Configuring XSRF protection
To prevent users from being tricked into unintentionally submitting malicious data, Bamboo uses XSRF security protection.
Atlassian-supported plugins have been updated to support XSRF. XSRF protection is enabled by default for Atlassian Cloud customers and new customers of Bamboo Data Center, however, if you are using a plugin that is not yet compatible with this security feature, you can disable it.
Carefully consider the security risks before you disable XSRF protection in your Bamboo installation.
Read more about XSRF (Cross Site Request Forgery).
To configure XSRF protection:
- In the upper-right corner of the screen, selectAdministration> Overview.
- Choose Security settings in the left-hand panel.
- 編集を選択する。
- Uncheck Enable XSRF protection to disable XSRF protection or check it to enable XSRF protection.
- 保存を選択します 。
XSRF protection was introduced in Bamboo 5.3, and is enabled automatically for all existing and new Atlassian Cloud users. Existing Bamboo Data Center users can enable XSRF protection by following the instructions above and checking Enable XSRF protection.
Is my Bamboo already protected against XSRF attacks?
Customers upgrading... | XSRF protection |
---|---|
... an existing installation of Bamboo 5.2, and earlier, to Bamboo 5.3, and later. | XSRF protection isn't enabled by default. You can enable XSRF protection using the instructions on this page. |
... a new installation of Bamboo 5.3, and later. | XSRF protection IS enabled by default. |