Hello,

I am relatively new to SugarCRM but have been very impressed so far and have recommended that it be implemented in our office. My only problem surrounds Email Campaigns and Email Trackers.

I have successfully run some test campaigns and the trackers all work fine, however, my understanding has been that you must have the SugarCRM server on a public web address in order for the trackers to work because the link they use is http://sugarserverurl/tackerurl

So I have put our server on a public domain so that this works. This however, leaves me a bit vulnerable to hackers and the like.

My question to the Sugar Community is what ways are there to protect against this. Can I....

1) Somehow make the trackers work but put the actual Sugar web interface behind a VPN
2) Or is there a way of configuring apache so that it allows the trackers to pass through but doesn't allow outside access to the Sugar website.

If my question is elementary I apologise but my understanding of the system is relatively limited.

Our system is...

Server Running Centos 5
Sugar 5.2.0a