Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Is there a guide on how to safely expose Jira Server through firewall?

Isaiah
Isaiah October 5, 2016

I have JIRA Server running behind my firewall on my dev machine and need to expose it to my co-workers so they can log-in without being on a VPN or having to use JIRA On Demand since we need other tools that aren't On Demand like Bamboo and Crucible. I have read that you can use Apache as a reverse proxy to forward requests to JIRA on Tomcat, but is this all you need to safely expose JIRA to the outside world? Seems exposing Apache on port 80 has its own list of security implicaitons. Therefore, seems there should be some sort of guide or blog on how to expose JIRA safely because I thought it was generally a bad idea to expose anything on Port 80, even if Apache is being used as a proxy. 

As an aside, I work for a company whose developers are all distributed and work at home. We don't have a central office and would need to have access to JIRA hosted on one a machine at someone's residence but exposed to the internet. Otherwise, JIRA Server and other Server products seem to only be fit for those companies where everyone can be on the same LAN or VPN or have personnel that really know what they are doing.

Answer
Watch
Like Be the first to like this
894 views

1 answer

0 votes
Joe Pitt
Joe Pitt
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
October 6, 2016

This is really more of a question for your network team. It should be treated like any other application. I would at least use SSL and don't put it in Public mode.

View More Comments
Isaiah
Isaiah October 6, 2016

Being a small company with only 8 developers, we don't have a network team or group of sys-admins. Just developers and a few, application specific IT people that don't know much beyond supporting our software.

Like
Joe Pitt
Joe Pitt
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
October 6, 2016

To expose it to the outside you need to get the IP address entered in a public facing DNS site. that entry usually points to a server in the DMZ that may host JIRA or passes the traffic to the server inside that does. As I said I would use SSL and make it private (don't allow people to directly sign up for IDs). You can get an SSL certificate from many places. One of the companies I worked for used GoDaddy. . As for the port, SSL uses 443. Or you can make it any port and then the DNS entry would include :xxxx where xxxx is the port to use. The user wouldn't put the port in, the DNS server would translate the URL to the IP address with the port.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events