Can I block all forms of Anonymous Access to Private Spaces, regardless of any other configuration ?

Hi, thanks for the answer. I was actually thinking about something that would be a policy enforcement (and wouldn't need a process, a warning, nor any monitoring).

In fact, ideally, users should not be able to share their private profiles (or any page within it) with anybody outside of a specific group. Let's say that only "all-mycorp-colleagues" would be able to create and view Private Spaces and users from this group would only be able to add restrictions on their private pages; and *not* be able to broaden their audience (well, at least not without publishing into a dedicated Space that allows viewing from other audiences such as users registered to other groups, or even world-wide viewing).

I ask this because Management is concerned with Security -- eg. accidental sharing -- and would rather disable Private Spaces completely. Which is a shame.

(Deleted duplicate comment, see below).

(Deleted duplicate comment, see below).

Hi again,

I have a coupe sub-questions before I can close this topic.

In your answer, @Ismael Jimoh , I don't understand the sentence "Set default Global Space permissions that does not allow anonymous to access all spaces"; I am not sure where and I don't know how to do this.

1/ Where? => I assume that you meant the global "Default Space Permissions" (ie. https://MYCORPNAME.atlassian.net/wiki/admin/permissions/doeditdefaultspacepermissions.action ). That makes sense, ok.

2/ How? => I don't understand "how" because "Anonymous" isn't a group, and I don't see how could I create one like that. The only explanation is that this is already the default, in which case I don't understand why do you say that I have to do something about it.

2b/ Also the "view" setting, is for "All". As you can see on the screenshot below, there is no section "Private Spaces", let alone a setting for configuring who can "view" them.

BONUS QUESTION:

What is this group called "trusted-users-85aee5dc-aa8c-4e6d-86f9-69c7cf1c7e73" ?! It doesn't appear in the groups administration page...

ILLUSTRATION:

Cheers,
P.

Hi,

So currently, the default space permission does not allow anonymous users access. 

Meaning when a new space is created by default(including personal spaces), then Anonymous users should not be able to see the pages by default.

The problem is you still need to inform your users not to change the space permission for individual spaces they administrate(they have the permission to administrate their own spaces or any spaces they are granted admin privileges to).

Anonymous is default to confluence. It is in-built into the application to allow non-license holders to access contents that are shared with them by the Confluence admin. For example when using confluence as a knowledge base for a support system, you may want to set the space permission to allow anonymous users the ability to view certain pages that help them solve issues on their own.

Also remove from all spaces that you do not want anonymous access, any anonymous users.

The above can be found under Global Permission page. Just above the Space permission in the image you shared. You can also prevent anonymous users access entirely if need be from here as this is controlled by the Confluence Admin only.

Cheers.