Health Check: Local backup security
プラットフォームについて: Data Center - この記事は、Data Center プラットフォームのアトラシアン製品に適用されます。
このナレッジベース記事は製品の Data Center バージョン用に作成されています。Data Center 固有ではない機能の Data Center ナレッジベースは、製品のサーバー バージョンでも動作する可能性はありますが、テストは行われていません。サーバー*製品のサポートは 2024 年 2 月 15 日に終了しました。サーバー製品を利用している場合は、アトラシアンのサーバー製品のサポート終了のお知らせページにて移行オプションをご確認ください。
*Fisheye および Crucible は除く
目的
This health check looks for backups in the local application storage and warns you if any backup files are found there. Storing backups in the application's local filesystem is a security risk that may expose sensitive data to attackers.
You'll receive a warning message if there are any .zip files in any of the following locations:
<jira-local-home-dir>/export/backups<jira-local-home-dir>/import
ヘルス チェック結果
アイコン | 結果 | 意味 |
|---|---|---|
 | There are no backups in the local application storage. | No backups are present in the specified directories. This message applies to single-node instances. |
| There are no backups in local storage on node <node-id>. Run this health check on the other nodes if you've received a warning notification. | No backups are present in the specified directories on this particular node. This message applies to clustered instances. |
 | Found <n> backup files in the <dir-path> directory. | There are backups stored in the application storage. This message shows you how many files were found in which directory. Jira displays this message for every affected directory. |
| Found <n> backup files in the <dir-path> directory for node <node-id>. | There are backups stored in the application storage on this particular node. This message shows you how many files were found in which directory on this particular node. Jira displays this message for every affected directory. |
警告を無視した場合
Storing unencrypted backups that contain sensitive information on the application file system is a security risk. When an attacker gains access to the local file system, this sensitive data becomes exposed. Furthermore, attackers can compromise the application and then encrypt or remove the backups, preventing administrators from being able to restore the application's data and settings.
ソリューション
Here are a few things you can try if the Local backup security health check fails:
Move existing backups to a secure storage
To immediately fix this warning, move all existing backup files to a dedicated secure storage location.
Review your scheduled backups feature
The automated backup feature may create new backups on a regular schedule. This will trigger the health check warning again.
Consider either disabling this feature or setting up an automated script to move these files outside of the Jira filesystem.
Implement a production backup policy
For production instances, we're recommending using database native tools to back up the database and creating a backup of shared home and local home directories for all nodes.
Store backups in Amazon S3
Starting from Jira 9.16 it is possible to store XML Backups in Amazon S3. Read more.
(Not recommended) Disable the Local backups health check
If you're aware of the security risk, you can disable this health check on the Troubleshooting page. This might be a viable option for non-production instances.