For the record, I'm going to move ahead with adding the issue collector. We can disable it again if it proves to be a problem.
Justin On Fri, May 24, 2013 at 11:25 AM, Andrew Stitcher <[email protected]> wrote: > On Fri, 2013-05-24 at 08:46 -0400, Justin Ross wrote: >> ... >> "If your JIRA instance is not accessible via the public internet >> feel free to ignore this message. Otherwise it is recommended that you >> update this project's permissions such that anonymous users are not >> allowed to browse issues." >> >> What do you think they mean by the "otherwise, disable anonymous >> browsing" part? Initially this didn't make sense to me. Now I figure >> this is meant for private orgs with a jira instance on the public >> internet, which wouldn't apply to us. >> > > I think what they're talking about here is the motivation for blog spam > - search engine "optimisation". So if a spammer can post a bug, and it > is anonymously available on the internet then it can be found by search > engines and push whatever URL they are trying to drive traffic to. > > Or at least this is my understanding of why spammers try to post links > to blogs etc. So if the url isn't publicly available then there is no > point in the posting in the first place from their pov. > > In this vein it might make sense to not allow anonymously posted bugs to > be available anonymously. > > Anyone have any other understanding(s)? > > Andrew > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
