Security Considerations with Incredible PBX 2021
Incredible PBX 2021 includes a rock-solid firewall that limits access to preferred providersand individuals whose IP addresses you have whitelisted. Unfortunately, this may notinsulate your server from FreePBX 15 irregularities if, in fact, Sangoma's signing key was compromised in the October 2020 Ransomware Attack. Sangoma either doesn't know or isn't telling. Keep in mind that Sangoma didn't mention the October breach either until someone else exposed it.
The good news is Incredible PBX 2020 and 2021 platforms include a unique ClearlyIP feature that lets us manage which modules and versions can be installed. It works exactly likewhat ClearlyIP has documented in their must-read blog post, and we've built a locked versionthat rolls back all of the modules to dates before the Sangoma breach. The good news is, withIncredible PBX, you don't have to jump through all the hoops covered in the ClearlyIP articleto fully insulate your server from the Ransomware breach. We've done the work for you.
For those with mission-critical platforms, we'd recommend immediate implementation ofwhat follows. For everyone else, it's your choice whether to wait and see if there is a breach ofthe signing certificate with malicious modules. If you opt to wait and see, MAKE FREQUENTBACKUPS.
Here's how to roll back all of your modules to dates before the breach. Login to the FreePBXGUI as admin and navigate to Settings > Advanced Settings. Drop down to the LockVersion field and change 15.19.11.001 to 15.19.11.003. Save your changes and reloadyour dialplan. Then use Module Admin to roll back any installed modules that are newer than the safe versions shown.
