How do I prevent anonymous users from using page history?

Platform Notice: Data Center Only - This article only applies to Atlassian products on the Data Center platform.

Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data-Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

Code Changes Required

This configuration requires changing the Confluence code in your installation. You will need to reapply these changes whenever you upgrade Confluence. Proceed with caution.

Purpose

Currently there is no way to restrict anonymous users from viewing the page history through the UI. Page history can be accessed, even by anonymous users, from Tools > Page History.

Solution

In order to restrict this function for anonymous users, you'll need to edit viewpreviousversions.vm from <confluence-install>/confluence/pages/, and copy and paste the following code:

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 <html> <head> <title>$action.getText("title.view.previous.versions") - $!page.title</title> </head> #applyDecorator("root") #decoratorParam("helper" $action.helper) #decoratorParam("mode" "view-information") #decoratorParam("calendar-width" "200px") #decoratorParam("context" "$action.page.type") ## PERMISSION TO CHECK IF USER IS ANONYMOUS, IF ANONYMOUS THERE IS NO HISTORY FOR IT :) #if ($action.remoteUser != $null) #requireResource("confluence.web.resources:page-history") <form name="diff" method="GET" action="diffpagesbyversion.action"> <input type="submit" value="$action.getText('compare.selected')"> <input type="hidden" name="pageId" value="$action.pageId"> <style> .tableview td {white-space:nowrap; vertical-align:top;} </style> <table id="page-history-container" width="100%" cellspacing="0" class="tableview"> <tr> <th>&nbsp;</th> <th>$action.getText("heading.version.number")</th> <th>$action.getText("heading.version.date")</th> <th>$action.getText("heading.comment")</th> #if( $action.isRevertPermitted()) <th>$action.getText("heading.operations")</th> #end </tr> <tr id="rowForVersion$page.version"> <td width="%1"><input type="checkbox" name="selectedPageVersions" value="$page.version" #if ($action.isSelectedVersion($page.version)) checked #end></td> <td align="left"> <strong> <a href="viewpage.action?pageId=$page.id">$action.getText("current.version")</a> (v. $page.version) </strong> </td> <td align="middle"> <strong> $dateFormatter.formatDateTime($page.lastModificationDate) </strong> </td> <td style="white-space:normal;"> <strong>#usernameLink ($page.lastModifierName)</strong>#if ($page.versionCommentAvailable): <br><span class="change-comment">$page.renderedVersionComment</span>#end ## Only put in a break if there's a comment </td> #if( $action.isRevertPermitted()) <td>&nbsp;</td> #end </tr> #if( $previousVersions ) #foreach( $oldPage in $previousVersions ) <tr id="rowForVersion$oldPage.version"> <td width="%1"><input type="checkbox" name="selectedPageVersions" value="$oldPage.version" #if ($action.isSelectedVersion($oldPage.version)) checked #end></td> <td align="left"> <a href="viewpage.action?pageId=${oldPage.id}">v. $oldPage.version</a> </td> <td align="middle"> $dateFormatter.formatDateTime( $oldPage.lastModificationDate ) </td> <td style="white-space:normal;"> <strong>#usernameLink ($oldPage.lastModifierName)</strong>#if ($oldPage.versionCommentAvailable): <br><span class="change-comment">($oldPage.renderedVersionComment)</span>#end ## Only put in a break if there's a comment </td> #if( $action.isRevertPermitted()) <td align="middle"> #if ($oldPage.version>0) <a href="revertpagebacktoversion.action?pageId=$page.id&version=${oldPage.version}">$action.getText("restore.this.version")</a> #end </td> #end </tr> #end #end </table> </form> <p><a href="${req.contextPath}/pages/viewinfo.action?pageId=${page.id}">$action.getText('return.to.page.info')</a></p> #else ## CUSTOM MESSAGE TO ANONYMOUS USER <ul>Unfortunately, as an anonymous user you do not have permission to view page history. For further information please contact your Confluence Administrator.</ul> #end #end </html>

The code above contains a custom message if the user is not authenticated (anonymous). Simply edit the section ##CUSTOM MESSAGE TO ANONYMOUS USER with the message you wish to show (if any) and save the template, and you're done.

Updated on April 11, 2025
Platform
Data Center only
Product
Confluence Data Center
On this pagePurposeSolution

Still need help?

The Atlassian Community is here for you.
Ask the Community