Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How do you secure application links if you try to bypass a proxy?

Wayne Wylupski
Wayne Wylupski September 29, 2015

Following https://confluence.atlassian.com/display/KB/How+to+bypass+a+reverse+proxy+or+SSL+in+Application+Links, it seems the approach, creating a new connector for just application links is not secure; people could make requests against that port.

What is the recommendation for securing the new connector and only assure it will be used for application links, perhaps only from specified soures?  Would it be to configured it to use SSL?  Configure it to use a special truststore?  And what would need to done to the 'other' application to assure the security of the transport layer?

Thank you.

Answer
Watch
Like Be the first to like this
433 views

1 answer

0 votes
rrudnicki
rrudnicki
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
September 29, 2015

Hi Wayne, 

When working with Application Links, it may be necessary to bypass any existing reverse proxy or SSL configuration, without disrupting normal usage for your instances. You may also wish to use this process to bypass a proxy during the troubleshooting process.

Since SSL is used to cryptograph a connection, we encourage the users to use that always as they can. The documentation you've mentioned as you can see mention that you should use HTTP for tests purposes or in case you are facing some specific issue related to SSL and Application Links. 

 

You can force JIRA to only accept HTTPS connections. Please check this link on step 5:

https://confluence.atlassian.com/jira/running-jira-over-ssl-or-https-124008.html#RunningJIRAoverSSLorHTTPS-Advancedconfiguration

 

Cheers, 

Renato Rudnicki

View More Comments
Wayne Wylupski
Wayne Wylupski September 30, 2015

Yes, but how do you assure that the second connector will ONLY be used for application links? How do you prevent users from using that connector?

Like
rrudnicki
rrudnicki
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
September 30, 2015

Well, actually you cannot. But here a workaround that could work: Add a firewall rule allowing only the communication on HTTP protocol only among the applications address which are using the application links. Not sure if this will work, but definitely isn't elegant.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.