks. I need the API for backend processes, but I figure I could block public access to it's URL from Apache, although that's just a guess as I'm a novice.
Al
________________________________ From: Matma Rex matma.rex@gmail.com To: MediaWiki announcements and site admin list mediawiki-l@lists.wikimedia.org Sent: Tuesday, December 25, 2012 6:35 PM Subject: Re: [MediaWiki-l] Can I turn-off wiki exports?
According to https://www.mediawiki.org/wiki/Export#Stopping_the_export_of_your_Mediawiki you can disable Special:Export (see code snippet there – no core hacking needed), but the functionality will still be available via the API.
--Matma Rex
_______________________________________________ MediaWiki-l mailing list MediaWiki-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 12/25/2012 9:04 PM, Al Johnson wrote:
Thanks. I need the API for backend processes, but I figure I could block public access to it's URL from Apache, although that's just a guess as I'm a novice.
There are a number of ways to restrict access. Personally, I use Apache's mod_rewrite, mostly because I have a lot of other rules already in place. There are probably more efficient, lighter-weight methods you could use.
To restrict access to the API to a hard-coded list of IPs, you could do something like the following. Assuming you which to provide API access to your local LAN with a Class C subnet of 192.168.1.x and you have automated jobs on the same box using the loopback address, the following will allow those IPs but block everyone else:
RewriteCond %{REMOTE_ADDR} !^192.168.1. # If not Local LAN IPs RewriteCond %{REMOTE_ADDR} !^127.0.0.1$ # If not loopback RewriteRule ^/wikix?/api.php - [F,L] # Forbid everyone else
The following politely redirects all requests for Special:Export back to the wiki's root (main page), rather than sending a forbidden error. Note that (a) in this example, I'm using the "Short URL" setup where /wiki is the short path and /wikix is the raw path; (b) the first rule performs the redirect for the short URL; and (c) the second and third lines perform the raw URL redirect, which requires poking around on the query string.
RewriteRule ^/wiki/Special:Export /wiki/ [R=permanent,L] RewriteCond %{QUERY_STRING} Special:Export RewriteRule ^/wikix/.* /wiki/ [R=permanent,L]
These can be prefaced with RewriteCond lines that can perform IP or other forms of filtering as well.
Of course, as previously stated, as long as the wiki is publicly accessible you can't stop scraping of the final rendered HTML. These just block API access and the built-in export mechanism.
Hope that helps...
- --
Jeffrey T. Darlington General Protection Fault http://www.gpf-comics.com/
That sure does Jeff. Have a happy New Year. -al
________________________________ From: Jeffrey T. Darlington jeff@gpf-comics.com To: Al Johnson alj62888@yahoo.com; MediaWiki announcements and site admin list mediawiki-l@lists.wikimedia.org Sent: Tuesday, December 25, 2012 8:05 PM Subject: Re: [MediaWiki-l] Can I turn-off wiki exports?
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 12/25/2012 9:04 PM, Al Johnson wrote:
Thanks. I need the API for backend processes, but I figure I could block public access to it's URL from Apache, although that's just a guess as I'm a novice.
There are a number of ways to restrict access. Personally, I use Apache's mod_rewrite, mostly because I have a lot of other rules already in place. There are probably more efficient, lighter-weight methods you could use.
To restrict access to the API to a hard-coded list of IPs, you could do something like the following. Assuming you which to provide API access to your local LAN with a Class C subnet of 192.168.1.x and you have automated jobs on the same box using the loopback address, the following will allow those IPs but block everyone else:
RewriteCond %{REMOTE_ADDR} !^192.168.1. # If not Local LAN IPs RewriteCond %{REMOTE_ADDR} !^127.0.0.1$ # If not loopback RewriteRule ^/wikix?/api.php - [F,L] # Forbid everyone else
The following politely redirects all requests for Special:Export back to the wiki's root (main page), rather than sending a forbidden error. Note that (a) in this example, I'm using the "Short URL" setup where /wiki is the short path and /wikix is the raw path; (b) the first rule performs the redirect for the short URL; and (c) the second and third lines perform the raw URL redirect, which requires poking around on the query string.
RewriteRule ^/wiki/Special:Export /wiki/ [R=permanent,L] RewriteCond %{QUERY_STRING} Special:Export RewriteRule ^/wikix/.* /wiki/ [R=permanent,L]
These can be prefaced with RewriteCond lines that can perform IP or other forms of filtering as well.
Of course, as previously stated, as long as the wiki is publicly accessible you can't stop scraping of the final rendered HTML. These just block API access and the built-in export mechanism.
Hope that helps...
- --
Jeffrey T. Darlington General Protection Fault http://www.gpf-comics.com/
On 26/12/12 04:05, Jeffrey T. Darlington wrote:
The following politely redirects all requests for Special:Export back to the wiki's root (main page), rather than sending a forbidden error. Note that (a) in this example, I'm using the "Short URL" setup where /wiki is the short path and /wikix is the raw path; (b) the first rule performs the redirect for the short URL; and (c) the second and third lines perform the raw URL redirect, which requires poking around on the query string.
RewriteRule ^/wiki/Special:Export /wiki/ [R=permanent,L] RewriteCond %{QUERY_STRING} Special:Export RewriteRule ^/wikix/.* /wiki/ [R=permanent,L]
This won't stop someone from accessing localized URL of Special:Export.
mediawiki-l@lists.wikimedia.org