Thread:Project:Support desk/Disable API access for external sites?/reply (5)

You could add a new virtual host to your apache configuration pointing to another webroot, copy your actual wiki into it (which will use the same database as your actual wiki) and activate API (and disable it on your actual, public wiki). Now add a htaccess and deny requests from all hosts, except localhost/127.0.0.1. Nevertheless: this seems to be an ugly workaround. I'm wondering, why you don't want to activate the API for all users? All, what you can do in the API can be done through the webinterface, too :)