wardmundy
Nerd Uno
- Joined
- Oct 12, 2007
- Messages
- 19,201
- Reaction score
- 5,221
A Few Thoughts on the Recent Web/PHP Exploit of CentOS-based Apache Systems
FreePBX Distro Rooted
See also the FreePBX Security Advisory
We don't wish this on anybody or any distro, but it reinforces the importance of security vigilance and the need to heed 5 KEY SECURITY CONSIDERATIONS WITH PBX IN A FLASH:
For current status, see this post.
FreePBX Distro Rooted
See also the FreePBX Security Advisory
We don't wish this on anybody or any distro, but it reinforces the importance of security vigilance and the need to heed 5 KEY SECURITY CONSIDERATIONS WITH PBX IN A FLASH:
- Always run PIAF behind a secure hardware-based firewall with NO PORTS exposed to the Internet
- You always get the latest YUM updates for CentOS on new PIAF installs
- Don't monkey with the PIAF and Apache Security Model
- If you absolutely must expose PIAF ports to the Internet, use WHITELISTS in IPtables or a VPN for all access
- install-hamachi script is included in new installs and OpenVPN install instructions are available on this forum!
For current status, see this post.
Last edited by a moderator: