Jump to content

Failed Web Login Crash


mabbott
 Share

Recommended Posts

I’m glad we are not the only one

our system keep crashing almost every day due to that problem

a new release was given to us by the programmers, which that actually caused our system to lose all the configuration files

so unless they come out with a newer release then 3.2 i wouldn’t suggest updating it

 

on the other note the only way to fix this, I’m thinking is to do the following

disable the login page to come up when entering the IP address of the server, and only allow it for one IP address, which will be the main office that provisions the phones and creates the domains etc

this way no subscriber has access to it. anyone that can come up with a fix, please advise

 

BTW what OS are you running? at first we were told it keeps crashing because we are using Fedora, but now even with FreeBSD it also keep crashing if you log in with the invalid credentials (which customers keep trying since they forget their password,)

 

wouldn’t it be nice to have a "forgot my password" tool? and if we do have it, allow us to Block web log in per extension, maybe one company doesn’t want their employee logging on to the web portal to change his email address etc.... and if we have a forgot password, he will get his password which isn’t good, so having an option if disabling web log in per extension would be awesome

Link to comment
Share on other sites

for now we have installed IPTABLES on the server and we block out all IP except our office, so we wont have a problem with customers tryign to log in with a wrong user name or password match

 

You can also bind the http server only to your private IP address. In the port settings, put something like "192.168.1.2:80" and then it will bind only to that port...

 

A new version will be available today.

Link to comment
Share on other sites

will it have a forgot my password tool? and also be able to set per extension if it can have access at all? if not the forgot my password wont work

so lets say company 1 doesnt want extension 111 to have access, but if it does a forgot password, thenit will get the password, which isnt good

so for extension 111 have the option of not checking on access to web portal

Link to comment
Share on other sites

will it have a forgot my password tool? and also be able to set per extension if it can have access at all? if not the forgot my password wont work

so lets say company 1 doesnt want extension 111 to have access, but if it does a forgot password, thenit will get the password, which isnt good

so for extension 111 have the option of not checking on access to web portal

 

No, this is just about the HTTP/HTTPS socket. You can limit the access by choosing password that the end user does not know. Ouch, don't do that on 3.1.2! But it will work on 3.2.

Link to comment
Share on other sites

exactly, id like to see a "i am stupid and forgot my password so please email it to me"

but like i said, it should be based on per user, some users can do it, and some should be blocked

 

Yes, plus we just added at least the initial email with the web password. If the user is smart enough to go through old emails he might find it. Probably we should add a button that triggers the sending of this again. But still be must mandate that the user enters a valid email address - which is a challenge for some...

 

Stupid end users! :rolleyes:

Link to comment
Share on other sites

first time i have heard of a hard crash. pbxnsip is very stable but a good rule of thumb is to not be bleeding edge on software revisions.

We are still on 3.0.1 really wanting to upgrade but there seems to be a pretty heavy core change that is making things a little hard for me to be willing to upgrade to 3.1+

Link to comment
Share on other sites

first time i have heard of a hard crash. pbxnsip is very stable but a good rule of thumb is to not be bleeding edge on software revisions.

We are still on 3.0.1 really wanting to upgrade but there seems to be a pretty heavy core change that is making things a little hard for me to be willing to upgrade to 3.1+

 

If there is no need to upgrade don't do it... We keep the release notes on the Wiki. If there is nothing that interests you, "never change a running system". :)

Link to comment
Share on other sites

  • 3 weeks later...
We are running 3.1.1.3110 (Win32) and consistently after 10 failed login attempts in quick succession the pbx service restarts.

 

At first we thought it was a great feature that was blocking IP addresses of failed users until we realised that no the whole PBX was restarting.

 

There was a fix provided the newer versions (in the last 2 weeks).

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...