Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Restricting JIRA public signup due to spam

B_ Normann P_ Nielsen
B_ Normann P_ Nielsen
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
June 24, 2014

I seems our JIRA has been targeted for SPAM due to its "public" mode...

The https://jira.netic.dk/secure/Signup!default.jspaurl is redirected before the request getting to jira and I can see that no mail is comming in.

Anyway, the attacker creates several accounts a day, costing us 1 license each (unless I de-activate) the user. Going into private mode is not really an option.

Is there a way to disable/secure public signup and let it be allowed by mail only?

Answer
Watch
Like Be the first to like this
246 views

1 answer

0 votes
Andre Lehmann
Andre Lehmann
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
June 24, 2014

Hi Norman,

I thnk there is an option to add a CAPTCHA during registration.

Have a look at the configuration: URL/secure/admin/ViewApplicationProperties.jspa

Maybe that could help.

Kind regards
André

View More Comments
B_ Normann P_ Nielsen
B_ Normann P_ Nielsen
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
June 24, 2014

Thanks, the Capcha is on, but is seems that they are just entering the damn capcha manually (which I btw also see on my personal Confluence :-( )

Like
Ceki Gulcu
Ceki Gulcu March 13, 2023

We host our own Jira server and are having a similar problem with about 100'000 users who are bogus (very long user names, images, etc).  However, these users never log on. What could be the point of creating such users?

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events