FreePBX 15 Alpha Now Available for Testing

It’s been a long time since we last updated you on the work in FreePBX 15. We started working on FreePBX 15 around August of last year. Throughout this time, we’ve continued to support FreePBX 14 and 13 with countless bug fixes and even a few new features. In this post we’d like to bring you up to speed on what’s been going on in FreePBX.

When we began working on FreePBX 15 our goal was to limit the number of features being added to focus on a small number of pain points we’ve repeatedly heard about from YOU! In fact, it’s your feedback that’s helped us to complete the 2 major features of this release; a reworked version of backup & restore with the ability to do between major version restores (want to back up from 14 and restore to 15? Now you can!) and a way to allow you to better integrate FreePBX into your existing workflow and processes using an API (Application Programming Interface).

FreePBX 15

Learn more about the new Backup and Restore in FreePBX 15 on our wiki: https://wiki.freepbx.org/pages/viewpage.action?pageId=114852215

While we’ve been quiet since January with our most recent blog post asking for additional feedback on FreePBX 15, the team has been hard at work ensuring we are able to deliver on what we promised and give everyone a chance to play with it. Without further ado, on behalf of the FreePBX and Sangoma team, we are officially releasing FreePBX 15.0 in alpha today for everyone to play with. In this alpha release, all open source FreePBX modules support the new backup & restore methods, which will allow for between major version restores. Instead of trying to group all data together in backup & restore each module is now responsible for its own data during the backup and restore process. Second, we have completed about 10 modules using our new built-in API, powered by GraphQL with more planned soon.

FreePBX 15

Learn more about the FreePBX API on our wiki https://wiki.freepbx.org/display/FPG/API

Now with that said, we also know that we asked you for feedback for what you wanted to see in FreePBX and we’ve been actively watching and listening to your suggestions. Unfortunately though, we were unable take on the added workload and really focus on any additional features you’ve ask for, but we look forward to working with the community to bring them to future releases of FreePBX.

Great, but how do I get FreePBX 15?

In the past, we’ve traditionally released an ISO and asked everyone to download and install for testing. However, we are taking a different approach this year with the hopes that it’s easier on YOU to test and provide feedback on the new functionality. This year we are releasing a version upgrade module but not through our traditional methods. Usually we release the version upgrade module via module admin, when we release our release candidates allowing customers to upgrade from the previous version, as we feel the product is close to its final release. This year we are releasing the version upgrade module at the link below which users can manually choose to download, upload and install to move to 15 and not wait for FreePBX 15 to be released as a Release Candidate. Once we feel FreePBX 15 is closer to an RC we will publish new ISOs and move the version upgrader into the module admin system in FreePBX.

However, before rushing off to upgrade your system, please note that this is NOT INTENDED FOR PRODUCTION USE. Let’s me say that one more time, please DO NOT INSTALL THIS ON A PRODUCTION SYSTEM! The version upgrade module is being provide for users to upgrade a new installation or backup of an existing system. The code will have bugs and at this point shouldn’t be relied on for production use.

To try out FreePBX 15, follow the following steps:

At this point you have done the equivalent of downloading and installing the module as if it had been available online. To complete the process, select the ’15 Upgrade Tool’ from the FreePBX Menu and follow the instructions on the screen to upgrade to the ALPHA version of FreePBX 15.

We hope you enjoy this release and that it makes working with FreePBX easier for everyone moving forward. As always, please report any issues to issues.freepbx.org.

Andrew Nagy, On behalf of the FreePBX Team

FreePBX 14, Distro 14 & More!

It’s sure been an amazing year here at Sangoma. We are finally proud to announce the official stable release of FreePBX 14 and also the stable release of our Enterprise Linux 7 based distro which contains many updated system libraries, not least of which is PHP 5.6.31, NodeJS 8.1.4, and Python 3.6.

Over the last 16 months, we’ve been hard at work developing FreePBX 14, and we’d like to highlight four (of the many) major improvements: Auto-Update Security Releases, Distro updates in Module Admin, Calendar Module, and an upgraded User Control Panel (UCP). To learn more about all of the new features of FreePBX 14 make sure to checkout our last blog on FreePBX: https://www.freepbx.org/freepbx-14-release-candidate/

Since then, we’ve also introduced a few major features in parallel into FreePBX 13 (that are also in FreePBX 14), the most significant one being multiple and improved directory support in User Manager. Now you can setup multiple Active Directories, LDAP directories and internal directories to control the Users that are on your PBX. FreePBX will even auto create extensions for you from your remote directories. Of course, as FreePBX is an Open Source project, this is all completely free!

You may be asking yourself “What does a new version of PHP or NodeJS get me?”. Previously in FreePBX 13 and lower we were working with PHP 5.3 and NodeJS 0.12. By requiring newer versions of these as part of FreePBX 14, apart from significant improvements in the languages themselves, the performance improvements are the most noticeable difference. This means you’ll have a snappier FreePBX on your hand, with much quicker reload times. Behind the scenes, on the back end, we are also able to utilize new libraries that also have performance improvements in themselves.


https://lornajane.net/posts/2014/php-5-6-benchmarks/

We’ve started work on FreePBX 15 which we hope to have an early release of in October 2017. Three of the most important features we are planning for FreePBX 15 is a complete revamp of our RestAPI, Backup and Restore upgrades, so you will – in the future – be able to restore from and to a different versions (Only 15 and higher, so will be able to restore – for example – 15 into 16 or 17 into 15), and a new File Store module, which will allow you to store backups (or faxes and other files) on S3, FTP, email, ssh and more!

Over the next year we will also be working on bringing FreePBX onto PHP 7.x with commercial modules.

With the release of this blog we have also released a version of the FreePBX module “Version Upgrader”, which is for standard manual, or custom installed systems, and will help the owner upgrade all the associated packages (PHP, and Node, as mentioned above). For FreePBX Distro installs we are fine tuning and checking a simple one-line command that you can run on your server to upgrade the Operating System to 7, and FreePBX to 14 at the same time, all automatically. Of course, when running this RPM your system will reboot and there will be downtime, and there are some minor prerequisites (such as a 64 bit machine, and at least 10gb of free space). As of today the distro upgrader is being released as a public beta, and more information is available on our wiki page: https://wiki.freepbx.org/display/PPS/Upgrading+from+FreePBX+10.13.66+to+SNG7

Please remember, as adoption of FreePBX grows there may be things we missed. If you find any issues please open a bug at https://issues.freepbx.org and we’ll look into it as soon as we can. You can also ask for help on our Community Forums, where you may be able to get assistance from experts in the community, too.

Thank you for using FreePBX and we look forward to what develops through 2017!

FreePBX 14 Release Candidate

It’s been over two years since the team at Sangoma set out to give FreePBX a facelift, and over a year since we completed that goal when FreePBX 13 went stable.

In the last 12 months, we’ve implemented hundreds of new features for FreePBX 13 while continuing to grow our Unified Communications product lines through Zulu. We released 6 formerly commercial modules as open source, emphasizing our support of open source. We’ve also added over 41,000 lines of new code while welcoming an additional 18 new contributors.

We also introduced Edge Mode for bleeding-edge module upgrades, support for Asterisk 14, improved reload times, self signing of modules and a new improved certificate manager that supports Let’s Encrypt. While adding all those new features, we’ve also fixed (at time of writing) 1185 reported issues.

For a full list of everything that was accomplished during our 13-release checkout our roadmap.

Making FreePBX Modern

One of the biggest problems we’ve run into over the past few years working on FreePBX 13 was the fact that we were basing FreePBX 13 around the PHP 5.3 platform. PHP 5.3 was released June 30th, 2009. With the release of FreePBX 14 we now require PHP 5.6 which was released August 28th, 2014. That’s over 5 years of improvements, which has resulted – among other things – in considerable performance improvements with 14 compared to version 13.

Due to this massive internal change, FreePBX 14 is now recommended to be installed on the Sangoma 7 distro.

Of course, manual and custom installations of all versions of FreePBX are still available, but the legacy Schmooze Distro (Cent 6.6) will not be able to upgrade to FreePBX 14 instantly, as it requires an Operating System Upgrade to Sangoma 7. More information about this will be coming in a few weeks.

Emphasizing Security

One of the first changes we made in FreePBX 14 was to let systems automatically update modules that have security vulnerabilities. This will ensure that when we release updates to modules that have security issues, your systems will be updated to prevent those security issues – in less than 24 hours! We’ve made this option opt-out, so you can disable it through Advanced Settings if you desire, but we recommend against it!

Upgrading with Ease

The days of running distro upgrade scripts or having to go deal with stuck upgrades are over. In FreePBX 14 all system upgrades are done right through the GUI, in the same place you’d normally go to update modules.

You can also schedule automatic module or system upgrades at specified dates and times.

Globalization & Localization Improvements

Sangoma Technologies is a global company with over 150 employees worldwide. We realized that United States of America date formats don’t work for many countries and locals. FreePBX now comes with the ability to define the time zone, language and date/time formatting system wide, per group and/or per user.

Each user can also individually define and change these settings from within UCP. FreePBX 14 now also supports a broader scope of UTF8 which means you can now save settings in FreePBX with emojis!


Introducing The Calendar Module

For a long time, we’ve heard different scenarios of complex time conditions logic to deal with holidays such as Easter (which falls on a different day every year).

To solve this in 14 we implemented a calendar module. This module allows you to add any web based iCal, CalDav, Google or Exchange Web Services calendar. You can also add local calendars through which you can add custom events. These calendars can then be linked to Time Conditions, Paging Pro groups, Find Me/Follow Me enabled/disable events and more!

To learn more about the new Calendar Module see: http://wiki.freepbx.org/display/FPG/Calendar+Module and http://wiki.freepbx.org/display/FPG/Calendar+Event+Groups+Module.

Remote calendars can be updated on a specific schedule you define. This allows you, the administrator, to delegate a calendar out to your users that they could update, adding events when the office is open which will then trigger Time Conditions at the appropriate times. We hope this new feature helps to ease configuration and management of your FreePBX systems.

A Redesigned UCP (User Control Panel)

Starting with the addition of the ARI back in the 2.x era, FreePBX has long had a need for a User Control Panel. A place where your end users can go to change specific settings related to their accounts or listen to voicemails or call recordings.

In FreePBX 12 we completely overhauled the UCP interface to give it important HTML5 updates. Including in-browser playback of recordings, notifications, a responsive interface, native chat and an in browser WebRTC phone. In FreePBX 14 we’ve gone one step further by giving your users complete control over how their Control Panel looks and feels.

With the additions of dashboards and widgets users can add, remove, resize and organize how they want their dashboard(s) in UCP to look and function. Users can have multiple dashboards that have different configurations of widgets. You could have one dashboard for your voicemail boxes and another dashboard that has widgets for your queues. For more information on the new UCP and what’s changed click here.

XMPP Improvements

Six months ago, we decided to open source our XMPP chat module but promised to continue improving the underlying source code.

Staying true to this promise we have completely reworked the internals of our XMPP module. Our new chat engine is more robust than ever and is fully supported by our flagship UC Zulu product line. Support for group chats, avatars, message history and more is already supplied in XMPP and best of all it’s free!

Zulu already supports these outstanding features and in the next few months the UCP chat interface will also support rooms, avatars and message history. We are very excited with how Zulu has progressed and how it’s also helped to expand the FreePBX Open Source Portfolio.

Moving Forward

In the next six months, we hope to release a Beta of FreePBX 15 with a redesigned backup module that will no longer be required to restore from the same version you are backing up to. This will also start our quicker release period where major FreePBX releases will happen every 6 months.

Get FreePBX 14 RC1 Today

Choose one of the following methods to install, provide feedback & report bugs:

Thank you for using FreePBX!

Security Vulnerability Notice

Summary:

An unauthenticated remote attacker can run shell commands as the Asterisk user of any FreePBX machine with ‘Recordings’ versions between 13.0.12 and 13.0.26.

Details:

The recordings module lets you playback recorded system files. Due to a coding error and a PHP quirk, certain Ajax requests were unauthenticated when requesting files.

This has been fixed in Recordings 13.0.27.

For PBXact users on version 10.13.66 make sure you upgrade to version 10.13.66-15 or higher to receive the patch.  For information on how to update your PBXact system review our wiki here.

For FreePBX Distro users on version 10.13.66 you can either upgrade the Recordings module in module admin to version 13.0.27 or upgrade to FreePBX Distro 10.13.66-15.  For information on how to update your FreePBX Distro system review our wiki here.

This vulnerability was discovered by: Adrian Maertins <adrian(dot)maertins(at)gmail(at)com>

Additional Details:

As FreePBX is an appliance, any remote shell access can be leveraged to become root.

Keep in mind for security, performance, and the best user experience be sure you keep ALL modules up to date. Some security and functional updates may be delayed or unreleased by maintainers of 3rd party repositories.

It is also always good practice when requiring internet access to your PBX to run the FreePBX firewall and/or other quality firewalls in front of your system. Limit access via VPNs and where possible, such as Sangoma Phones, take advantage of native phone VPNs to minimize the exposure you must provide to potential hackers by limiting the ports you need to open.

Links to More Information:

http://wiki.freepbx.org/display/FOP/2016-08-09+CVE+Remote+Command+Execution+with+Privileged+Escalation

http://issues.freepbx.org/browse/FREEPBX-12908

History of Security Vulnerability:

Sangoma takes security issues very seriously and we try to work with security experts who find such vulnerabilities in a cooperative manner in order to maximize the ability to protect the user base with timely patches and appropriately timed communications.

This particular vulnerability was reported and the reporter only provided a short time window of three days before disclosing the vulnerability. As such, we have not been provided adequate time to get a proper CVE which we will be working on and we are providing patches to address the issue and requesting users update their systems immediately to be protected against possible hackers once they see the report and create malware attack scripts to go after FreePBX systems open to the internet.

FreePBX 13 BETA is Ready For Testing

FreePBX 13 BETA is Ready For Testing

The development team is excited to announce the FreePBX 13 BETA release is now OPEN and available for install via the FreePBX Distro, or upgrade your current Alpha system through Module Admin.

When you open up the new version the first impression will be a complete change in the look and feel. You’ll discover features such as scrollable dropdowns, search bars, wizards and re-designed navigation menus that make your day-to-day interactions easier and faster. What won’t be immediately obvious is the vast “internal plumbing” changes that result in benefits such as significantly faster reload times especially for large installs and the replacement of the deprecated PearDB library with the modern PDO for faster and more secure database access.

The team has been working hard for 9 solid months; with close to a dozen developers involved, the results are impressive. We’ll be introducing a “Version Upgrade” module in the coming weeks once we get the initial feedback that this Beta looks solid, which means we need your help now to provide us that feedback!

“Town Meeting” via Google Hangout

We’ll brief you in just a moment, but first, please mark your calendars for our premier in a series of interactive Hangout Meetings where we will tell you more about Version 13 and give you an chance to interact with us directly to get your questions answered!

When: Thursday, July 9th 4PM EST

Where: bit.ly/1GNCg4c

Understanding What’s New in FreePBX 13

This new version takes off on many of the technologies and experiences that were introduced in FreePBX 12 where an all new mobile friendly User Control Panel (UCP) was introduced based off of Twitter’s bootstrap framework along with a myriad of other enhancements spanning from Asterisk’s PJSIP support to HTML5 voicemail playback and recording to secure module signing.

The visual enhancements of 13 stick out right away. From the new grid layout of each module to the ease of use wizards:

FreePBX 13 Grid Layout

 FreePBX 13 Quick Create Extension

FreePBX 13 Wizard

The team has made changes based on your user feedback and improved UI design research. Past problems such as menu selections too long for your browser window have been addressed with scrollable menu bars and advanced users can navigate quickly with search box abilities:

FreePBX 13 ScrollFreePBX Search Boxes           

The list of navigation and usability improvements goes on; the best way to discover them is to get it up in front of you and start experiencing all the great things the team has been working on!

We also put in effort addressing some bigger “sub-systems” to further enhance FreePBX based on user demands and changing technologies with the evolution of Asterisk.

Bulk User Management has been a big request and has seen minimal support in the past. This version introduces the new Bulk Manager which is a pluggable module that allows you to do mass “spreadsheet” management of Users, Extensions, Contacts and DIDs, and designed to grow and scale with the evolution of FreePBX and the introduction of features from other modules that affect these.

 FreePBX 13 Bulk

Call Event Log (CEL) integration and reporting, the Asterisk evolution of CDRs, has been added to be able to view the detailed activity of events from calls on your system.

 FreePBX 13 CEL

 FreePBX 13 CEL

With FreePBX prevalent in over 220 countries, language localization has been a priority and version 12 already saw huge efforts in the improved localization abilities of FreePBX for different languages. This new version adds the next dimension of easy sound file management with simple online access to other languages. The last leg of this effort will be the System Recording module which will be re-written to enable the concept of multiple language versions of the same call recording and will be following right on the heals of this release. This means, for instance, you will be able to have a single IVR that can play in different languages with the exact same recording based on language selection decisions in the call flow.

 FreePBX 13 Localization

FreePBX has always had a very limited ability to work with it at the CLI level via various ‘amportal’ commands. This latest version has adopted the Symfony framework and began to offer much more extensive CLI access through the “fwconsole” command.

 

 FWConsole

There’s so much more to talk about that we can barely scratch the surface. The above are only highlights and the real efforts that have gone in can only be experienced by trying it out yourself. So we look forward to you helping us drive this forward to a release candidate and final release soon!

Downloads and BETA Availability

FreePBX 13 BETA is immediately available on the FreePBX 13 download page. The plan is once we move further in the BETA process we will release the .tgz file for users wishing to do localized builds on their own standalone systems. For the time being we are releasing only for the FreePBX Distro so as to control factors introduced by the OS or other unknown variables but any user can always checkout 13 from FreePBX git servers.

In order to help us release FreePBX 13 on schedule, users of the BETA release are encouraged to report any bugs, issues or errors at http://issues.freepbx.org.

For now we look forward to your feedback testing and helping us get 13 finalized! Without your contributions and support FreePBX wouldn’t be the most prevalent and open source PBX platform on the planet and for that we are deeply grateful!