Local/Remote install & Security/Performance tradeoffs
I'm currently using a hosted FreePBX/asterisk server located in a data center somewhere; I have no physical access, but I do have shell (root) access to the box.
I've installed FOP2 on the PBX host machine and all works well. Users access FOP2 from the business location... meaning that the FOP2 web sockets are going across the internet.
QUESTION #1: Is this websocket traffic encrypted??? If not by default, can it be?
Also, I've realized that anybody could use our machine to make calls by just guessing extension numbers and all numeric, typically very short, passwords. This is obviously terrible security...
QUESTION #2: What is the normal setup in my situation (hosted, remote PBX)? Should I have installed FOP2 on a local server? But then the Asterisk API/REST calls would all be on the internet, right? Then, the same question about encryption arises...
Bottom Line: What's the most secure way to set up a FOP2 for a remote Asterisk (FreePBX) box?
Thanks in advance for any advice!
I've installed FOP2 on the PBX host machine and all works well. Users access FOP2 from the business location... meaning that the FOP2 web sockets are going across the internet.
QUESTION #1: Is this websocket traffic encrypted??? If not by default, can it be?
Also, I've realized that anybody could use our machine to make calls by just guessing extension numbers and all numeric, typically very short, passwords. This is obviously terrible security...
QUESTION #2: What is the normal setup in my situation (hosted, remote PBX)? Should I have installed FOP2 on a local server? But then the Asterisk API/REST calls would all be on the internet, right? Then, the same question about encryption arises...
Bottom Line: What's the most secure way to set up a FOP2 for a remote Asterisk (FreePBX) box?
Thanks in advance for any advice!