I'm searching for a solution to provide our instance of Odoo with two IP addresses. One is the public IP which should have access to the website. The other IP is a private IP which should then give us access to the CRM/ERP system (plus website). The goal is to keep our instance of Odoo secure to prevent any access intentionally or accidentally to any of the core components while still giving end users the ability to visit our website which was also built in Odoo.
Odoo is the world's easiest all-in-one management software.
It includes hundreds of business apps:
- CRM
- e-Commerce
- Accounting
- Inventory
- PoS
- Project management
- MRP
This question has been flagged
1
Reply
3166
Views
Have you tried installing Nginx or Apache on a machine in your DMZ, listening to your public IP and forwarding traffic to your internal IP which would be visible only to your DMZ machine. You could further limit the ports that are open between those two machines.
I have Apache as a proxy on the front end. We tried some rewrite rules as anything on the "Inside" has the URL with /web# in it. But in doing so we broke our website as internally there are likely some calls to the same formatted URL. Plus I'm not sure what affect we'll have on the client portals. We're still seeking solutions as Odoo doesn't really have any serious protections against brute force attacks. Nor does it expire your session when you exit the browser. You just need to re-open the browser and the URL and you're back logged into the session.
