Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,465,895
Community Members
 
Community Events
176
Community Groups

Knowledge Base/Space access - public vs. private

Here's the issue...

We have quite a few Confluence Knowledge Bases/spaces. Some are private and users need special permissions to access; but many are not locked down and can be viewed by anyone in the company.

I’m told that we need to externalize these Knowledge Bases/spaces that are available to most employees.  They would need to be accessible to the company, but not the public.

The private KBs/spaces can remain private and accessible only to licensed users.

 How can I make that happen?

1 answer

0 votes

Hi @MollyW ,

What do you mean by externalize?

Do you consider migrating to cloud?

That's the word given to me in the instructions to find the answer. I would assume it means to make it outside of our firewall and not requiring an account/license to login and access.

We have not moved to the cloud yet no - but will be doing so later this year, I believe.

So you want to move the confluence to somewhere outside the firewall (but not yet into cloud) and the public spaces should sill only be accessible only for the company?

Why do you do that, doesn't make so much sense to me at first glance. 

Or should the public spaces be public to everyone? Then you can just move to a server outside your firewall to achieve that.

If it is in preparation of your cloud migration, and you don't want to license everybody in the company but want the public spaces only be accessible for your company, you can use the premium plan. There is a feature called IP Allowlisting, where you can define, which IP(ranges) can access the Confluence. 

Essentially, yes- the public spaces should be accessible to everyone in the company. The private areas would be for licensed users only.

Though if we move them to a server outside of our firewall - essentially wouldn't we have two versions of Confluence running at the same time (on two different servers)?

In this case, no. This has nothing do with preparation for cloud migration.

If you want to run two instances of confluence, you can do so, but you need a license for each one.

But why do you want to.move outside the firewall if access should be limited to the company.

I believe it's a license issue. For awhile now we had quite a few of the KBs/spaces outside of our firewall and were publicly accessible. This created a security issue with some of the documents we had out there. Thus, we moved them all behind the firewall. However, now we have hundreds of employees who could no longer access the content. I've had to add quite a few users (and many more are coming). It was suggested that there could be a way to keep part of the content available to all employees without needing additional licenses while keeping part of the content secure where users would need a license and a login to view.

I'm still not sure if I got it right, but if you just leave your confluence behind the firewall, in general only employees of your company can reach it, right?

So you can just turn on anonymous access to the public spaces.  Then everyone who can reach confluence can access this space without  license. 

Only users that should access the private spaces need a license.

If you move outside the firewall, you can do the same, but then everyone in the internet will be able to access that spaces. So you need something (like a firewall) to block access to all users that should not access the confluence. 

So I'm still not sure why you want to move outside the firewall. 

That's what I'm hoping to find out how to do (or if I can do it). I've seen the "anonymous access" help desk article, but it doesn't make any sense. If that's the solution, great - but I don't know.

Yes, anonymous access allows everyone who can access the confluence to see the pages without logging in. 

This article describes how to set it up.

https://confluence.atlassian.com/doc/setting-up-public-access-156.html

Thanks again (and I apologize for the delayed response). I figured out how to allow ANONYMOUS ACCESS. Question: does setting a space or Knowledge Base as "Anonymous Access", is that essentially the same as making it PUBLIC? 

Granted any sensitive documents would remain hidden and require a login, but at the same time - there's a concern that other content could be seen by non-employees and/or others we don't want to have access. 

What sort of protection does ANONYMOUS ACCESS provide (if any)?

Don't worry, you're welcome. 

If you give anonymous access, anyone who can access the Confluence, can access that space. There is no protection from Confluence side.

But you can use page restrictions (the lock on the top of the page) to limit access to specific pages.

But if you are behind your firewall and Confluence is only available from your internal network, anonymous access will allow only users from your company access to that space.

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
SERVER
VERSION
7.13.8
TAGS

Atlassian Community Events