Dismiss Notice
We would like to remind you that we’re updating our login process for all 3CX forums whereby you will be able to login with the same credentials you use for the Partner or Customer Portal. Click here to read more.

Opening 3CX to the world

Discussion in '3CX Phone System - General' started by jasonhayes, Sep 21, 2016.

Thread Status:
Not open for further replies.
  1. jasonhayes

    jasonhayes New Member

    Joined:
    May 9, 2012
    Messages:
    140
    Likes Received:
    10
    We are thinking of opening 3CX up to the world, to enable staff to benefit from the 3CX App on mobiles. What is the general advice, what are others using to secure 3CX the best they can, is there a paper with best practice?
     
  2. leejor

    leejor Well-Known Member

    Joined:
    Jan 22, 2008
    Messages:
    11,105
    Likes Received:
    329
    I'm sure that a number of forum members will want to chime in on this.

    In a nutshell... if you have outside extensions, you will have to open up certain ports...

    http://www.3cx.com/docs/3cx-phone-system-v14-ports/

    Some of those may already be open if you use a VoIP provider. Some may not have to be used if you make use of the Tunnel and don't care about using Presence.

    Simply having port 5060 open, will invite hackers attempting to place direct SIP calls, or register an extension. 3CX is pretty good at blocking and flagging these (you can arrange to be sent an email when these happen), just be sure that your passwords are not easy to guess. Some of the 3CX anti-hacking settings can be tweaked to better insure that hack attempts don't go very far, and are blocked for longer periods.

    If you haven't already done so, you should consider a router/firewall that allows you to "whitelist" certain IP's or ranges,and block "problem" IP's before they even reach the PBX.
     
Thread Status:
Not open for further replies.