User Rating: 5 / 5

Star Active Star Active Star Active Star Active Star Active

The Enhanced XML CDR Importer is a piece of software that directly replaces the standard FusionPBX XML Importer. Each time a call is finished, the FreeSWITCH, through the mod_xml_cdr module, will call an HTTP PHP script that will import the call detail record into the database. It is called XML because FreeSWITCH actually uses an XML format to push the data.

Read more: Enhanced XML CDR Importer for FusionPBX 1.2.0 Released


User Rating: 5 / 5

Star Active Star Active Star Active Star Active Star Active

In the long journey of security, moving from HTTP to HTTPS is one of the many steps you will need to do. So, the first question is: why you just don't close port 80/tcp? The answer is more an SEO matter than a security one; if you close the port 80/tcp when Google and any other indexing engine will try to contact you, it will time-out. This, at Google's eyes, means an off-line server; an off-line server is a candidate to be taken out of the indexing.

Doing a proper redirection, for example from to is the correct way. Google will understand the HTTP error code 301 and it will reindex you with the correct URL.

Here it is my .htaccess file I use:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} !^127.0.0
RewriteCond %{REMOTE_HOST} !^127.0.0
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

This will allow HTTP redirection for all queries but those who come to IP 127.0.0.x. You can play with the regular expression to do exceptions.

Remember to modify Apache's configuration in the <Directory> tag to allow all to be overwritten.


User Rating: 5 / 5

Star Active Star Active Star Active Star Active Star Active

If you are managing a farm of clusters with a common mission, for example, a set VoIP cluster or a Web Hosting farm, One of the hardest things is the repetitive management work. In a 100-server cluster environment, when an attacker hits one node, eventually that attacker will get to another node and continue the attack. One of the biggest exposures here is that usually (not always), cluster's nodes share a common database. Hitting a winning vulnerability it is just a matter of time for the other peers.

With all this said, I will explain my approach that tries to fix this situation. At the end of this reading, you will understand how to have a proactive secured environment.

Read more: Centralizing your Fail2ban + Honeypots = Proactive Security