VitalPBX 2.4.0-5 Endpoint Manager Apache Password?

VitalPBX Community Support General Discussion VitalPBX 2.4.0-5 Endpoint Manager Apache Password?

Up
0
Down
  • Post
    jrosetto
    Participant

    Is there a way from the GUI to add a basic auth username and password to the xepm-provision directory for phone provisioning.  I manually added the entries in apache to get authentication to work but after using the GUI and saving changes it reverted what I had configured in CLI.

    Having anonymous access to the cfg files for phones is a pretty big security issues as it has the username and password for each account in plaintext.

    Any help or suggestions are greatly appreciated,

     

    Thanks.

    0
Viewing 8 replies - 1 through 8 (of 8 total)
  • Replies
    jrosetto
    Participant

    @ing-joserivera26

    Worked beautifully.  I was modifying apache configs which were being overwritten.  This method seems to stick.

    Thank you!

     

    0
    PitzKey
    Participant
    US

    Nice. Maybe this should be an official feature to allow admins to enable provisioning auth. Perhaps is it even possible to setup multiple credentials? that way you can revoke access for a single tenant.

    0
    Gary
    Participant

    I second the idea for it to be a feature of the system, even if it’s a paid module.

    0
    InTeleSync
    Participant

    +1 from me also. I like the ability to control by tenant the provisioning username/pw. The ability to turn on or off the provisioner entirely. With this new auth protection have Fail2Ban monitor it.

    I don’t think this should be a paid add-on. Security should always be a priority by default, and it is one of the primary reasons I’ve chosen VitalPBX to service at least some of my PBX needs. 

    0
    jrosetto
    Participant

    I stand corrected.  Everything was working perfectly until I upgraded from 2.4.0-5 to 2.4.0-6 and it overwrote the file.  After adding the entries again everything is fine.  Would be nice to have it in the UI so it updates accordingly with upgrades.

    0
    Gary
    Participant

    @jrosetto Not sure which brand of phones you are provisoning, I use mostly Yealink which has a option for user name & password under the provisioning tab is this the type of access restriction that the htaccess file is giving you.

     

    0
    jrosetto
    Participant

    @gary

    We use primarily use Yealink as well and yes it gives you that feature.  You can also sign up as a partner with yealink and configure zero touch provisioning without ever touching the phone.

    http://dm.yealink.com/

     

    0
Viewing 8 replies - 1 through 8 (of 8 total)
  • You must be logged in to reply to this topic.