Secure your Jira server by only serving logged in users
Protect filters which are shared with all users
Accessing such filters (Example: https://your-jira-domain.com/secure/ManageFilters.jspa) redirects to the login form. Saved filters, filter owner incl. mail adress will be protected.
Protect dashboards which are shared with all users
Redirecting all requests to the login form
Next to popular filters and dashboards also the quicksearch and other content requests from your Jira instance will be redirected to the login form.
Dashboards and filters can be shared with anyone. This also includes users which are not logged in (the "famous" anonymous users). This issue is opend and discussed here: https://jira.atlassian.com/browse/JRA-23255
While Jira displays a warning message that such sharing may not have the intended consequences it is so far impossible for an admin to prevent the sharing or access without patching the Jira source code.
A second problem is the quick search which can also be executed by an anonymous user and depending on the settings in the projects may or may not show some issues.
The "Prevent Anonymous Access" add-on prevent these redirecting any requests to the login form.
There is also a configurable whitelist to allow specific requests without login, for example to integrate with other tools.
Privacy and security