On Fri, 2013-05-24 at 08:46 -0400, Justin Ross wrote: > ... > "If your JIRA instance is not accessible via the public internet > feel free to ignore this message. Otherwise it is recommended that you > update this project's permissions such that anonymous users are not > allowed to browse issues." > > What do you think they mean by the "otherwise, disable anonymous > browsing" part? Initially this didn't make sense to me. Now I figure > this is meant for private orgs with a jira instance on the public > internet, which wouldn't apply to us. >
I think what they're talking about here is the motivation for blog spam - search engine "optimisation". So if a spammer can post a bug, and it is anonymously available on the internet then it can be found by search engines and push whatever URL they are trying to drive traffic to. Or at least this is my understanding of why spammers try to post links to blogs etc. So if the url isn't publicly available then there is no point in the posting in the first place from their pov. In this vein it might make sense to not allow anonymously posted bugs to be available anonymously. Anyone have any other understanding(s)? Andrew --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
