Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

configure bamboo server to remove public facing settings

bobby dammu
bobby dammu
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
April 27, 2022

Hello,

Could you please help me with the following, 

How to configure bamboo server to remove public facing settings.

 

Thanks,

Bobby

Answer
Watch
Like Be the first to like this
487 views

1 answer

0 votes
Eduardo Alvarenga
Eduardo Alvarenga
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
April 27, 2022

Hello @bobby dammu

Can you please provide some context on "public facing settings"? What exactly are you trying to do/not do?

Regards,

Eduardo Alvarenga
Atlassian Support APAC

View More Comments
bobby dammu
bobby dammu
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
April 27, 2022

Thank you so much for the quick response.

Description:

Due to a security concern regarding 'log4j', we are looking options to mitigate risk. One option is re-configure the Bamboo server (and agents) to no longer be publicly accessible.

 

Thanks,

Bobby

Like
Eduardo Alvarenga
Eduardo Alvarenga
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
April 27, 2022

Hello @bobby dammu,

Thanks for clarifying that.

Bamboo is not vulnerable to the recent Log4j CVEs. You can find more details below:

Though, if you still want to disable any "public" access to your Bamboo Server and Agents, you'll have to work with your external configurations such as blocking traffic on our Firewall, Load Balancer, etc.

Bamboo needs to listen to specific ports to work. There is no option to disable such services.

You can also create local firewall rules on each server that is part of your Bamboo solution to allow only trusted sources to reach its service ports:

You can also enable Tomcat's Client authentication to enforce only validated clients

Like
Reply

Suggest an answer

Log in or Sign up to answer
Bamboo
Bamboo
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.