Hi all,
As part of our efforts to make our Confluence instance a little more secure and reasonable to understand, I’m undertaking a few steps to clean things up. I don’t expect this to have much impact on folks, but if you run into issues please contact me and I’ll help out.
Specifically I’ll be:
- Turning off API tokens for the default user group (Confluence currently shows 0 active tokens)
- Removing ancient and unused user groups
- Removing any special permissions from users who have not logged in within a year
- Archiving ancient spaces that haven’t been viewed or edited recently
- Ensuring the permissions for remaining spaces are the same
- Remove blog and attachment permissions from the default group as they seem to be unused
- Deactivate users who haven’t logged in for more than a year
Hopefully this will reduce the potential for trouble from old or hijacked accounts going forward as well as making it substantially easier to reason about the current set of permissions.
Let me know if you have any questions or concerns!