Comment: Struggles

" a global parameter to block cross-authentication between servers "

Well, actually, this would be unnecessary effort. Cross-authentication requires you to explicitly list servers to which XML-RPC calls will be submitted.

Therefore to disable cross-authentication you just have to not enable it, and to ensure that no server profile has been checked for remote login authentication.

I am currently working on the other global parameter we talked about, to turn sites as read-only even to members. Keep posted...