Law firms can't outsource trust. Your client portfolio, your filing records, your invoices — they live on infrastructure you control, encrypted with keys you generated, accessed only by accounts you provisioned. We built IPBases that way from day one. Here's how.
SaaS products win on convenience. They lose on trust. When your client confidentiality obligation is your business, you can't have a vendor who could be compelled to disclose your data — or accidentally publish it in a misconfigured S3 bucket.
IPBases is not SaaS. It's a self-hosted application you install on infrastructure you already control: cPanel, a VPS, a private cloud. We don't host your database. We can't see your client list. We have no "support backdoor." When you delete a record, it's gone — not soft-deleted to a logging system in another country.
The trade-off: you administer the install. We make that as easy as possible (5-minute setup, daily diagnostic page, reversible migrations). But the keys, the data, the access control — those stay with you.
Standard PHP 8 application. Drops into any cPanel host with a 5-minute install. No Docker required, no Node.js, no Redis. Your hosting provider's existing security posture applies.
Direct SQL access. Documented schema. Standard backup tools work (mysqldump, your hosting provider's backup, your own replication). We have no read access. Ever.
Cloudflare R2 (recommended) or Google Drive. You provision the bucket, you set the encryption policy, you control access. Files served via short-lived signed URLs.
Your perpetual license is an Ed25519-signed token tied to your domain. Verified offline by the app on each request. No phone-home. No metering. No "service interruption" if our website is down.
SMTP passwords, WhatsApp API tokens, Google Drive OAuth tokens — all encrypted with a per-install master key generated during setup. Database dumps don't expose secrets.
System Health Check page surfaces issues before users notice: missing migrations, stuck cron, expired credentials, broken FKs, orphan files, license edge cases. Fix proactively.
Eight built-in roles plus fine-grained per-permission overrides. The least-privilege principle is the default.
| Admin | Full access |
| Partner | Records + financial |
| Senior associate | Records + draft invoices |
| Junior associate | Records, no financial |
| Paralegal | Records (limited) |
| Accountant | Financial only |
| Viewer | Read-only |
| Portal user | Own records only |
{
"id": "ed7a-...-92f1",
"user_id": "u-3a82-...",
"user_name": "Sarah Khalil",
"action": "update",
"entity": "client",
"entity_id": "c-bmj-...",
"before": {
"associate_id": "meras-..."
},
"after": {
"associate_id": "nas-..."
},
"ip": "82.144.x.x",
"user_agent": "Chrome/Mac",
"at": "2026-05-10T14:23:18Z"
}
The audit log is your reconstruct-the-truth tool. Who created this trademark? Who changed BMJ from Meras to NAS? Who marked invoice 1042 paid?
Trust is built more by what's absent than what's present. Here's what IPBases will never include — even if a customer asks.
The app doesn't phone home. We don't know how many records you have, how often you log in, or which features you use. Want to share usage stats with us? Opt in. Default is off.
We don't have an admin password to your install. Not an "oops" backdoor, not a "for emergencies" master key. Lose your admin password, and our support process is the same as any other PHP app.
Your client list isn't pooled with anyone else's. Your trademark portfolio isn't fed into any AI model. Your invoices aren't aggregated for "industry benchmarks." Your data stays your data.
Email [email protected] with the details. We'll acknowledge within 48 hours and work with you on coordinated disclosure. Confirmed issues are credited (with your permission) in our release notes.
We ship security fixes as out-of-band patches with reversible migrations. Customers on supported releases get priority access; older releases receive backports for high-severity issues for 18 months after their EOL date.
If you're running the practice on Excel + Outlook, you're already accepting more risk than IPBases would expose you to. Open the demo. Click around.
Open the demo →
IPBases Live Support OnlineNeed Help? Chat with us