Is it possible to Turn Off Public GET API

drlukeangel

Is there a way to turn off the GET API without a token?

PitaJ

Who do you want to restrict it from?

drlukeangel

I would like to block it from everyone. I don't want scrappers to have it be that easy i want them to have a bit of a challenge. ideally this would work on a token basis as the write api does. if i can't have that i would like to just be turned off

PitaJ

Unfortunately the "GET API" as you call it is integral to the functionality of NodeBB on the client-side. During the normal usage of NodeBB, it is constantly using the /api to load new pages, etc. It's not something that can be turned off, but it might be possible to restrict it to only accessible to users with a certain cookie. This doesn't currently exist, though.

You can open an issue on Github if you'd like this looked into further.