Configuring security in the external environment

If your JIRA instance contains sensitive information, you may want to configure security in the environment in which your JIRA instance is running. Some of the main areas to consider are:

  • Database:
    • If you are using an external database, as recommended for production systems (i.e. you are not using JIRA's internal/bundled H2 database), you should restrict access to the database that your JIRA instance uses.
    • If you are using JIRA's internal/bundled H2 database, you should restrict access to the directory in which you installed JIRA. (Note that the user which your JIRA instance is running as will require full access to this directory.)
  • SSL — if you are running your JIRA instance over the Internet, you may want to consider using SSL.
  • File system — you should restrict access to the following directories (but note that the user which your JIRA instance is running as will require full access to these directories):

Other security resources

Was this helpful?

Thanks for your feedback!

Why was this unhelpful?

Have a question about this article?

See questions about this article

Powered by Confluence and Scroll Viewport