Permission Lockdown for Bitbucket Server
Disable the Public access and Default permission settings for project and repository administrators
This plugins disables the Public access and Default permission settings for project and repository administrators. It will also reject any attempts to change these settings through the REST or Plugin API.
Global and system administrators continue to have access to these settings.
By enforcing any permission configuration to be expressed in terms of explicit users or groups, the plugin can help preventing accidental policy violations.
Privacy and security
Project administration with Public access and Default permission settings disabled