On 15/1/2010 a security advisory was released for FreePBX version 2.5.1 (and potentially earlier versions) concerning a SQL injection vulnerability. If you are running this version then I would suggest upgrading to version 2.5.2. You can find more details of the vulnerability here.

You can upgrade through the FreePBX GUI by using the module admin menu. Here are the steps -

* While FreePBX 2.6 is available please make sure you’re aware of any implications before updating to this version.

1 – Select the ‘Module Admin’ menu

2 – Click ‘Upgrade All’

3 – Click ‘Process’

4 – Click ‘Confirm’

5 – Click ‘Return’

6 -Click ‘Apply Changes’

Elastix includes an Instant Messenger server called OpenFire. While not enabled by default it is very easy to enable.

What’s not so obvious is how to disable OpenFire if you decide, once you’ve had a look at it, you don’t want/need to run it. You might want to do this as OpenFire runs on Java which can be quite memory hungry, also it opens another point of attack to your server.

The easiest way to disable it is via the command prompt by running -

This will also stop it starting automatically when the server is rebooted.

I recently looked at an A2Billing 1.34 install that was slow to browse the rates through the GUI. There were over 800,000 rates which was causing the slowdown. While probably not a good idea to have so many rates, it is possible to speed up this screen by creating an index in MySQL.

To do that -

Log in to MySQL -

(you should be able to get the username/password you need from the top of the /etc/asterisk/a2billing.conf file)

Create an index on the destination field in the cc_ratecard table -

To find out why queries are taking so long in MySQL you can turn on the slow-query log in MySQL.

See here for more info – http://dev.mysql.com/doc/refman/5.1/en/slow-query-log.html