How to setup permissions and restrictions for Confluence?
Server / Cloud
In Confluence the level of permissions granted to a user determines whether the user is limited to read-only access or is able to add content, edit content, delete content, or comment on content.
Confluence has 3 levels of permissions:
Confluence also offers "anonymous access" which means the site visitor does not log in and thus does not need to be licensed which most frequently is associated with 'read-only' access. The great news is, in Confluence it is up to you the level of permissions you set up for these users we call "anonymous" (docs will also refer to as "public" access). For example, you can grant your anonymous users to read-only permissions or you can choose to assign additional permission to them including commenting on, editing, or deleting content. With anonymous users, however, you lose the ability to see who commented or edited something since the user is anonymous (without login) and thus not recognizable in the system from another anonymous user on the site.
Note: Public access is available at both, full site or just at space level.
One way to take advantage of public access (no licensing cost) but at the same time not expose your content completely to everyone on the internet is to use Confluence Server version of our software (self-hosted) and install it behind a firewall. This way external users would have to authenticate first to gain access to your network and only then they can access your Confluence content (publicly and without a license). Here is an example on how you can use Apache web server for restricting your Confluence's public content: http://blog.avisi.nl/2011/05/04/serving-and-securing-public-websites-from-confluence/
For Confluence licensing and pricing details, click here.
For features and functions that are only available to administrators, refer Confluence Administrators Guide.