Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum

Apps | Demo | Docs | Install
  1. Cloudron Forum
  2. EspoCRM
  3. Security audits not possible: real IP not logged

Security audits not possible: real IP not logged

Scheduled Pinned Locked Moved Solved EspoCRM
8 Posts 4 Posters 1.3k Views 4 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • imc67I Offline
    imc67I Offline
    imc67
    translator
    wrote on last edited by
    #1

    @nebulon @girish I'm discovering EspoCRM and really, this is an absolutely fantastic piece of software with lots of (hidden) gems!

    However it is also a privacy related app because (of course) mostly used with personal data. Therefore they build in several audit possibilities.

    But one is impossible to track: real IP of a user, only the docker internal IP is logged.

    Can you please make it possible to log real IP's?

    girishG marcusquinnM 3 Replies Last reply
    2
    • imc67I imc67

      @nebulon @girish I'm discovering EspoCRM and really, this is an absolutely fantastic piece of software with lots of (hidden) gems!

      However it is also a privacy related app because (of course) mostly used with personal data. Therefore they build in several audit possibilities.

      But one is impossible to track: real IP of a user, only the docker internal IP is logged.

      Can you please make it possible to log real IP's?

      girishG Offline
      girishG Offline
      girish
      Staff
      wrote on last edited by
      #2

      @imc67 this seems like a packaging bug. I guess I have to set trust proxy IP somewhere. Let me check and get back.

      1 Reply Last reply
      3
      • imc67I imc67

        @nebulon @girish I'm discovering EspoCRM and really, this is an absolutely fantastic piece of software with lots of (hidden) gems!

        However it is also a privacy related app because (of course) mostly used with personal data. Therefore they build in several audit possibilities.

        But one is impossible to track: real IP of a user, only the docker internal IP is logged.

        Can you please make it possible to log real IP's?

        marcusquinnM Offline
        marcusquinnM Offline
        marcusquinn
        wrote on last edited by
        #3

        @imc67 DM me if you're interested to follow what I'm doing with it, been working with it for a solid 3 months now, and although it'll be a while before I can publish what I'm working on, happy to share privately.

        Are you a power user, or also a coder by any chance? We're working on a fair few core improvements too.

        Web Design https://www.evergreen.je
        Development https://brandlight.org
        Life https://marcusquinn.com

        imc67I 1 Reply Last reply
        2
        • girishG Offline
          girishG Offline
          girish
          Staff
          wrote on last edited by
          #4

          Was looking into this but it seems EspoCRM does not use proxy variables - https://github.com/espocrm/espocrm/issues/1928

          1 Reply Last reply
          0
          • imc67I imc67

            @nebulon @girish I'm discovering EspoCRM and really, this is an absolutely fantastic piece of software with lots of (hidden) gems!

            However it is also a privacy related app because (of course) mostly used with personal data. Therefore they build in several audit possibilities.

            But one is impossible to track: real IP of a user, only the docker internal IP is logged.

            Can you please make it possible to log real IP's?

            girishG Offline
            girishG Offline
            girish
            Staff
            wrote on last edited by
            #5

            @imc67 I have pushed an update to fix this.

            imc67I 1 Reply Last reply
            3
            • girishG girish

              @imc67 I have pushed an update to fix this.

              imc67I Offline
              imc67I Offline
              imc67
              translator
              wrote on last edited by imc67
              #6

              @girish I just updated the app but it’s still the docker IP being logged.

              Edit: Somehow I needed to update the app 3 times! After the last time it works!

              nebulonN 1 Reply Last reply
              0
              • marcusquinnM marcusquinn

                @imc67 DM me if you're interested to follow what I'm doing with it, been working with it for a solid 3 months now, and although it'll be a while before I can publish what I'm working on, happy to share privately.

                Are you a power user, or also a coder by any chance? We're working on a fair few core improvements too.

                imc67I Offline
                imc67I Offline
                imc67
                translator
                wrote on last edited by
                #7

                @marcusquinn said in Security audits not possible: real IP not logged:

                Are you a power user

                A power user

                1 Reply Last reply
                2
                • imc67I imc67

                  @girish I just updated the app but it’s still the docker IP being logged.

                  Edit: Somehow I needed to update the app 3 times! After the last time it works!

                  nebulonN Offline
                  nebulonN Offline
                  nebulon
                  Staff
                  wrote on last edited by
                  #8

                  @imc67 there were a couple of upstream releases shortly after each other, and we don't skip package updates, so you had to go through them one-by-one.

                  1 Reply Last reply
                  1
                  Reply
                  • Reply as topic
                  Log in to reply
                  • Oldest to Newest
                  • Newest to Oldest
                  • Most Votes


                  • Login

                  • Don't have an account? Register

                  • Login or register to search.
                  • First post
                    Last post
                  0
                  • Categories
                  • Recent
                  • Tags
                  • Popular
                  • Bookmarks
                  • Search