-
CVE-2022-26134 – How to check and protect your Confluence
Last Friday, Volexity published a zero day exploit (CVE-2022-26134) on Atlassian Confluence. This post is to share some tips on how to check your Confluence instance is safe, and also some practical advice to protect your Confluence on-prem.
About the vulnerability
This bug affects all versions of Confluence since 1.3.0. It is a critical vulnerability because it allows unauthenticated users to execute code within the Confluence server remotely. According to Imperva Threat Research, there are widespread scanning and attempts of exploitation on the Internet.
How to fix the vulnerability
Atlassian alerted the customers promptly and responded with high priority. We are thankful that Atlassian released the fix in less than 24 hours.
For details of the fix, please refer to the official Confluence Security Advisory 2022-06-02.
How to check your Confluence for malicious access
Here are some basic checks that you can execute to check for any traces of malicious attempts. If there is any occurrence, then you may want to engage the security experts for more in-depth foresenic investigation.
URL requests containing ${
Since one of the attack mechanisms is to use ${ in the request URL, it would be helpful to scan the web server access logs for any occurrences. Please update the path of the Apache httpd/ Nginx access logs accordingly.
grep '${' /etc/httpd/logs/*access*.log grep '%24%7B' /etc/httpd/logs/*access*.logURL requests from known IP addresses
Based on the Volexity report, there are some IP addresses which are used by the attackers. Similarly, you can grep the access logs to check for any occurrences. Note: It is possible that there may be other attackers using other IP addresses.
grep 154.146.34.145 /etc/httpd/logs/*access* grep 154.16.105.147 /etc/httpd/logs/*access* grep 156.146.34.46 /etc/httpd/logs/*access* grep 156.146.34.52 /etc/httpd/logs/*access* grep 156.146.34.9 /etc/httpd/logs/*access* grep 156.146.56.136 /etc/httpd/logs/*access* grep 198.147.22.148 /etc/httpd/logs/*access* grep 198.147.22.148 /etc/httpd/logs/*access* grep 221.178.126.244 /etc/httpd/logs/*access* grep 45.43.19.91 /etc/httpd/logs/*access* grep 59.163.248.170 /etc/httpd/logs/*access* grep 64.64.228.239 /etc/httpd/logs/*access* grep 66.115.182.102 /etc/httpd/logs/*access* grep 66.115.182.111 /etc/httpd/logs/*access* grep 67.149.61.16 /etc/httpd/logs/*access* grep 98.32.230.38 /etc/httpd/logs/*access*
How to protect your Confluence instance
Actually, the best form of defense against unauthenticated attacks is to place the server behind the firewall. This will effectively block all attackers from mounting a direct attack remotely. That is a key reason why some security sensitive enterprises are choosing Confluence Data Center. We know that it is not possible for a software to be 100% free of bugs. So there might be another vulnerability waiting to be discovered in the future.
By using Long Term Support release of the product, it reduces the effort to upgrade since the critical security fixes will be available as long it is architecturally possible. This contributes greatly to a quick reaction to any future zero day exploits.
For those organizations who are working remotely, it is possible to access via VPN or use Web application firewalls for added protection. Both CloudFlare and Imperva have announced that their customers are protected from this vulnerability since they will ensure all requests are authenticated before relaying it to Confluence.
Last but not least, do make sure the license technical contacts are up-to-date. As an Atlassian Solution Partner, we have witnessed a number of occurrences when critical alerts from Atlassian are missed due to staff turnover.
Share this post
-
Confluence Page of the Month – CommonWealth of Massachusetts CommonWiki
The Confluence Page of the Month for March goes to a Template & Training page from CommonWealth of Massachusetts CommonWiki
4 reasons why we like this page
- The content is useful
- The template files are attached to the page and versioned automatically
- Using composition macro to group the content in various tabs
- Using icon to denote the type of the file
Share this post
-
Confluence Page of the Month – Lawrence Berkeley National Laboratory
The Confluence Page of the Month for February goes to a Scheduled System Outage announcement from Lawrence Berkeley National Laboratory.
4 reasons we like this page:
- The author took effort to add the logo of the affected system so that it can be identified easily
- Good use of blog to communicate time related announcements to users
- Facilitate navigation by putting latest news and common links on the right sidebars
- Integrating with Google Calendar to show upcoming events
Tip: You can select the image uploaded previously from the Confluence image browser
Share this post
-
Confluence Page of the Month – Maxwell Render V3 documentation
Nowadays, it is a more frequent occurrence to find technical documentation written in Confluence and some of them had done a great job. Then the idea came: “Why don’t we showcase them on our blog? A well done piece of work deserves recognition and other Confluence users can pick up the good practices too.”
That’s why from this month onwards, we will be starting a Confluence Page of the Month to showcase a Confluence page that we chanced upon and think it is interesting.
The page to start the ball rolling is the Maxwell Render V3 Documentation
3 reasons we like this page:
- By embedding the Vimeo video, the page became much more interesting
- The layout looks neat and organized with the RefinedWiki theme
- It looks easy to navigate through the content from the left side bar
Share this post
-
How to Win a War with Confluence
Continue ReadingMaybe it should be corrected to “How to Win Wars with Confluence“. At the time of writing, we have already won 3 consecutive wars using Confluence and a strategy from Sun Tzu’s Art of War.
The Clash of Clans has introduced the latest feature called Clan Wars. It allows 2 different clans to fight each other. The clan that earns the most stars from attacking wins the clan war.
We lost our 1st war despite our clan was stronger. We were pretty sore and did a RCA (Root Cause Analysis).
Our conclusion was that the coordination among clan members was lacking. Our clan members are from various part of the world and log in at different time of the day. Some of us never met face to face. The only means of communication is the in-game chat, but there are limitations. It stores only the last 100 messages and the chat room is littered with chit-chat messages among members.
When we launched our 2nd war, we thought why not use Confluence? There is a free 30 days trial to test whether it is useful or not. And we don’t want to spend a lot of time to do the set up.
The Confluence site was available in 20 mins after signing up with Atlassian OnDemand. The content was added by typing short paragraphs of text with bullet points. We even decorated the pages by adding images via drag-and-drop.
In less than an hour, the site was ready for members to get access to key information.
Welcome blog post
Members started to circulate the website address within the in-game chat. It was easily accessible from their mobile phones. Some of them even posted comments to discuss how we can refine our fighting strategy.
The improvement in collaboration really made a difference. We won our 2nd war by a clear margin and thrashed our opponent in the 3rd and 4th wars.
Battle Updates
-
Benefits of using Wiki for Requirements Documentation
Recently, Atlassian shared the details on how they are doing agile requirements documention with Confluence.
It also included a well summarized list of the benefits below.
1. One page, one source, one problem
Keeping it simple. The requirements page becomes the “landing page” for everything related to the set of problems within a particular epic. Having something that is the central go-to location saves your team members time in accessing this information and gives them a concise view.2. A page enables you to be agile
One of the awesome things about using a simple page to collaborate on verses a dedicated requirements management tool is that you can be agile about your documentation! You don’t have to follow a format every time – do what you need, when you need it and be agile about it. In fact, I encourage you to customise the Requirements Blueprint as you learn what works for your team so you can model your processes easily. Chop and change as required.3. Dive in for context and detail
We often forget how powerful a simple link can be. We embed a lot of links within our requirements landing page. It helps abstract out the complexity and progressively disclose the information as it is needed to the reader. Linking detailed resources my included such things as:- Customer interviews for background, validation or further context for the feature
- Pages or blogs where similar ideas were proposed
- Previous discussion or technical documentation and diagrams
- Videos of product demos or other related content from external sources
4. Living Stories: Stay updated, track and report on progress
I see a lot of customers do this as well. Once the stories have been roughly thought out – we often use the JIRA integration features in Confluence to link the two. From the page you can easily create your backlog stories. These are automatically embedded with two-way syncing from JIRA. So you instantly get progress reports of how the story is tracking with your dev team, right from your requirements landing page. Learn more.5. Use your collective team and organisational wisdom
Especially if you are in a large organisation – documenting requirements Confluence makes it easy for other people in different teams to contribute and make suggestions. In the Confluence team, I’ve been amazed at the amount of times someone else from another team jumps into the conversation with a comment providing great feedback, suggestions, or lessons learnt from similar projects. It really does help a large organisation feel like a small team.6. Make them dynamic and engaging
Use diagramming tools like Gliffy or Balsamiq to better communicate the problems to your team or embed external images, videos and dynamic content.7. Collaborate!
The most important aspect of all this is getting everyone involved. Never write a requirements document by yourself you should always have a developer with you and write it together. Share the page with the team and get feedback. Comment, ask questions, encourage others to contribute with thoughts and ideas. This is also a huge asset for a distributed team.As for the details on how to do it, you can check out the full blog post at http://blogs.atlassian.com/2013/07/agile-requirements-documentation-a-guide
Share this post
-
Building a knowledgebase with Confluence and JIRA
JIRA is used by many organisations as a Helpdesk system to keep track of their user queries and requests. Over time, it becomes a valuable Knowledge Base. These solved cases will have details on:
- how to replicate the error,
- what was the root cause and
- the desired solution
By opening up the Knowledge Base, it improves productivity by enabling end users to search for the solution first. If it is available, the end user will get his/her issues fixed and the Helpdesk team can handle difficult cases.
For organisations already have this arrangement, it can be further enhanced by tapping onto Confluence.
When tackling FAQs that require a detailed write-up, a new page can be created in Confluence via a standard template. As long as the JIRA issue is mentioned in the Confluence page (see red arrow in diagram below)
a corresponding link will be created in JIRA (see red arrow below)
Users can click on the link to Confluence to read the detailed solution.
The benefits of using Confluence are:
- rich content can be included (e.g. videos, screenshots, diagrams)
- content can be easily organised in user-friendly layout
- easy to search as FAQs can be organised by topics
- easy to find the solution in a page instead of digging long list of comments (in JIRA)
- protects sensitive information from public viewing
As a user, do you prefer the red pill or the blue pill?
Solution in JIRA
Solution in Confluence
By investing a small effort in Confluence, it will reduce a big effort in JIRA subsequently.
You can start with a Doc Sprint to jumpstart your Knowledge Base with your own FAQs.
Share this post
-
Confluence 4.3 released to improve productivity
Do you know that an average worker receives more than 300 emails weekly?
If you are one of them, you might want to click on the infographic below to see how much time you have wasted.
In this release of Confluence, Atlassian has focused on helping users on becoming more productive.
From the studies conducted, they have added these features below:
- In-app notifications – to de-clutter your inbox and context switching
- Personal task lists – to create tasks at the source and to facilitate tracking
- iPhone & iPad mobile interface – to allow users to use Confluence while on the move
- In-line actions – Add notifications to your personal task list as a reminder for later action
There are still many other features. For more details on the new features introduced in Confluence 4.3, check out the release notes posted within Confluence
Share this post
-
Edit Like a Pro with Confluence 4.1 – Available Today
It’s the season of giving and the Confluence Team decided to splurge this year, bringing you Confluence 4.1 just in time for the holiday season. It’s jam packed with new features and improvements that make everyone look like an editing pro.
Create and Share Rich Content, Effortlessly
Take the completely redesigned editor that we gave you in Confluence 4.0 and add instant Autoconvert, professional Image Effects, and quick Find and Replace. What do you get? Confluence 4.1 – the fastest online content collaboration tool going around.
Give everyone in your organization the power to create and share rich content, effortlessly – check out Confluence 4.1 today.
Share this post
-
Introducing a New Standard in Content Collaboration
Confluence 4.0 is here! After more than a year of development, and many more years of listening to your feedback, Atlassian is stoked to deliver you Confluence 4.0 – the fastest, richest, most intuitive collaboration experience ever.
Brillantly Simple Editor
The new editor in Confluence 4.0 is brilliantly simple, intuitive, and yet still packed with powerful features. A new streamlined toolbar puts new users at ease with familiar editing operations exactly where they’re expected. A single editor makes for a more reliable experience for your users and saved work that looks exactly like what was crafted in the editor. What you see is really what you get.
Intelligent and Lightning Fast
While new users will feel at home with the new editor, power users will thrive on innovative new features like Autoformatting. In the blink of an eye, Confluence converts wiki markup to rich text as you type; careful, you might miss it! They’ll love the performance improvements we’ve made to Autocomplete, putting links, images, media, and hundreds of powerful macros a couple of keystrokes away. Not to mention all the new keyboard shortcuts we’ve added to give them a faster editing experience than ever before. Now you can even copy and paste images directly from other web pages
Familiarly Social
Confluence 4.0 takes team collaboration to the next level. Just like Twitter and Facebook, it’s easy to bring others into the conversations taking place in Confluence with @mentions. Whether you’re editing a page, replying to a comment or publishing a blog post, it’s never been easier to foster team collaboration around your content in Confluence.
Hundreds of New Features
This post barely scratches the surface of Confluence 4.0. Take an interactive tour and learn about all the new features now!
Share this post
Subscription Options:
