Restricted Access based on IP range LAN vs WAN

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • khopper
    Senior Member
    • Sep 2017
    • 329

    Restricted Access based on IP range LAN vs WAN

    Is there a way to restrict access to the logon interface?
    For example I want employee A to be able to logon only from our LAN of 192.168.1.x
    However I do not want employee A to logon from home over a public connection.
  • tanya
    Senior Member
    • Jun 2014
    • 4308

    #2
    Hello
    You can configure your .htaccess

    Comment

    • khopper
      Senior Member
      • Sep 2017
      • 329

      #3
      If I enter the .htaccess as described in the link, will it also block other items such as Mass Mail Campaign results from reaching the server? I don't want to block that obviously.

      Comment

      • khopper
        Senior Member
        • Sep 2017
        • 329

        #4
        I updated the .htaccess file as indicated.

        Order Allow,Deny
        Allow from 192.168.X

        Link in email for tracking no longer works: http://domainnamehere/espocrm/?entry...p;id=3D5a103ad 408fd60f=f0">=

        I want to prevent users from logging into our platform from outside the office but still be able to use email campaign functionality.

        Last edited by khopper; 11-18-2017, 02:11 PM.

        Comment

        • khopper
          Senior Member
          • Sep 2017
          • 329

          #5
          Is it possible to have all users by default allow local (LAN) to able to login via the login interface and to possibly have an option on the user account to permit EXTERNAL ACCESS? (PUBLIC IP'S) from the login interface.

          Comment

          • khopper
            Senior Member
            • Sep 2017
            • 329

            #6
            For anyone who is interested here is an example of the ".htaccess" file that works well for my situation.
            I only wanted to prevent people from logging in externally but not block campaign email tracking.
            In the example below i am simply denying access to the login.tpl file if not in a valid IP range.

            Directory: htdocs\espocrm\client\res\templates\

            FILE: ".htaccess"
            <Files login.tpl>
            Order Allow,Deny
            # Allow Local LAN
            Allow from 192.168.x
            # Allow VPN LAN
            Allow from 172.16.x
            #Allow Specific IP's
            Allow from xxx.xxx.xxx.xxx
            </Files>

            Comment

            Working...