Restriction Setup to addresses

Beschränkung Setup auf Adressen

---

The call of the EGroupware setup

https://domain.tld/egroupware/setup

or a login can (and should) be limited to certain addresses.
In general, the restriction should be chosen so that a login is only possible from a trusted network. Depending on the constellation, there are now different possibilities.
Here are two examples:

1. EGroupware on server in company or home network
   In this case, a /24 address can be entered, for example, to access the setup exclusively from computers in the local network.
   In the case of a standard Fritz!Box (A very common router in Germany) network, this would be 192.168.178.0/24
   Enter here in the Header-Admin as 192.168.178 :

2. EGroupware on a host at a provider
   If you reach your VHost via VPN, you can easily enter the IP address(es) of your PC.
   It is also possible to enter a fixed IP as allowed.
   With changing IP addresses, you can try to work with a DynDNS address, i.e. the domain name.

---

There are many more constellations. With this simple means the security of an EGroupware installation can be easily increased.

A misconfiguration can lock you out of the setup. The direct access to the header.inc.php should be checked before. And a backup of the file should be created!

---

The address for the restriction is entered in the header setup. The header setup writes the change to
/var/lib/egroupware/header.inc.php

The following can be entered:

---

Enter the local network (/24) in the header setup:

Is then stored in the header.inc.php:

This entry can thus be entered directly into the header.inc.php. If you know what you are doing…