User Rating: 5 / 5

Star ActiveStar ActiveStar ActiveStar ActiveStar Active

FusionPBX is an amazing WEB frontend for FreeSWITCH. But as any non-proprietary project (I mean OpenSource licenced), installation is not as easy as everyone would wish. So, here I explain one of the many methods available to install it.

This installation by default will install FusionPBX with the following capabilities:

  • Multi-tenant enabled
  • MySQL/MariaDB enabled for the Profiles registrations
  • MySQL/MariaDB enabled for the FreeSWITCH core
  • MySQL/MariaDB enable for the FusionPBX
  • FusionPBX XML Handler enabled
  • LCR and Billing for FusionPBX
  • FreeSWITCH 1.10.1 1.6 (latest available when writing this post)
  • Database index optimized

This way, if you want to do later advanced configuration such as load balancing or HA, you don't need to do a big thing in the FreeSWITCH or FusionPBX end.

User Rating: 5 / 5

Star ActiveStar ActiveStar ActiveStar ActiveStar Active

Everyone knows that CentOS only takes care of some specific core packages. All others, if you want to continue using RPM's, must be used from alternative Repositories. There are many alternatives:

  • EPEL: you will find here many useful packages. Packages get updates for critical bugs.
  • Remi: you will find here backports for the most useful packages. 
  • OKay: you will find here some specific packages for servers, audio, and video.

I especially do contributions to the OKay repository. So, if you want to use OKay follow these steps:

  • Install the EPEL repository, you may try typing yum install epel-release. I think at least Centos 7 and 8 have it out of the box.
  • Install the okay-release RPM. Type:
    • Centos 6 on 32 bits: rpm -ivh​?
    • Centos 6 on 64 bits: rpm -ivh
    • Centos 7 on 64 bits: rpm -ivh
    • Centos 8 on 64 bits: rpm -ivh

I will post later as I publish some updates or packages.

Soon I will stop updating the CentOS 6 repository.

User Rating: 5 / 5

Star ActiveStar ActiveStar ActiveStar ActiveStar Active

If you have installed FusionPBX from the installation scripts you will notice it has already some fail2ban configurations. If you are using my RPM's, it doe not include any kind of this configuration as my philosophy is to specialize in the package to do one thing, not a do-it-all. Anyway, if you are only using FusionPBX with FreeSWITCH as a personal PBX those rules should be more than enough.

I recommend you do a quick reading of my previous fail2ban post where I describe the gap between Layer 7 exposures versus Layer 3 controls. You will understand my thinking.

If you are being more serious about your PBX or you are running a business you will find at one point those rules are not enough. I will explain myself a little more. As a commercial service, your exposure to the world is bigger; your domain is advertised, telephones do DNS, HTTP and SIP request to your servers and sooner than later you will start getting your first kiddy scripts targeting your servers. As you grow, you will find your customers are far to be technical; they do many dumb things (wrong password because they changed something on the service or inside jobs from tech staff are some examples) which leads to fail2ban rule applications.

There is nothing more harmful than a bad review from an ignorant customer. They do not know why they are being blocked. So, here is where we need to tun fail2ban and add some important information to pre-block offending IP's.