Odoo Help

Welcome!

This community is for beginners and experts willing to share their Odoo knowledge. It's not a forum to discuss ideas, but a knowledge base of questions and their answers.

0

Secured Odoo behind DMZ

By
Carlton Guc
on 5/20/15, 2:19 PM 405 views

I'm searching for a solution to provide our instance of Odoo with two IP addresses.   One is the public IP which should have access to the website.   The other IP is a private IP which should then give us access to the CRM/ERP system (plus website).   The goal is to keep our instance of Odoo secure to prevent any access intentionally or accidentally to any of the core components while still giving end users the ability to visit our website which was also built in Odoo.

0
Martin Malorni
On 6/12/15, 3:27 PM

Have you tried installing Nginx or Apache on a machine in your DMZ, listening to your public IP and forwarding traffic to your internal IP which would be visible only to your DMZ machine. You could further limit the ports that are open between those two machines.

I have Apache as a proxy on the front end. We tried some rewrite rules as anything on the "Inside" has the URL with /web# in it. But in doing so we broke our website as internally there are likely some calls to the same formatted URL. Plus I'm not sure what affect we'll have on the client portals. We're still seeking solutions as Odoo doesn't really have any serious protections against brute force attacks. Nor does it expire your session when you exit the browser. You just need to re-open the browser and the URL and you're back logged into the session.

Inline Technology Services, Carlton Guc
on 6/12/15, 3:35 PM

Your Answer

Please try to give a substantial answer. If you wanted to comment on the question or answer, just use the commenting tool. Please remember that you can always revise your answers - no need to answer the same question twice. Also, please don't forget to vote - it really helps to select the best questions and answers!

About This Community

This community is for professionals and enthusiasts of our products and services. Read Guidelines

Question tools

1 follower(s)

Stats

Asked: 5/20/15, 2:19 PM
Seen: 405 times
Last updated: 6/12/15, 3:27 PM