This page last changed on Jul 06, 2010 by alui.

Sites may wish to disable anonymous access to the remote API to make it harder for malicious users to write 'bots' that perform bulk changes to the site. If you wish to enable the Remote APIs but do not want anonymous users to access Confluence remotely, you can disable anonymous access from the Administration Console.

To disable anonymous access to Remote APIs,

  1. Go to the Confluence 'Administration Console'. To do this:

    • Open the 'Browse' menu and select 'Confluence Admin'. The 'Administrator Access' login screen will be displayed.
    • Enter your password and click 'Confirm'. You will be temporarily logged into a secure session to access the 'Administration Console'.
  2. Click 'Security Configuration' in the left panel. The 'Security Configuration' screen will be displayed.
  3. Click 'Edit'. The fields on the 'Security Configuration' screen will now be editable.
  4. Uncheck the 'Anonymous Access to API' checkbox.
  5. Click the 'Save' button.
RELATED TOPICS
Page: User Email Visibility
Page: Configuring Captcha for Failed Logins
Page: Configuring Captcha for Spam Prevention
Page: Enabling or Disabling Public Signup
Page: Managing External Referrers
Page: Hiding external referrers
Page: Running Confluence Over SSL or HTTPS
Page: Hiding External Links From Search Engines
Page: Ignoring External Referrers
Page: Configuring the Administrator Contact Page
Page: Anonymous Access to Remote API
Page: Excluding external referrers
Page: Hiding the People Directory

Document generated by Confluence on Mar 16, 2011 18:30