Difference between revisions of "Security"
From FusionPBX
(→General) |
(→General) |
||
| Line 4: | Line 4: | ||
* Limit Exposure | * Limit Exposure | ||
** Use FusionPBX/FreeSWITCH behind a firewall. | ** Use FusionPBX/FreeSWITCH behind a firewall. | ||
| − | ** Limit ports exposed to the Internet | + | ** Limit ports exposed to the Internet. |
| + | ** Use a VPN for external endpoints. | ||
| + | *** OpenVPN with a UDP tunnel works great for VOIP. | ||
* Fail2ban - monitor logs then bans ip addresses for those that are found in the log to be abusing the system. | * Fail2ban - monitor logs then bans ip addresses for those that are found in the log to be abusing the system. | ||
Revision as of 19:39, 29 September 2012
A place to share security best practices with the community.
General
- Limit Exposure
- Use FusionPBX/FreeSWITCH behind a firewall.
- Limit ports exposed to the Internet.
- Use a VPN for external endpoints.
- OpenVPN with a UDP tunnel works great for VOIP.
- Fail2ban - monitor logs then bans ip addresses for those that are found in the log to be abusing the system.
FreeSWITCH
- Disable the FreeSWITCH modules you are not using. Below is a list of modules not currently being used. This list is not comprehensive. In FusionPBX the modules are found in the menu in system -> modules.
- xml rpc (not currently used by FusionPBX)
- xml curl
- httapi
- Fail2ban - use it to watch FreeSWITCH logs and ban
