CiviProxy is a security solution that allows organizations to keep their CiviCRM installation in a protected network while still providing public access to specific functions like donation forms, event registration, and newsletter subscriptions. It acts as a secure gateway between your public website and your private CiviCRM server, using whitelisting and parameter sanitation to ensure only legitimate requests reach your data.
This approach is particularly valuable for organizations with strict data protection requirements, such as human rights groups in sensitive regions, or any organization that needs to comply with stringent security policies while maintaining public-facing functionality. Instead of exposing your entire CiviCRM installation to the internet, CiviProxy allows you to run CiviCRM safely behind a VPN while a minimal proxy server handles public requests.
The proxy server runs simple PHP scripts on basic webspace and validates all incoming requests before forwarding them to your protected CiviCRM installation. This architecture significantly reduces your attack surface while maintaining full functionality for website visitors who want to make donations, register for events, or manage their newsletter subscriptions.
