Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Making Jira available publicly, what should I do to secure it?

Mac_Attack
Mac_Attack
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
January 16, 2017

I want to expose JIRA to the internet, What steps should I take to properly secure it? I have it running on the same machine as confluence with a reverse proxy using nginx A request to JIRA from the internet would pas through to reverse proxies. I was going to add a DNS record to redirect mydomain/JIRA to a high numbered port and have nginx proxy that to the machine running JIRA and morph the url to jira.mydomain.

 

Auth for JIRA is through my AD as well.

Answer
Watch
Like Be the first to like this
256 views

1 answer

0 votes
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
January 16, 2017

Not an exhaustive list, but off the top of my head

  • Make sure you're on https, there's no question of that. 
  • If you allow sign-up, make sure you have "captcha" enabled (it's a compromised system, but still enough to dissuade a lot of simple attacks)
  • Check all your permission schemes for the use of the group "anyone", make sure it's appropriate, and never used for anything other than "browse project" (or you will be spammed)
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security