Hi jim, you could use together the couchdb vhosts feature and _rewrite of design documents, and allow requests with a specific host header only, by using a proxy(like haproxy) in front of couchdb as a kind of firewall.
This will allow then to use an empty rewrites.json file to completely forbid access, while you can add more rules to increasingly unlock access to your app features/data. This approach is used by smileupps apps and chatty tutorial https://www.smileupps.com/couchapp-tutorial-chatty https://www.smileupps.com/couchapp-tutorial-chatty-couchapp-design Hope this helps Hi, It is possible to disable the "_all_docs" feature by editing the local.ini and entering the following - [httpd_db_handlers] _all_docs = However, I then realised that a user could basically get a full listing of all documents by requesting _changes. So, I now use - [httpd_db_handlers] _all_docs = _changes = Do I need to close anything else off if I want to prevent a particular user from seeing a list of all documents? Also - is it possible to do disable _all_docs/ and _changes for only specific databases? I would still like the admin to use _all_docs/ and _changes Thanks
