First of all, Great work this distro. No crap, just all the pbx features we are looking for, without any unneeded apps.
I hosted this pbx, wich is working perfectly, but there is one thing that can be accessed without any password. The FOP panel.
So anyone from the internet can access my fop an see the status of my extensions and trunks plus see my extension numbers.
Am I overlooking something here?
Or can I thange this in a quite simple way?
Thanx in advance.
Add:
Now I see that I can acces everything (harmless but vissible)
(ex. http://pbxipdress/lang give plain language files of my pbx)
How can this be secured?
Are you using FOP or FOP2. FOP requires a password if you set one on the intial install screen where you create your FreePBX Username and Password. If you forgot to set one go into advanced settings in FreePBX and under FOP you can set the password.
oepss, that was elastix, same problem there. but in elastix there are a bunch of more directorys in html (like lang dir)
I set the password, but that is for using fop (by the way I am using FOP1 from the distro.)
The problem is that anybody can see my extensions an device names without logging in. if the go to http://freepbxip/panel
Thanx for the quick answers by the way!
Ahh yes that is a issue with FOP and not much we can do since we just include FOP. I recommend not using FOP1 since it has lots of issues with asterisk 1.8 and is not longer supported.
As this thread deals with FOP and security, my problem is similar. I am trying to STOP FOP. I have followed the instructions in other threads to no avail.