Configure read-only web interface (prevent uploads)

I’d like to turn off the ability to upload images using the web interface.

Is there a configuration setting for making the web interface as read-only? Is there a setting somewhere for this? Or perhaps a way to turn off particular pages in the web interface?

One possibility would be to use the LUA hook, IncomingHttpRequestFilter, to catch the upload and reject it. However, if there is a configuration setting I could change to turn of the upload page, that would be easier.

In our use case, we have two Orthancs running, a private one for uploading data to be anonymized and a second more publicly accessible Orthanc for providing the anonymized data for download. I want to avoid users accidentally uploading non-anonymized data to the public Orthanc.

Thanks for suggestions,

Hi John,

As far as I know, it is not possible.

However, you can turn off PUT/POST/DELETE http requests using a reverse proxy. Depending on your current setup, this solution may be a bit easier to implement than an LUA script.
You can check as a starting point.


Thanks Thibault.

I was able to implement a solution using the AllowMethods control within the Apache configuration file for our reverse proxy. Orthanc handled the denied methods gracefully, generating a simple error response for the user.