It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Firewall permissions for Confluence

I work in security and someone has put in a change request for a new Confluence server that IT is deploying.

They want to allow the Confluence server to access the entire internet on ports 80 and 443.  (this is not putting the Confluence server ON the internet, but rather letting Confluence out to access the internet itself.)

Any idea why this is necessary?  Does Confluence need to call home?  If so, what is the subnet(s) it needs access to?

1 answer

0 votes
Daniel_Eads Atlassian Team Aug 30, 2019

Hey Nicholas, welcome and thanks for checking in!

There are a few things in Confluence that will want to reach out to the internet:

  1. We collect some usage analytics about how you've deployed Confluence - details on that here. You have the option of turning this off within Confluence's interface. Disabling the usage analytics or not opening ports for the data won't cause any adverse effects for you.
  2. The Marketplace (plugins/apps/add-ons) needs internet for various things; for browsing and installing plugins from within Confluence, checking for plugin updates, and sending usage metrics to the vendors of the plugins you're using. We've got lots of details on that usage here, as well as the addresses we use. It's possible to install plugins manually (download to your local computer first, then upload to Confluence Server) but you'll also have to manage updates to those plugins manually.
  3. Our Support Tools plugin will query confluence.atlassian.com from time to time to let you know if there are things like critical security advisories for your particular Confluence version. It also needs outbound connectivity if you want to create a support ticket from within Confluence's interface.
  4. It's possible (depending on what plugins you've installed) that some add-ons/plugins might want to fetch resources from the internet or save data there. This is highly dependent on the vendor - for example Lucidchart Diagrams requires an outbound internet connection; they have a separate version of their plugin specifically for firewalled Confluence instances.

So overall it's definitely possible to run Confluence without outbound internet access, but it will make the life of any application administrators a little easier if the box can reach out to Atlassian services.

Cheers,
Daniel

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Posted in Confluence

How is your team having fun and bonding, remotely, utilizing Confluence?

Thanks everyone for answering last week’s question. The winner of the random drawing from those who commented is: @LarryBrock I’ll contact you separately with your prize details. This wee...

327 views 9 7
Join discussion

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you