Test major Koha Wiki changes or bug fixes here without fear of breaking the production wiki.
For the current Koha Wiki, visit https://wiki.koha-community.org .ILS-DI
ILS-DI is self-documenting, so in an installation where it is enabled, you can get some information about it at the URL:
http://koha-opac.example.org/cgi-bin/koha/ilsdi.pl
Because ILS-DI gives access to all your data (items, patrons...), it should be restricted by allowing IP in the admin interface and/or by disabling services via the server.
For Apache, these rules can be added to restrict public access only to the first and second levels of ILS-DI:
<IfModule mod_rewrite.c> # Rewrite Rules RewriteEngine On # Restricted ILS-DI Access RewriteCond %{QUERY_STRING} !(^($|(\??|(.*&))service=(Describe|GetAvailability|GetRecords|GetAuthorityRecords|AuthenticatePatron|HoldTitle))) RewriteRule ^/cgi-bin/koha/ilsdi\.pl$ - [R=403,L] </IfModule>
Because an IP can be easily spoofed, the second way is recommended.
Note: If you ever experience a 403 error when issuing an ILS-DI query, check the "service" parameter being passed against the list in the Apache snippet above, it may be that the method in the request isn't allowlisted in the Apache snippet.