Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Anonymous User can always edit / create

Philipp
Philipp March 3, 2021

Hi @ all,

i have a huge problem with permissions on anonymous users. We want to allow the read only options. It worked well, until now.

I really don't know why. We didn't changed anything. Curiously know every anonymous can create new pages and edit the old ones.

In my research i found something like:

Prevent anonymous Users from create 

First:

I can't find the demo space. I think its already deleted. :( Is there a way to find that out?

Second:

Anonymous permission problem 

If I found the default space or the first one with already be named to xxx. Is there a chance to move the whole blog from one space to another?

Thanks !!

our settings:

space:

space perm.jpg

global:

global perm.jpg

xo

Philipp
 

Answer
Watch
Like Be the first to like this
862 views

1 answer

0 votes
Fabienne Gerhard
Fabienne Gerhard
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
March 3, 2021

Hi @Philipp 

this is really strange - space settings are looking good. 

Maybe you wanna check out in admin space all space restrictions:

https://yourinstance/admin/permissions/viewdefaultspacepermissions.action

There you find the standard setting restrictions for all user groups and an overview of all spaces - hope this helps.

View More Comments
Philipp
Philipp March 3, 2021

thx for your advice :) unfortunately there are only settings for confluence users.

users perm.jpg

I can't pick a group like "anonymous". I've checked again every space for "anonymous write" option: always deactivated.

Like
Fabienne Gerhard
Fabienne Gerhard
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
March 3, 2021

Hmm, do you have the opportunity to get access as anonymous user? According to the other community entries the 'Create' Button should be there (which would be the only opportunity to create a page) 

Could you delete the 'xxx' space which is your default space?

Like
Philipp
Philipp March 3, 2021

yes, already testing as anonymous user on different browsers. All functions as anonmous user are as aspected except the option "write".

As anonymous user i was able to edit one space, too. So I was wondering why? I identified that there was a new space i didn't realized on the first check.

On this space the writing was enabled for anonymous users!

After deactivating the create button was hidden again for every space! So maybe its a bug that one space permission overwrite all other permissions from different spaces.

thats a little bit crazy but good to know.

Now the shortcut key "c" ist also without function. Great :)

Thanks for supporting, may this information help someone else, too.

Like Fabienne Gerhard likes this
Fabienne Gerhard
Fabienne Gerhard
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
March 3, 2021

This is absolutly crazy! (I mean this overwriting thing - not that you found a solution :) )

Which server version are you running? Would be great to add this too so that it might help others. Thanks for sharing 👍

Like
Philipp
Philipp March 3, 2021

of course, we are running confluence server 7.5.0 build 8501 :)

Like Fabienne Gerhard likes this
Matt Reiner _K15t_
Matt Reiner _K15t_
Marketplace Partner
Marketplace Partners provide apps and integrations available on the Atlassian Marketplace that extend the power of Atlassian products.
March 4, 2021

Wow, this is really strange, because this is absolutely not the way Confluence should work. And no just because of the permissions violation issue, but also because Atlassian doesn't allow non-users to create content in Confluence. You need a user account, so there is record of who created the page.

When you create a page as an anonymous user, what's listed under "created by" on the page?

Like
Philipp
Philipp March 4, 2021

Hi Matt,

it was mind changing, cause its a high security risk "failure". We'll going to check this part as a standard routine from time to time.

We are using the german language package, so: "created by Anonym"

Like
Fabienne Gerhard
Fabienne Gerhard
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
March 4, 2021

Hi @Matt Reiner _K15t_ 

that's not right what you're saying - looking at the space permission settings Confluence absolutly allows any kind of creating content by anonymous users (if this is useful and good is another thing and as mentioned there, Atlassian recommends to restrict this to view and comment)

But as @Philipp already showed there seems to be some kind of issue with default space and in his case a new space and the settings that were made there which seemed to overwrite the settings. 

Like
Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events