Hello, I have own server with JIRA. On the server through the DNS server, I have redirected several domains, e.g a.com/b.com/c.com
For each domain, upon entering port 8080 receives a login panel. How to allow entry only from a.com:8080. For b.com:8080 and c.com:8080 domains there would be an error, page does not exist or anything.
As I understand, the usual white list of this does not work because I do not have any address outside attlassian.com and on my JIRA I can get from any domain.
Is there some reason you want to leave the current DNS entries in tact?
If not, then the easiest solution would be to simply change the DNS lookup for b.com and c.com to be some other address.
If there is some reason for these DNS entries in place, then there is a problem here. Because JIRA is hosting the site by default to all network interfaces of that server. But even then, if all of these domains are referring to the same IP address, there isn't a clear way to do this kind of blocking within JIRA itself or the Apache Tomcat instance running the webservice for JIRA.
You can configure Apache Tomcat's connector in the server.xml file to contain an 'address' parameter, explained in Apache Tomcat 8 Configuration Reference But this is really only helpful if your JIRA server has multiple network interfaces and you want to single out one of these where the site can be reached. If this is the case, then you might be able to use this parameter to only have jira listen to the address where a.com refers to, and then instead have b.com and c.com refer to a different network address for that server.
Otherwise, I don't see a way to do this on the system without some fancy traffic filtering, which would be largely depending upon the operating system you are using for the JIRA server.
Putting a reverse proxy in front of JIRA another way to filter the traffic to that specific domain to a specific address/port where JIRA is running. But even this method would still require you to change the port/address that JIRA's tomcat is running on and/or the DNS address where these requests are being sent to. Most reverse proxies can be configured to accept traffic requests on one port and in turn redirect this traffic to another address/port in a way that is seemless to the end user. So this could be used only redirect requests made to a specific domain.
Configure virtual hosts using mod_proxy actually has a section on this in that KB. In that setup you can specify the 'ServerName' parameter to be a specific domain. Using that setup you then direct the traffic to a.com to the reverse proxy instead. From there that proxy can redirect that traffic to the address/port JIRA is hosted on.
...PermissionsStartOnly=true User=www-data Group=www-data ExecStart=/opt/jira/bin/startup.sh ExecStop=/opt/jira/bin/shutdown.sh TimeoutStartSec=120 TimeoutStopSec=600 PrivateTmp=true [Install] WantedBy...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs