I have a requirement to prevent access to most of the crm content from outside access (internet). Only very specific urls should be accessible e.g. https://fqdn/index.php?entryPoint=ConfirmOptIn&from=* https://fqdn/index.php?entryPoint=campaign_trackerv2&track=*
Any web application firewall can only work with Clean URLs.
clean url example:https://fqdn/ConfirmOptIn/index.php?from=*
As suitecrm does not provide clean URLs I wonder hot to archive that.
There are 2 possible options:
1: Tow independent instances, frontend (with access to the internet) and another backend (without any external access).
The frontend should only contain data required for the 2 specific modules and somehow being synced to backend .
2: A module e.g. URL-router that provides clean code interface for suitecrm.
Does one of them exist already?
Any acl solution within crm isn’t an option as this access prevention system has to be independent from crm-system.
The URL’s for tracker and ConfirmOptIn can easily be modified in the email template. However, as Opt out (index.php?entryPoint=removeme) seems to be hard coded. I’ve no idea how the modify this, especially as I have do replace the full fqdn and just add the $emailaddress_confirm_opt_in_token.
I can add this to the template of course, but then, as I do use {Remove}, the default footer Out-out will be added automatically.
Try changing that removeme string on each of those one by one, and see which one makes a difference for what you need. Once you have that information I can try hleping you further, see if that part of the code is customizable, etc.