Beschränkung Setup auf Adressen
The call of the EGroupware setup
or a login can (and should) be limited to certain addresses.
In general, the restriction should be chosen so that a login is only possible from a trusted network. Depending on the constellation, there are now different possibilities.
Here are two examples:
- EGroupware on server in company or home network
In this case, a /24 address can be entered, for example, to access the setup exclusively from computers in the local network.
In the case of a standard Fritz!Box (A very common router in Germany) network, this would be 192.168.178.0/24
Enter here in the Header-Admin as
- EGroupware on a host at a provider
If you reach your VHost via VPN, you can easily enter the IP address(es) of your PC.
It is also possible to enter a fixed IP as allowed.
With changing IP addresses, you can try to work with a DynDNS address, i.e. the domain name.
There are many more constellations. With this simple means the security of an EGroupware installation can be easily increased.
A misconfiguration can lock you out of the setup. The direct access to the header.inc.php should be checked before. And a backup of the file should be created!
The address for the restriction is entered in the header setup. The header setup writes the change to
The following can be entered:
||To be entered
|Address ranges (/24, /16, /8)
||IP address Admin PC
|IP addresses Comma separated
||Addresses in the 192.168.178.0/24 network
Enter the local network (/24) in the header setup:
Is then stored in the
This entry can thus be entered directly into the
header.inc.php. If you know what you are doing…