How do you prevent attackers from connecting to a tunnel?
Every tunnel has a unique ID. An attacker would need to know this ID to make calls to the tunnel.
We also use the following security restrictions:
The calls coming through the tunnel must be made from within Atlassian Cloud. Any other traffic isn’t accepted by a tunnel.
The configured AuthN / AuthZ mechanism on the self-managed side
Was this helpful?
Still need help?
The Atlassian Community is here for you.