Aug. 11, 2011

The FreePBX development team has identified with some zero day security vulnerabilities related to httpd and php. These vulnerabilities may allow a remote user to gain full root control over a system, and are present in lots of popular asterisk-related distro's.

The FreePBX development team strongly urges all user of the FreePBX Distro to immediately upgrade their systems and patch these vulnerabilities. Additionally, users are reminded never to keep their web port accessible to the internet.

As in any pbx, IVR's have always been an integral component of FreePBX. For the better and for the extremely annoying, companies have been filtering inbound calls with IVR's for just about forever. While we can't change people's mentality (on both sides of the call) we CAN attempt to provide the best posible experience for those fortunate enough to be using FreePBX.

There is a forum thread accepting comments, ideas, and suggestion for new features/improvements in the Backup & Restore module. Head over there now if you have any thoughts on how the module can be improved.

In our never ending quest to make FreePBX the best phone system that doesn't require money to buy (and even better than most that do cost money...), allow us to introduce you to the latest features in the Backup & Restore module. Last week we alluded to a critical server error, but left you guessing as to how we address that. This is a big step in that direction.

Do you use the Dial-by-Name option of the current FreePBX Directory? If no, read on as you might find there is goodness to come. If yes, have you ever wanted to add a user with no voicemail? have your admin called instead of you? wanted to add a Ring Group or Queue to it, call an external cell phone, or more?

The current Dial-by-Name directory achieves some basic goals but has always left a lot to be desired. In a lot of use cases it was plagued with issues that made it less than desirable and in my opinion often not viable.

In case you missed it, our lead developer Philippe Lindheimer gave a wonderful presentation on FreePBX at Astricon this past Oct. (2009). The presentation gives a very nice overview of FreePBX, its capabilities, and what the future holds. See it here:
http://www.astricon.net/2009/astricon/presentation/FreePBX/index.htm

Previously, we discussed preventing outbound calls from FreePBX by using two methods: Misc Applications and outbound routes. There is also (at least) two ways to allow outgoing calls using a whitelist, i.e. allowing calls only to the numbers specified.

One of the really cool things added to the latest version of FreePBX is support for Russell's devstate backport for Asterisk 1.4. Today I decided to have a look at how it works, and I found it to be extremely simple and straightforward to set up. Obviously, you need to add the backport to asterisk. Luckily, that is extremely easy - just follow the directions in the readme.