Security is about mitigating risks and providing ease of use, problem detection and remediation while protecting the most important characteristics of the system. This section will provide a number of points to consider.


General Recommendations

If you are not using VPN or on a local intranet with the FS server make sure to use SIP_TLS as all sip traffic and authentication is in the clear otherwise.

The most basic things for any system include:

Sources to consider:

Freeswitch Configuration

Passwords and other confidential information to change and protect

Your freeswitch configuration will have a number of areas where confidential information is stored. Here is a list to start with:

Please change the following elements of the default configuration:

Local Registrations

Firewall configuration

An example configuration for iptables can be found at Iptables on debian.

General Settings

SIP specific settings

Accepting SIP registrations from outside your network