Yeastar - Security Rules and Settings
Security Rules and Settings
Within Security option in Yeastar there are 2 Security configurable area's:
- Security Rules
- Security Settings
Security Rules
Allowed IPs
Allowed IPs is used to add specific IP addresses or domain names to the PBX allowlist to prevent from being blocked by the system.
Add an Allowed IP Address
To prevent trusted IP address or domain from being blocked by the system, you can add desired IP addresses or domains to the allow list.
- Log in to PBX web portal, go to Security > Security Rules > Allowed IPs, click Add.
- In the Name field, enter a name to help you identify the rule.
- Optional: In the Description field, enter the rule description if necessary.
In the Type drop-down list, select the desired type.
- IP Address: If you choose this type, enter an IP address in the IP Address field.
- Domain: If you choose this type, enter a domain in the Domain field.
- Click Save.
For IP address or domain that is allowed to access the PBX, the system will always accept connections from the address.
Manage Allowed IP Addresses
This topic describes how to edit or delete the allowed IP address or domain.
Edit an allowed IP address
- Log in to PBX web portal, go to Security > Security Rules > Allowed IPs.
- Select the desired IP address or domain, click
. - Edit the IP address or domain according to your needs.
- Click Save.
Delete allowed IP addresses
- Log in to PBX web portal, go to Security > Security Rules > Allowed IPs.
Delete one or more IP addresses or domains according to your needs.
- To delete an IP address or domain, click
, then click OK. - To delete IP addresses or domains in bulk, select the checkboxes of the desired IP addresses, click Delete and OK.
Blocked IPs
The blocked IP addresses would be listed in the Blocked IPs. If a trusted IP address was blocked, you can go to Blocked IPs to delete the IP address.
View blocked IP address
- Log in to PBX web portal, go to Security > Security Rules > Blocked IPs.
Check details of the IP address that was blocked.
- Defense Type: The defense type.
- Block Type: Whether an account or an IP address was blocked.
- Block Range: The account range or port range that was blocked.
- Time of Attack: The time that the blocked account or IP address tried to attack the system.
- Protocol: The protocol that the blocked account or IP address tried to attack.
- Attacked Port: The port that the blocked account or IP address tried to attack.
- Source IP Address: The IP address from which the attack was originated.
- Expiration Date: The date and time on which the block would expire.
Delete blocked IP address
- Log in to PBX web portal, go to Security > Security Rules > Blocked IPs.
Delete one or more IP addresses according to your needs.
- To delete an IP address, click
beside the desired IP address, click OK. - To delete IP addresses in bulk, select the checkboxes of the desired IP addresses, click Delete and OK.
Outbound Call Frequency Restriction
Outbound Call Frequency Restriction rule is used to limit the number of outbound calls over specified time period.
The PBX has a default rule to limit extension users to make maximum 5 outbound calls in 1 second.
- Log in to PBX web portal, go to Security > Security Rules > Outbound Call Frequency Restriction, click Add.
In the pop-up window, configure the following settings:
- In the Name field, set a name to help you identify the rule.
Click Add and set up the restriction parameters:
- Number of Calls: Set the limit number of outbound calls.
- Time Period: Set a specific time period, and then select the time unit as Minute(s) or Second(s).
- Click Save and Apply.
Then apply the Outbound Call Frequency Restriction rule to limit the extensions.
- Log in to PBX web portal, go to Extension and Trunk > Extension, edit the desired extension.
- Click Security tab.
- Scroll down to the Call Restrictions section, in the Outbound Call Frequency Restriction drop-down list, select the desired rule (s).
- Click Save and Apply.
The PBX has a default rule Default_Ext_Outbound Call Frequency, which limits extension users to make maximum 5 outbound calls in 1 second. You can add new rules according to your need.
Security Settings
The PBX provides additional options so that you can flexibly adjust your security scheme:
- Passwordless Login
- If you need the service provider to access your PBX system for remote technical support, and don't want to expose the administrator account credentials, you can set up the PBX to allow passwordless login.
- Two-Factor Authentication
- Yeastar P-Series Cloud Edition supports to set two-factor authentication for super administrator account to ensure login security.
- Enable IP Restriction for Administrator Login
- Yeastar P-Series Cloud Edition supports to add IP restrictions to specify the IP addresses from which super administrator are allowed to access administrator portal.
Console/SSH Access
Yeastar P-Series Cloud Edition supports SSH access. Technical supporter engineers can establish a temporary SSH connection on the PBX to check logs and debug the PBX.
Allowed Country IPs
You can set up Allowed Country IPs to only allow specific countries or regions to access your phone system, thus preventing the situations that hackers remotely access your phone system to make international and long-distance calls, monitor conversations, or do other operations that may cause security threats to your phone system.
Allowed Country Codes
You can set up Allowed Country Codes to restrict users from making international calls to specific countries or regions, thus effectively preventing toll fraud.
Related Articles
Yeastar - Public IP for whitelisting with ITSP & Yeastar SBC
Public IP for whitelisting with ITSP The following are the SBC IP addresses for the Yeastar Cloud PBX. The addresses can be whitelisted by ITSP for Yeastar access. Yeastar SBC Servers There are 2 server for the Yeastar Cloud Solution SBC Server When ...
Yeastar Cloud PCE - system capacities
Ext: Maximum Extensions CC: Maximum Concurrent Calls Items Ext<=50 50<Ext<=200 200<Ext Comments Software Limitation Performance Concurrent Call without Auto Recording CC CC CC Concurrent Call with Auto Recording CC CC CC Extension User Ext Ext Ext ...
Yeastar P-Series Self-Hosted Migration to Different Platform
Yeastar P-Series Self-Hosted Migration to Different Platform On the current Yeastar P Series PBX Check for new firmware and if available upgrade the Yeastar to the latest firmware Select Maintenance – Upgrade – Check for New Firmware Select Upgrade ...
Activate and Initially Set up Yeastar P-Series Software Edition
Activate and Initially Set up Yeastar P-Series Software Edition After you install Yeastar P-Series Software Edition, you need to activate and finish initial configurations for the system using the Installation Wizard. Prerequisites You have accessed ...
Yeastar - PBX to Yeastar NeoGate TA800 Gateway (Peer Trunk Mode)
Yeastar P-Series to TA800 Complete Peer Trunk Integration Guide Document Purpose This document details a complete integration blueprint to deploy a Yeastar TA800 8-Port FXS gateway alongside a Yeastar P-Series PBX without using extension licenses. It ...