Can Confluence be configured to disallow users from making personal spaces available anonymously?

We are a very secure company.  It worries us that users can set their personal spaces to be viewed by literally anyone.  Can we restrict that ability without having to remove anonymous access to Confluence entirely?

3 answers

I don't believe this is possible through configuration - as you have probably already found, a user always has full space permissions in their personal space, even if you try to remove them.

However, if you are using Confluence server, you could try adding some javascript to the Custom HTML option in Confluence administration that hides the Anonymous Access permissions table when ever someone tries to edit the space permissions in a personal space.

This wouldn't remove the functionality, but would make it harder to change.

It is NOT a secure solution, but it helps to hide "Anonymous Access" settings from users.

Add this script to the Custom HTML "At end of the HEAD" section:

AJS.toInit(function ($){
  AJS.$("#aPermissionsTable input").attr('checked', false);

To limit to personal spaces, you could also add a check to see if there is an ~ in the space name.

0 votes

Maybe more of a question - why would you have anonymous on as being a secure company?  My presumption reading that would be that you'd force logins.

I have seen companies setup a separate confluence instance for anonymous to ensure there is no bleed from their secure instance.  Perhaps that might be a strategy to adopt in your case.  Then you could use Comala Remote Publishing to sync anything you need in both spaces.

Because some small parts of the system are not secure.  NOT the personal pages :)

Separate Confluence means many more dolla dolla bills, y'all.

Sometimes I feel like Atlassian assumes we all have bottomless pockets.

Depends on how you setup the other instance.  You need licenses for people to do things, not for anonymous people to read things.

Price for security at hand these days - separate instance - firewalled completely off, 100%.. take the small licensing fee vs the large exposure.  

Manage the risk.

@Gregory Van Den Ham exactly - risk isn't absolute.

@Robert Horan have you checked Atlassian's JIRA to see if anyone has raised this as an enhancement before? And if not, have you requested it?

I have not.  To be honest I'm just starting out with Confluence.

Ann Worley Atlassian Team Nov 13, 2017

Hi there, Robert. Happy to hear you are getting started with Confluence.

There is a ticket open as James mentioned:

Add ability to disable anonymous access in the space permissions

The use case in the description is a little different from yours so I added a link to your post in a private comment. The issue is public facing so you may add a comment as well if you like, or vote on the ticket. Either commenting or voting will add you as a watcher to the ticket so you will be notified when it is updated.

Suggest an answer

Log in or Sign up to answer
Community showcase
Published Tuesday in Confluence

Confluence Admin Certification now $150 for Community Members

More and more people are building their careers with Atlassian, and we want you to be at the front of this wave! Important Dates Start the Certification Prep Course by 2 April 2019 Take your e...

212 views 2 10
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you