This page last changed on Jul 06, 2010 by alui.

Sites may wish to disable anonymous access to the remote API to make it harder for malicious users to write 'bots' that perform bulk changes to the site. If you wish to enable the Remote APIs but do not want anonymous users to access Confluence remotely, you can disable anonymous access from the Administration Console.

To disable anonymous access to Remote APIs,

  1. Go to the Confluence 'Administration Console'. To do this:

    • Open the 'Browse' menu and select 'Confluence Admin'. The 'Administrator Access' login screen will be displayed.
    • Enter your password and click 'Confirm'. You will be temporarily logged into a secure session to access the 'Administration Console'.
  2. Click 'Security Configuration' in the left panel. The 'Security Configuration' screen will be displayed.
  3. Click 'Edit'. The fields on the 'Security Configuration' screen will now be editable.
  4. Uncheck the 'Anonymous Access to API' checkbox.
  5. Click the 'Save' button.
RELATED TOPICS
Page: Excluding external referrers
Page: Adding SSL for Secure Logins and Page Security
Page: Hiding external referrers
Page: Managing External Referrers
Page: Ignoring External Referrers
Page: Hiding the People Directory
Page: Configuring Captcha for Spam Prevention
Page: Configuring the Administrator Contact Page
Page: Enabling or Disabling Public Signup
Page: Hiding External Links From Search Engines
Page: Configuring Captcha for Failed Logins
Page: User Email Visibility
Page: Anonymous Access to Remote API

Document generated by Confluence on Jul 09, 2010 01:08