At SYSTOPIA, we've built and maintain a wide range of tools, from CiviCRM extensions to Drupal modules and more. With around 60 repositories under active management, we're dedicated to enhancing the CiviCRM ecosystem. In this release, we're happy to present our CiviProxy Extension – a customizable security solution for your CiviCRM installation.
What does it do?
If you work with CiviCRM, the security of your data is of paramount importance. Many organizations face the challenge of connecting their CiviCRM installation with a publicly accessible website without compromising the sensitive data stored in CiviCRM.
This is where CiviProxy comes in. The CiviProxy Extension implements a secure architecture where your CiviCRM installation runs in a protected network (a Virtual Private Network, VPN), making it virtually inaccessible from the internet. However, you still need certain CiviCRM functions to be available for public use - like donation forms, event registrations, or newsletter subscriptions on your website.
CiviProxy solves this by acting as a secure gateway: a specially hardened proxy server that sits between the internet and your protected CiviCRM installation. This proxy server receives requests from your public website, thoroughly examines them, and only forwards legitimate, safe requests to your CiviCRM system. By using whitelisting and parameter sanitation, it ensures that only authorized actions can reach your protected data.
The extension specifically enables the following features:
- Serve resources for newsletters and mailings
- Cache those resources, taking load off your CiviCRM server
- Pass-through of tracking data on opening and click-through rates
- Sign-on and off of your newsletter (with webpage templates)
- Relay of whitelisted REST API calls for data exchange with other systems
- Perform input sanitation and parameter whitelisting for the REST API calls
- Enable secure integration with SYSTOPIA's Remote Tools and Remote Event extensions for comprehensive frontend functionality outside the VPN
How does it work?
The basic principle of CiviProxy is simple: Your CiviCRM is set up in a network that is fundamentally inaccessible from the internet (e.g., VPN). The only exception is a proxy server whose IP/domain is granted access to the CiviCRM server.
This specially secured server receives requests (e.g., from the website), examines them thoroughly, and only forwards allowed, secure requests to CiviCRM. CiviProxy implements this security through two key mechanisms: whitelisting (starting with the principle that nothing is allowed, then explicitly configuring what is permitted) and parameter sanitation (ensuring only named parameters with allowed content types like string or integer can pass through). The proxy functionality is implemented using simple PHP scripts that can be deployed on basic managed webspace. Since the proxy server serves only this purpose, it can be configured very robustly and minimalistically, offering far fewer attack vectors than a full website or CMS installation.
The CiviProxy installation consists of two parts:
- A CiviCRM extension called "de.systopia.civiproxy" that you install in your target CiviCRM installation and that supports sending mailings (newsletters) from CiviCRM.
- A proxy folder with the scripts that you need to install on your CiviProxy server.
After installation, you need to configure both components.
For the proxy server, you create a config.php file based on the included config.dist.php template, where you specify the base URL of your CiviProxy server and the URL of your target CiviCRM installation.
You can find the CiviProxy extension settings under Administer > Administration Console in the System Settings section. Here you can configure the extension after installation.
Who is it for?
CiviProxy is primarily aimed at organizations that strongly prioritize the protection of sensitive data in CiviCRM while wanting to make certain functions accessible for public use.
The installation and configuration of CiviProxy requires technical understanding, so we recommend implementation by experienced administrators or implementers. Whether you do it inhouse or with a contractor, you will obviously have to expect additional costs compared to just a plain CiviCRM install with direct connection to the internet. So if your organisation has very limited resources, this might be an obstacle.
Anything else?
CiviProxy is an excellent example of the benefits of open-source collaboration. The extension has been actively developed and enhanced for 10 years now, with the project currently preparing for its 1.0.0 release. Recent improvements include better support for modern CiviCRM features, enhanced compatibility with newer PHP versions, and improved integration with extensions like Mosaico. The project maintains active development with contributions from multiple community members, ensuring it stays current with CiviCRM's evolving ecosystem.
CiviProxy works particularly well in combination with other SYSTOPIA extensions designed for remote functionality. The RemoteTools extension provides a comprehensive toolkit for CiviCRM integration with remote systems, while the RemoteEvent extension adds numerous features to CiviCRM's events, allowing organizations to handle event configurations in CiviCRM while making information available via REST API to external systems. More integrations such as RemoteActivity and RemoteCase expose functionality connected to those CiviCRM entities. This toolset enables organizations to offer sophisticated frontend experiences - like event, member or volunteer portals - on public websites while keeping their CiviCRM installation securely behind a VPN.
