We would like to add a second layer of security , by adding a user autentification via apache .htaccess.
And that s what we did !
BUT then the suite crm Webtolead doesn t work anymore for guest users contacting us through our website form.
In a nutshell, how can I protect my CRM from the web and still have a webtolead that works ?
Today we have the webtolead url something like
mysite.com/suiteCRM/index.php?webtolead …
This means that I cannot restrict my folder and anyone on the web can view my login page for the CRM .
Especially since it can be followed by a web crawler …
The solution I propose :
Having webtolead in a separate folder, such as :
mysite.com/suiteCRM/webtolead/webtolead.php …
Here is the htaccess at the root of my suitecrm
#PROTECTED AREA
AuthUserFile /home/folder/.htpasswd
AuthName “Please Enter User & PW”
AuthType Basic
require valid-user