Attachment Checker for Confluence
Protect your Confluence against unauthorised file attachments
Restrict uploads by file type
Restrict the types of files that are allowed to be uploaded by blacklisting or whitelisting a configured list of file extensions.
Virus scanning on all uploads
Protect against virus by scanning all attachment uploads.
When an infected file is detected, a comment mentioning the user will be added to the page where the file is attached to
Configurable filtering and scanning
System administrators are allowed to configure a list of file extensions to be filtered, the filtering mode, the error message, and specify their own virus scanner.
The Attachment Checker for Confluence plugin allows admins to secure their Confluence instances by
- ensuring conformance of authorised file formats
- detection of infected files
- avoid circulation of virus infected files via Confluence
- conserve disk space and bandwidth by blocking certain file types
It addresses the following Jira issues
- Restrict Attachments Based on File Type (CONFSERVER-6931)
- Virus Scan attachments (CONFSERVER-4731) or Block Malicious File Upload (CONFSERVER-20188)
- Attachments cannot be limited to only pictures. Which allows users to upload executables and potential viruses (CONFSERVER-6852)
Each feature can be configured to turn on/off with your customised messages.
The plugin will help to address the finding commonly raised in Vulnerability Assessment Tests.
- CWE-434: Unrestricted Upload of File with Dangerous Type
We recommend 2GB of RAM allocated to the JVM.
If you are using Jira too, check out Attachment Checker for Jira.
Privacy and security
View and set limits on the disk space used for each Confluence space