Uploaded image for project: 'Confluence Server and Data Center'
  1. Confluence Server and Data Center
  2. CONFSERVER-59154

Ability to Toggle Version Information on Confluence Pages On/Off

    XMLWordPrintable

    Details

    • UIS:
      4
    • Feedback Policy:
      We collect Confluence feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

      Description

      Suggestion Summary

      Confluence should provide administrators with a way to toggle displaying version related information on/off.

      Suggestion Details

      If unauthenticated, one can access Confluence's landing page and retrieve version related information from three places:

      • Login page footer.
      • Response Head AJS Tags.
      • Response Body What's New Link.

      Someone without good intentions could use this information to search for possible security vulnerabilities over the internet and hack Confluence. Therefore, if in a public facing instance, hiding these pieces of information can become a requirement for administrators.

      Workaround

      An administrator can modify Confluence core files to prevent this information from being displayed. The knowledge base below teaches how to do that:

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned Unassigned
              Reporter:
              mhorlle Marcelo Horlle
              Votes:
              20 Vote for this issue
              Watchers:
              12 Start watching this issue

                Dates

                Created:
                Updated: