The default is to let your users in, but "open to the public" suggests you or one of your admins has enabled anonymous access. Is that what you are seeing? People can see your issues in projects without having to log it at all?
If so, take a look at the permission schemes. Look at the "browse project" line, and I think you'll find it includes group:anyone - that needs to be removed.
I have multiple projects that use variations of the same base workflow. The variations depend on the requirements of the project or issue type. The variations mostly come in the form of new statuses ...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs