Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Next challenges

Recent achievements

  • Global
  • Personal

Recognition

  • Give kudos
  • Received
  • Given

Leaderboard

  • Global

Trophy case

Kudos (beta program)

Kudos logo

You've been invited into the Kudos (beta program) private group. Chat with others in the program, or give feedback to Atlassian.

View group

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Firewall permissions for Confluence

I work in security and someone has put in a change request for a new Confluence server that IT is deploying.

They want to allow the Confluence server to access the entire internet on ports 80 and 443.  (this is not putting the Confluence server ON the internet, but rather letting Confluence out to access the internet itself.)

Any idea why this is necessary?  Does Confluence need to call home?  If so, what is the subnet(s) it needs access to?

1 answer

0 votes
Daniel Eads Atlassian Team Aug 30, 2019

Hey Nicholas, welcome and thanks for checking in!

There are a few things in Confluence that will want to reach out to the internet:

  1. We collect some usage analytics about how you've deployed Confluence - details on that here. You have the option of turning this off within Confluence's interface. Disabling the usage analytics or not opening ports for the data won't cause any adverse effects for you.
  2. The Marketplace (plugins/apps/add-ons) needs internet for various things; for browsing and installing plugins from within Confluence, checking for plugin updates, and sending usage metrics to the vendors of the plugins you're using. We've got lots of details on that usage here, as well as the addresses we use. It's possible to install plugins manually (download to your local computer first, then upload to Confluence Server) but you'll also have to manage updates to those plugins manually.
  3. Our Support Tools plugin will query confluence.atlassian.com from time to time to let you know if there are things like critical security advisories for your particular Confluence version. It also needs outbound connectivity if you want to create a support ticket from within Confluence's interface.
  4. It's possible (depending on what plugins you've installed) that some add-ons/plugins might want to fetch resources from the internet or save data there. This is highly dependent on the vendor - for example Lucidchart Diagrams requires an outbound internet connection; they have a separate version of their plugin specifically for firewalled Confluence instances.

So overall it's definitely possible to run Confluence without outbound internet access, but it will make the life of any application administrators a little easier if the box can reach out to Atlassian services.

Cheers,
Daniel

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Posted in Confluence

What do you think is the most *delightful* Confluence feature? Comment for a prize!

- Create your own custom emoji 🔥 - "Shake for Feedback" on mobile 📱 - An endless supply of GIFs via GIPHY 🤩 Is there anything quite as nice as a pleasant surprise? Comment below with what...

402 views 23 8
Join discussion

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you