Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Navigation

    Cloudron Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular

    SOLVED Security audits not possible: real IP not logged

    EspoCRM
    4
    8
    71
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • imc67
      imc67 last edited by

      @nebulon @girish I'm discovering EspoCRM and really, this is an absolutely fantastic piece of software with lots of (hidden) gems!

      However it is also a privacy related app because (of course) mostly used with personal data. Therefore they build in several audit possibilities.

      But one is impossible to track: real IP of a user, only the docker internal IP is logged.

      Can you please make it possible to log real IP's?

      girish marcusquinn 3 Replies Last reply Reply Quote 2
      • girish
        girish Staff @imc67 last edited by

        @imc67 this seems like a packaging bug. I guess I have to set trust proxy IP somewhere. Let me check and get back.

        1 Reply Last reply Reply Quote 3
        • marcusquinn
          marcusquinn @imc67 last edited by

          @imc67 DM me if you're interested to follow what I'm doing with it, been working with it for a solid 3 months now, and although it'll be a while before I can publish what I'm working on, happy to share privately.

          Are you a power user, or also a coder by any chance? We're working on a fair few core improvements too.

          We're not here for a long time - but we are here for a good time :)
          Jersey/UK
          Work & Ecommerce Advice: https://brandlight.org
          Personal & Software Tips: https://marcusquinn.com

          imc67 1 Reply Last reply Reply Quote 2
          • girish
            girish Staff last edited by

            Was looking into this but it seems EspoCRM does not use proxy variables - https://github.com/espocrm/espocrm/issues/1928

            1 Reply Last reply Reply Quote 0
            • girish
              girish Staff @imc67 last edited by

              @imc67 I have pushed an update to fix this.

              imc67 1 Reply Last reply Reply Quote 3
              • imc67
                imc67 @girish last edited by imc67

                @girish I just updated the app but it’s still the docker IP being logged.

                Edit: Somehow I needed to update the app 3 times! After the last time it works!

                nebulon 1 Reply Last reply Reply Quote 0
                • imc67
                  imc67 @marcusquinn last edited by

                  @marcusquinn said in Security audits not possible: real IP not logged:

                  Are you a power user

                  A power user

                  1 Reply Last reply Reply Quote 2
                  • nebulon
                    nebulon Staff @imc67 last edited by

                    @imc67 there were a couple of upstream releases shortly after each other, and we don't skip package updates, so you had to go through them one-by-one.

                    1 Reply Last reply Reply Quote 1
                    • First post
                      Last post