Is there a JIRA-specific security checklist published by Atlassian or a reliable organization?
Our JIRA instance runs behind Apache (reverse proxy) and is open to the public Internet.
As far as I know there isn't a official check lsit as such, there are few articles which address this issue.
You can have a look at following documentation https://confluence.atlassian.com/display/JIRA/Securing+JIRA+with+Apache+HTTP+Server
Also you should have a look at mod_security apache module .
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
We're bringing product updates and pro tips on teamwork to ten cities around the world.Save your spot