Thread:Project:Support desk/API: Disable selected dangerous write actions

I have disabled editing for anons and use various anti-spam protections.

And I use $wgEnableWriteAPI = true because ajax watching is nice.

I find it somehow dangerous to have API actions like createaccount. I disabled it manually now in the core, but a proper way might be better?

Also, how does that work together with Extension:ConfirmEdit?