Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum

Apps | Demo | Docs | Install
  1. Cloudron Forum
  2. EspoCRM
  3. Security audits not possible: real IP not logged

Security audits not possible: real IP not logged

Scheduled Pinned Locked Moved Solved EspoCRM
8 Posts 4 Posters 1.4k Views 4 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • imc67I Offline
    imc67I Offline
    imc67
    translator
    wrote on last edited by
    #1

    @nebulon @girish I'm discovering EspoCRM and really, this is an absolutely fantastic piece of software with lots of (hidden) gems!

    However it is also a privacy related app because (of course) mostly used with personal data. Therefore they build in several audit possibilities.

    But one is impossible to track: real IP of a user, only the docker internal IP is logged.

    Can you please make it possible to log real IP's?

    girishG marcusquinnM 3 Replies Last reply
    2
    • imc67I imc67

      @nebulon @girish I'm discovering EspoCRM and really, this is an absolutely fantastic piece of software with lots of (hidden) gems!

      However it is also a privacy related app because (of course) mostly used with personal data. Therefore they build in several audit possibilities.

      But one is impossible to track: real IP of a user, only the docker internal IP is logged.

      Can you please make it possible to log real IP's?

      girishG Do not disturb
      girishG Do not disturb
      girish
      Staff
      wrote on last edited by
      #2

      @imc67 this seems like a packaging bug. I guess I have to set trust proxy IP somewhere. Let me check and get back.

      1 Reply Last reply
      3
      • imc67I imc67

        @nebulon @girish I'm discovering EspoCRM and really, this is an absolutely fantastic piece of software with lots of (hidden) gems!

        However it is also a privacy related app because (of course) mostly used with personal data. Therefore they build in several audit possibilities.

        But one is impossible to track: real IP of a user, only the docker internal IP is logged.

        Can you please make it possible to log real IP's?

        marcusquinnM Offline
        marcusquinnM Offline
        marcusquinn
        wrote on last edited by
        #3

        @imc67 DM me if you're interested to follow what I'm doing with it, been working with it for a solid 3 months now, and although it'll be a while before I can publish what I'm working on, happy to share privately.

        Are you a power user, or also a coder by any chance? We're working on a fair few core improvements too.

        Web Design https://www.evergreen.je
        Development https://brandlight.org
        Life https://marcusquinn.com

        imc67I 1 Reply Last reply
        2
        • girishG Do not disturb
          girishG Do not disturb
          girish
          Staff
          wrote on last edited by
          #4

          Was looking into this but it seems EspoCRM does not use proxy variables - https://github.com/espocrm/espocrm/issues/1928

          1 Reply Last reply
          0
          • imc67I imc67

            @nebulon @girish I'm discovering EspoCRM and really, this is an absolutely fantastic piece of software with lots of (hidden) gems!

            However it is also a privacy related app because (of course) mostly used with personal data. Therefore they build in several audit possibilities.

            But one is impossible to track: real IP of a user, only the docker internal IP is logged.

            Can you please make it possible to log real IP's?

            girishG Do not disturb
            girishG Do not disturb
            girish
            Staff
            wrote on last edited by
            #5

            @imc67 I have pushed an update to fix this.

            imc67I 1 Reply Last reply
            3
            • girishG girish

              @imc67 I have pushed an update to fix this.

              imc67I Offline
              imc67I Offline
              imc67
              translator
              wrote on last edited by imc67
              #6

              @girish I just updated the app but it’s still the docker IP being logged.

              Edit: Somehow I needed to update the app 3 times! After the last time it works!

              nebulonN 1 Reply Last reply
              0
              • marcusquinnM marcusquinn

                @imc67 DM me if you're interested to follow what I'm doing with it, been working with it for a solid 3 months now, and although it'll be a while before I can publish what I'm working on, happy to share privately.

                Are you a power user, or also a coder by any chance? We're working on a fair few core improvements too.

                imc67I Offline
                imc67I Offline
                imc67
                translator
                wrote on last edited by
                #7

                @marcusquinn said in Security audits not possible: real IP not logged:

                Are you a power user

                A power user

                1 Reply Last reply
                2
                • imc67I imc67

                  @girish I just updated the app but it’s still the docker IP being logged.

                  Edit: Somehow I needed to update the app 3 times! After the last time it works!

                  nebulonN Offline
                  nebulonN Offline
                  nebulon
                  Staff
                  wrote on last edited by
                  #8

                  @imc67 there were a couple of upstream releases shortly after each other, and we don't skip package updates, so you had to go through them one-by-one.

                  1 Reply Last reply
                  1
                  Reply
                  • Reply as topic
                  Log in to reply
                  • Oldest to Newest
                  • Newest to Oldest
                  • Most Votes


                  • Login

                  • Don't have an account? Register

                  • Login or register to search.
                  • First post
                    Last post
                  0
                  • Categories
                  • Recent
                  • Tags
                  • Popular
                  • Bookmarks
                  • Search