No announcement yet.

Restricted Access based on IP range LAN vs WAN

  • Filter
  • Time
  • Show
Clear All
new posts

  • Restricted Access based on IP range LAN vs WAN

    Is there a way to restrict access to the logon interface?
    For example I want employee A to be able to logon only from our LAN of 192.168.1.x
    However I do not want employee A to logon from home over a public connection.

  • #2
    You can configure your .htaccess


    • #3
      If I enter the .htaccess as described in the link, will it also block other items such as Mass Mail Campaign results from reaching the server? I don't want to block that obviously.


      • #4
        I updated the .htaccess file as indicated.

        Order Allow,Deny
        Allow from 192.168.X

        Link in email for tracking no longer works: http://domainnamehere/espocrm/?entry...p;id=3D5a103ad 408fd60f=f0">=

        I want to prevent users from logging into our platform from outside the office but still be able to use email campaign functionality.

        Last edited by khopper; 11-18-2017, 01:11 PM.


        • #5
          Is it possible to have all users by default allow local (LAN) to able to login via the login interface and to possibly have an option on the user account to permit EXTERNAL ACCESS? (PUBLIC IP'S) from the login interface.


          • #6
            For anyone who is interested here is an example of the ".htaccess" file that works well for my situation.
            I only wanted to prevent people from logging in externally but not block campaign email tracking.
            In the example below i am simply denying access to the login.tpl file if not in a valid IP range.

            Directory: htdocs\espocrm\client\res\templates\

            FILE: ".htaccess"
            <Files login.tpl>
            Order Allow,Deny
            # Allow Local LAN
            Allow from 192.168.x
            # Allow VPN LAN
            Allow from 172.16.x
            #Allow Specific IP's
            Allow from