Anonymous Access to Remote API
Configuring Confluence Security
- Confluence Security Overview and Advisories
- Proxy and HTTPS setup for Confluence
- Configuring Secure Administrator Sessions
- Confluence Cookies
- Using Fail2Ban to limit login attempts
- Securing Confluence with Apache
- Best Practices for Configuring Confluence Security
- Encrypting passwords in server.xml
- Hiding the People Directory
- Configuring Captcha for Spam Prevention
- Hiding External Links From Search Engines
- Configuring Captcha for Failed Logins
- Configuring XSRF Protection
- User Email Visibility
- Anonymous Access to Remote API
- Configuring RSS Feeds
- Preventing and Cleaning Up Spam
On this page
Related content
- No related content found
Administrators may wish to disable anonymous access to the Confluence remote API. to make it harder for malicious users to write 'bots' that perform bulk changes to the site.
To disable anonymous access to the remote API:
- Select Administration
, then select General Configuration - Choose Security Configuration in the left-hand panel. The Security Configuration screen will appear.
- Choose Edit.
- Uncheck the Anonymous Access to API check box.
- Choose Save.
Notes
This page is about access to the remote API. If you are looking for information about preventing anonymous users from accessing Confluence, see Global Permissions Overview.
Last modified on Feb 8, 2024
Related content
- No related content found
Powered by Confluence and Scroll Viewport.