Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Configuration of minimum rules for Jira Server to work, navigation rules for incoming and outgoing t

Diego Cañete
Diego Cañete
Contributor
February 20, 2020

Hi Team,

I am having some problems since the people of the IT Security Team limit the outgoing traffic from the server where I have Jira installed to outgoing and incoming internet, and I need to know what are the minimum rules that you should request from the security team so that Jira can leave and enter if it is what you need to the internet, this includes the urls or sites or domains that should check the plug-ins added.
If you could help me.

Thank you.

Diego Cañete.

Answer
Watch
Like Be the first to like this
868 views

1 answer

0 votes
Joe Pitt
Joe Pitt
Community Champion
February 20, 2020

All traffic from the user goes through the html ports: 80/8080 or 443 if you're using encryption. If you have a typical setup the JIRA server communicates to the database on whatever port the database uses.  If you have a typical setup the JIRA server sits in the DMZ and the html port is open for user access. The database sits inside the local network so you need the port JIRA uses to talk to the database open. All you should have to do for the network folks is tell them what ports are in use and have them set the firewall rules. Usually the network folks are the ones you get the port assignments from. Some companies don't use the standard ports as an extra measure of security. The URL for the internet needs to have an entry in the company DNS that converts it to an IP address for the JIRA server. You shouldn't have been able to get JIRA working without the network folks telling you all the ports and IP addresses you need unless you installed the database on the same server as JIRA and accessing it from the server as 'localhost' 

Plugins have no impact on this. The are part of the JIRA server 

View More Comments
Diego Cañete
Diego Cañete
Contributor
February 20, 2020

Hi Joe_Pitt,
Thanks for answering, I mean the traffic of Jira's service to the Internet not to the internal network, for now the local users have no problems, what I see is that some plug-ins are stop working correctly.
And I understand that we must allow navigation to some domains type atlassian.com and surely the pugligs also have to go online.

Like
Joe Pitt
Joe Pitt
Community Champion
February 20, 2020

All the traffic to the outside users goes through the html ports (80/8080 or 443). I've never needed to open any outside port except the html ones. If you're having a problem getting to Atlassian.com it needs to be added to the whitelist. I only use a couple of the main (paid for) plugins and never have them stop working.  The plugins are part of JIRA code once installed so they should only communicate through the JIRA html ports. I would contact the plugin support about them not working. If they need to communicate to a specific domain it should be in the install guide. 

Like
Diego Cañete
Diego Cañete
Contributor
February 20, 2020

Inked89F2DD03_LI.jpg

Like
Diego Cañete
Diego Cañete
Contributor
February 20, 2020

Comperndo, check this outbound traffic from our server to a server in China over UDP / 53. This is normal?

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.