security feature request

[matictec]

Please add an option to 3cx assistant and 3cx provisioning to use https instead of http. At least add an option to 3cx Assistant to use https when myphone portal is opened through assistant.

 

[dab]

+1

 

[carolinainnovative]

+1 and about the third time this has been requested...

 

[LeonidasG_3CX]

You're too late.
It's already been implemented and will most probably be available in the next release, but don't take my word for it. It might not make it into the next build.

 

[matictec]

nice...very nice...

 

[LeonidasG_3CX]

nice...very nice...

ooh... I'm sorry, i read the title of the thread which said "security feature request"
We have indeed implemented a Security feature to prevent hacking of the PBX, that was what i was referring to.

Now about myphone being opened with https, this should already be possible by using IIS / configuring some options in it's settings. It is probably also possible with Abyss as well, but it's something we haven't tried yet.

 

[matictec]

yes. it is possible with with ssl activated on iis to use management console, myphone portal and provisioning, but some things are missing:

- option in 3cx assistant to use https, when opened my phone portal
- option in management console to use https in welcome email for provisioning

enabling ssl on iis is an admin task, so is not neccassary to be an option during installation of 3cx.

security improvments aganst hacking attacks:

- set an extension to disabled after 5 wrong registrations