I implemented https using a solution posted in Community, but the Confluence can still be accessed using port 8090.
<Connector acceptCount="100" connectionTimeout="20000" disableUploadTimeout="true"
enableLookups="false" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" port="8090"
protocol="HTTP/1.1" redirectPort="8443" useBodyEncodingForURI="true"
scheme="https" proxyName="confluence.ourcompany.com" proxyPort="443"/>
We are using an F5 redirect to port 8090. How can we implement https without allowing access via port 8090?
Hi @Joe Budzowski
I hope you are well.
Based on your description you are offloading SSL on the F5 load balancer.
Therefore, any connection from F5 to the Confluence server is made over HTTP.
In this case, you still need to allow HTTP connections when the source is your F5 load balancer servers, and may want to block anything from other sources, such as users' computers.
You may need to use some external solution to administer this requirement, such as iptables on Linux.
With iptables you would be able to allow access to the TCP port 8090 from F5 while blocking access from any other source.
You may also want to allow access from other specific sources, such as a jump server, for maintenance purposes.
Let me know if that makes sense to you.
Hello Confluence Community! What if i told you that you could have a healthier life and be 100% meet-less? This month, we're promoting a healthy, balanced work diet with Confluence. (Read m...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events