Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Firewall configuration without wildcards

Steffen Maier
Steffen Maier September 16, 2018

Hello,

 

we are using self hosted Jira, Confluence both with plugins.

Now we have a new firewall (no proxy) and would like to open a way for updates.

What servers do these products (and plugins) need to update themselves? And which ports of course.

I need the domain name (like update.atlassian.com) and no wildcards (NOT *.atlassian.com).

It is not possible to configure a wildcard on a firewall. You need a proxy for that.

 

Thanks,

Steffen Maier

Answer
Watch
Like Be the first to like this
718 views

1 answer

0 votes
Shannon S
Shannon S
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
September 17, 2018

Hello Steffen,

In order to update your add-ons via UPM, you will need to configure your firewall according to the instructions from Configuring Marketplace Connectivity.

To have certain UPM features function properly, you may need to modify your firewall configuration. In particular, you need to permit TCP connections between UPM and external servers.

Since IP addresses for a given domain can change over time, Atlassian recommends that you configure your firewall policy by hostname rather than by numeric IP address. If you do need to configure rules by IP address, we suggest that you use a network analysis tool to investigate outgoing connections made by UPM. And keep in mind that you may need to update the rules on occasion, in this case.

Firewall Rules

To allow UPM to perform online functions behind a firewall, you need to set up firewall whitelist rules that enable UPM to connect on port 443 to these servers:

  • *.atlassian.com: UPM connects to several servers in the atlassian.com domain, including marketplace.atlassian.com, marketplace-cdn.atlassian.com, id.atlassian.com, maven.atlassian.com, and others.   
  • *.cloudfront.net: certain Marketplace assets (screenshots, logos etc) are hosted on cloudfront. Calls to that domain are expected.

Many firewalls do allow configuration by wildcard, but in the case that yours does not, you can use the IP address solution I have highlighted above.

Jira and Confluence will need to be upgraded manually.

Let me know if you have any questions about that.

Regards,

Shannon

Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.