Health Check: Local Backup Security
Platform notice: Server and Data Center only. This article only applies to Atlassian products on the Server and Data Center platforms.
Server* 製品のサポートは 2024 年 2 月 15 日をもって終了します。Server 製品を利用している場合は、Atlassian Server のサポート終了のお知らせページにて移行オプションをご確認ください。
*Fisheye および Crucible は除く
このヘルス チェックについて
This health check warns you if there are any backups stored in the Confluence's file system. Keeping backups on the accessible file system is a security risk that may expose your confidential data to attackers.
You'll receive a warning message if there are any zip files in the given locations:
- <confluence-home>/restore/site
- <confluence-home>/backups
<confluence-local-home>/temp (only zip files with the prefix 'xmlexport-', 'Confluence-site-export', or those defined by the user through system properties)
結果の確認
アイコン | 結果 | 意味 |
|---|---|---|
 パス | There are no backups in the local application storage. | No backups are present in the specified directories. This is a message for a single-node instance. |
| パス | There are no backups in local storage on node {0}. Run this health check on the other nodes if you've received a warning notification. | No backups are present in the specified directories for this particular node. This is a message for a clustered instance. |
 警告 | Found {0} backup files in the {1} directory. | There are backups stored in the application storage. This message displays how many files were found in which directory. We are showing this message for every affected directory. |
| 警告 | Found {0} backup files in the {1} directory for node {2}. | There are backups stored in the application storage on this particular node. This message displays how many files were found in which directory on this particular node. We are showing this message for every affected directory. |
警告を無視した場合
Storing unencrypted backups that contain sensitive information on the application file system is a security risk. When an attacker gains access to the local file system, this sensitive data becomes exposed. Furthermore, attackers can compromise the application and then encrypt or remove the backups, preventing administrators from being able to restore the application's data and settings.
ソリューション
1. Move existing backups to a secure storage
To immediately fix this warning, you should move all existing backup files to a dedicated secure storage. After moving files, manually run the Backup Restore v2, not existing file marker job scheduled job, which prevents attempts to download non-existent files from the user interface.
2. Implement a production backup policy
See our guide on Implementing a production backup strategy for more information.
3. (Not recommended) Disable Local Backups Health Check
If you're aware of the security risk, you can disable this health check on the Troubleshooting page. This might be a viable option for non-production instances.