FOOD FOR THOUGHT Click to Call with Joomla

unsichtbarre

unsichtbarre

Member
Joined
May 17, 2009
Messages
140
Reaction score
5
I found an extension (module) for Joomla websites which is potentially very useful: enter a phone number and click-to-call.
The module requires the following modifications to /etx/asterisk/manager.conf
Code: 
; At the end of the file you can add the following line:
 [yourUserName]
secret =  yourPassword
deny=0.0.0.0/0.0.0.0
permit=yourWebServerIP/255.255.255.255       
read = system,call,log,verbose,command,agent,user,config
write =  system,call,log,verbose,command,agent,user,config
Then entry of the following variables in the website:
Asterisk Host/IP: Here you should type your Asterisk Ip or host name. (If Joomla is installed in the same server you can type 127.0.0.1 or locahost)
Asterisk Maner User: Type the user name you set up for the asterisk manager (/etc/asterisk/manager.conf)
Asterisk Maner Password: Type the password you set up for the asterisk manager (/etc/asterisk/manager.conf)"
Context: Specify the context to make the outgoing call from. (e.g. default)
Wait Time: Specify the amount of time you want to try calling the specified channel before hangin up
Priority: Specify the priority you wish to place on making this call.
Receiving Channel: Specify the channel (extension) you want to receive the call requests with (e.g. SIP/XXX, IAX2/XXXX, ZAP/XXXX, etc)
Click to expand...

I am concerned with two things: It doesn't seem to work with Queues and/or Conferences and is it a huge security problem?

Thx in advance-J
 
jroper

jroper

Guru
Joined
Oct 20, 2007
Messages
3,832
Reaction score
71
unsichtbarre said:
I am concerned with two things: It doesn't seem to work with Queues and/or Conferences and is it a huge security problem?

Thx in advance-J
Click to expand...

Hi

I'd say that the security risk is now greater, as to make a call is now as secure as your Joomla website, and you have increased your attack surface area.

Secondly, you would want to set up some dialplan that only allows certain numbers for the area you serve, e.g. you don't want a callback scam going on to premium rated numbers in ${expensive_destination_with_no_legal_comeback}

In terms of the receiving destination, you could set it up to go to inbound routes, then send the call into whatever destination you want rather than direct to an extension etc, e.g. SIP/web-c2c, in inbound routes, set up a DID with the number "web-c2c" (ignore the warning message) then send the call to your desired destination. This should solve your issue with queues and conferences.

Joe
 
You must log in or register to reply here.

Members online

Total: 84 (members: 1, guests: 83)

Latest Posts

Forum statistics

Threads
25,825
Messages
167,849
Members
19,250
Latest member
mark-curtis
Get 3CX - Absolutely Free!

Link up your team and customers Phone System Live Chat Video Conferencing

Hosted or Self-managed. Up to 10 users free forever. No credit card. Try risk free.

3CX
A 3CX Account with that email already exists. You will be redirected to the Customer Portal to sign in or reset your password if you've forgotten it.
Verify your Email

Check your inbox!

We’ve sent you an email. Click on the button in the email body to verify your email address – (if you can not find it, check your spam folder).

Upon verification you will be directed to the 3CX setup wizard.

Top