Even if you did this, Without checking I imagine it will require hacking at the core since I doubt we already have a config switch for this, People can still scrape the page or grab it via the API... As long as the person can see the page, they will be able to copy it... On Wed, Dec 26, 2012 at 11:25 AM, Al Johnson <alj62888(a)yahoo.com> wrote:

Thanks.  I need the API for backend processes, but I figure I could block public access to it's URL from Apache, although that's just a guess as I'm a novice. Al ________________________________ From: Matma Rex <matma.rex(a)gmail.com> To: MediaWiki announcements and site admin list <mediawiki-l(a)lists.wikimedia.org> Sent: Tuesday, December 25, 2012 6:35 PM Subject: Re: [MediaWiki-l] Can I turn-off wiki exports? According to https://www.mediawiki.org/wiki/Export#Stopping_the_export_of_your_Mediawiki you can disable Special:Export (see code snippet there – no core hacking needed), but the functionality will still be available via the API. --Matma Rex _______________________________________________ MediaWiki-l mailing list MediaWiki-l(a)lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-l

That sure does Jeff.  Have a happy New Year.  -al ________________________________ From: Jeffrey T. Darlington <jeff(a)gpf-comics.com> To: Al Johnson <alj62888(a)yahoo.com>om>; MediaWiki announcements and site admin list <mediawiki-l(a)lists.wikimedia.org> Sent: Tuesday, December 25, 2012 8:05 PM Subject: Re: [MediaWiki-l] Can I turn-off wiki exports? -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 12/25/2012 9:04 PM, Al Johnson wrote: There are a number of ways to restrict access.  Personally, I use Apache's mod_rewrite, mostly because I have a lot of other rules already in place.  There are probably more efficient, lighter-weight methods you could use. To restrict access to the API to a hard-coded list of IPs, you could do something like the following.  Assuming you which to provide API access to your local LAN with a Class C subnet of 192.168.1.x and you have automated jobs on the same box using the loopback address, the following will allow those IPs but block everyone else: RewriteCond %{REMOTE_ADDR}    !^192\.168\.1\.  # If not Local LAN IPs RewriteCond %{REMOTE_ADDR}    !^127\.0\.0\.1$  # If not loopback RewriteRule ^/wikix?/api\.php  -        [F,L]  # Forbid everyone else The following politely redirects all requests for Special:Export back to the wiki's root (main page), rather than sending a forbidden error. Note that (a) in this example, I'm using the "Short URL" setup where /wiki is the short path and /wikix is the raw path; (b) the first rule performs the redirect for the short URL; and (c) the second and third lines perform the raw URL redirect, which requires poking around on the query string. RewriteRule ^/wiki/Special:Export  /wiki/  [R=permanent,L] RewriteCond %{QUERY_STRING}        Special:Export RewriteRule ^/wikix/.*            /wiki/  [R=permanent,L] These can be prefaced with RewriteCond lines that can perform IP or other forms of filtering as well. Of course, as previously stated, as long as the wiki is publicly accessible you can't stop scraping of the final rendered HTML.  These just block API access and the built-in export mechanism. Hope that helps... - -- Jeffrey T. Darlington General Protection Fault http://www.gpf-comics.com/