Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Disable http access to our Confluence server

Joe Budzowski
Joe Budzowski
Contributor
April 19, 2021

I implemented https using a solution posted in Community, but the Confluence can still be accessed using port 8090.

<Connector acceptCount="100" connectionTimeout="20000" disableUploadTimeout="true"
enableLookups="false" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" port="8090"
protocol="HTTP/1.1" redirectPort="8443" useBodyEncodingForURI="true"
scheme="https" proxyName="confluence.ourcompany.com" proxyPort="443"/>

We are using an F5 redirect to port 8090.  How can we implement https without allowing access via port 8090?

Answer
Watch
Like Be the first to like this
723 views

1 answer

0 votes
Thiago Masutti
Thiago Masutti
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
April 19, 2021

Hi @Joe Budzowski 
I hope you are well.

Based on your description you are offloading SSL on the F5 load balancer.
Therefore, any connection from F5 to the Confluence server is made over HTTP.

In this case, you still need to allow HTTP connections when the source is your F5 load balancer servers, and may want to block anything from other sources, such as users' computers.

You may need to use some external solution to administer this requirement, such as iptables on Linux.
With iptables you would be able to allow access to the TCP port 8090 from F5 while blocking access from any other source.
You may also want to allow access from other specific sources, such as a jump server, for maintenance purposes.

Let me know if that makes sense to you.

Kind regards,
Thiago Masutti

View More Comments
Chris Shaw
Chris Shaw August 2, 2023

I have the same question but we are not using any load balancer. The provided solution still uses port 8090 but we need to block direct port access using http://hostname:8090

Thanks,

Chris Shaw

Like
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
August 2, 2023

If you block the port, the service can't be reached by other systems.

What are you actually trying to achieve here?

Like
Chris Shaw
Chris Shaw August 2, 2023

We are trying to block direct http access using http://hostname:8090. We have switched to using https with the proxy name  URL and can redirect the old http access with the proxy name URL, but you can still bypass the SSL using http://hostname:8090

Like
Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
DEPLOYMENT TYPE
SERVER
VERSION
7.4.7
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.