Securing PBX

hello everyone. i have a freepbx installation that works fine for some time now. i got iptables to allow only the ports that i need (rtp, ssh, http, sip). this is not the proper way done and i would like to have a robust solution. is there a tutorial for freepbx iptables/fail2ban? which ports to stop/open?

Hi there. I´m new to securing PBX, but I found :

Maybe it helps