Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Can Confluence be configured to disallow users from making personal spaces available anonymously?

Rob Horan
Rob Horan
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
October 20, 2017

We are a very secure company.  It worries us that users can set their personal spaces to be viewed by literally anyone.  Can we restrict that ability without having to remove anonymous access to Confluence entirely?

Answer
Watch
Like Be the first to like this
1214 views

3 answers

0 votes
Gregory Van Den Ham
Gregory Van Den Ham
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
October 21, 2017

Maybe more of a question - why would you have anonymous on as being a secure company?  My presumption reading that would be that you'd force logins.

I have seen companies setup a separate confluence instance for anonymous to ensure there is no bleed from their secure instance.  Perhaps that might be a strategy to adopt in your case.  Then you could use Comala Remote Publishing to sync anything you need in both spaces.

View More Comments
Rob Horan
Rob Horan
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
October 23, 2017

Because some small parts of the system are not secure.  NOT the personal pages :)

Separate Confluence means many more dolla dolla bills, y'all.

Sometimes I feel like Atlassian assumes we all have bottomless pockets.

Like
Gregory Van Den Ham
Gregory Van Den Ham
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
October 23, 2017

Depends on how you setup the other instance.  You need licenses for people to do things, not for anonymous people to read things.

Price for security at hand these days - separate instance - firewalled completely off, 100%.. take the small licensing fee vs the large exposure.  

Manage the risk.

Like
James Dellow
James Dellow
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
October 23, 2017

@Gregory Van Den Ham exactly - risk isn't absolute.

@Rob Horan have you checked Atlassian's JIRA to see if anyone has raised this as an enhancement before? And if not, have you requested it?

Like
Rob Horan
Rob Horan
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
November 9, 2017

I have not.  To be honest I'm just starting out with Confluence.

Like
AnnWorley
AnnWorley
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
November 13, 2017

Hi there, Robert. Happy to hear you are getting started with Confluence.

There is a ticket open as James mentioned:

Add ability to disable anonymous access in the space permissions

The use case in the description is a little different from yours so I added a link to your post in a private comment. The issue is public facing so you may add a comment as well if you like, or vote on the ticket. Either commenting or voting will add you as a watcher to the ticket so you will be notified when it is updated.

Like
Reply
0 votes
Gregor Kasmann_Actonic
Gregor Kasmann_Actonic
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
October 21, 2017

It is NOT a secure solution, but it helps to hide "Anonymous Access" settings from users.

Add this script to the Custom HTML "At end of the HEAD" section:

<script>
AJS.toInit(function ($){
  AJS.$("#aPermissionsTable input").attr('checked', false);
  AJS.$("#aPermissionsTable").hide(); 
});
</script>
View More Comments
James Dellow
James Dellow
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
October 23, 2017

To limit to personal spaces, you could also add a check to see if there is an ~ in the space name.

Like
Reply
0 votes
James Dellow
James Dellow
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
October 20, 2017

I don't believe this is possible through configuration - as you have probably already found, a user always has full space permissions in their personal space, even if you try to remove them.

However, if you are using Confluence server, you could try adding some javascript to the Custom HTML option in Confluence administration that hides the Anonymous Access permissions table when ever someone tries to edit the space permissions in a personal space.

This wouldn't remove the functionality, but would make it harder to change.

Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events