Soooo, yeah, just found out that users have been abusing *93 and redirecting some rather important calls. Won’t get into the details, but this is a major embarrassment for us. I take the the blame, I setup the system, I falsely assumed such capabilities would be limited by default.
Tell me I’m not the first to be hit by this.
Many users use legitimate feature codes for many things, actually dialing *nn to get things done. I’m guessing feature codes are used behind the scenes as well for hard/soft button assignments as well. I’m hesitant of hastily making changes to block *93 for everyone, or inadvertently disabling access to critical features across the board. This is entirely due to my ignorance of the system, well at least the “nuts and bolts” of it.
Approaches to things of this nature are typically deny everything, allow what is needed. Is this a typical approach on FreePBX? If so, is there a guide for “Be sure to limit these things”? Some sort of best-practices for limiting capabilities?
Back to CoS specifically, I understand how to block a feature code for an extension, but how can I allow something like *93, but control what destinations an extension has based on who initiates it?
Can you PIN protect certain things with CoS? Or is it only allow/deny?
Can notifications be setup as a way of auditing feature code use, or other things shown in, but not limited to, CoS? Or is monitoring log files for “Executing…” the way to do this with something home grown.
Apologies for the slightly ranty post.