An Oldie but a Goodie

July 27, 2022
Jerry Clark

Gumball Machine

Many moons ago, Chris and I were involved with an open-source project called the IP Restriction Manager for SugarCRM. This popular tool made a giant impact for plenty of customers because it offered heightened security – letting Sugar administrators set up and manage restrictive IP ranges for user authentication (for example, employees in a remote office). Because of the plugin's open-source nature, maintenance was often overlooked and, over time, its functionality fell behind the latest Sugar developments and industry trends.

Well, today, I'm pleased to announce the plugin's triumphant rebirth as Upsert® IP Restriction Manager For SugarCRM, which comes completely overhauled and backed by Upsert's world-class support and product guarantee. Best of all, it's free!

Like before, IP ranges can be set for any combination of user, team, or role and in the following formats: specific, wildcard, CIDR, and start-end. In addition to these classic core features, Upsert's plugin also adds support for all platforms including Sugar Mobile, and provides in-app logging capabilities to troubleshoot user-authentication issues.

Those who are familiar with the earlier iteration of the IP restriction tool will enjoy less baggage when using Upsert's IP Restriction Manager due to a few more key improvements:

Increased Security

Previously, the IP Restriction Manager only restricted access during authentication and token refreshes. This is problematic, as a user's IP could change during the session. It would also allow an attacker to gain access into the application if they have stolen an access token. We've corrected this by revamping the plugin to validate all authenticated requests.

Better Performance

We've revisited the user access checks and improved everything from code to queries so that user experience doesn't suffer. We've also implemented caching for faster requests.

New Configurations

We've added the following configurations:

  • Disable the plugin at an administrative level
  • Enable user restriction caching for faster performance
  • Enable in-app logging for user troubleshooting

Neat and Tidy

Extra libraries no more! Because SugarCRM has updated the libraries they use, we no longer need to ship the Symfony HttpFoundation component library. You'll also find a new organizational approach to the code and its structure.

Check out the project on GitHub or visit our plugin to learn more and download.


Are you new to Sugar? Start a free trial today and let us know so we can help you succeed!

Please follow us on social media or subscribe to our RSS feed to keep up-to-date on new blog posts and announcements:

To read more about our company and services, please visit our home page.