NEW Free Oracle Cloud Instance

[voipgkavek]

Incredible PBX has its own firewall that blocks port access to 22, 80, and 443.

wow, that was a quick reply. thank you. What about the other question? stateless yes or stateless no?

thanks

 

[ostridge]

wow, that was a quick reply. thank you. What about the other question? stateless yes or stateless no?

thanks

I have the sateless for all protocols as per @wardmundy post somewhere -letting all stateless protocols through the Oracle firewall and letting the Incredible firewall (iptables) take care of blocking most of them. That is just the 1st line of the ingress rules of the OCL firewall. In Ingress Rules below the port 1234 is for whatever number ssh port you have configured and allowed in incrediblepbx iptables as well as in the ssh/sshd_config file

 

[voipgkavek]

I have the sateless for all protocols as per @wardmundy post somewhere -letting all stateless protocols through the Oracle firewall and letting the Incredible firewall (iptables) take care of blocking most of them. That is just the 1st line of the ingress rules of the OCL firewall. In Ingress Rules below the port 1234 is for whatever number ssh port you have configured and allowed in incrediblepbx iptables as well as in the ssh config file

View attachment 4685 View attachment 4683

I had left it as in the blog post with stateless NO and it was working since install yesterday. but I will change it to YES to avoid problems in the future. Thank you.

 

[ostridge]

ATTENTION
For the moment I'm assuming that no security action is needed in spite of the following email; but it does mention "In the future, Oracle will enforce this policy for all OCI tenancies."


here is text of email received from Oracle Cloud:

Oracle Cloud Infrastructure Customer

Security is a top priority for Oracle. To help improve the security posture of your Oracle Cloud Infrastructure (OCI) tenancy, Oracle is taking steps that will require the use of multi-factor authentication (MFA) for all new tenancies. In the future, Oracle will enforce this policy for all OCI tenancies.

MFA helps reduce the risk of your tenancy being compromised by strengthening the authentication process. Along with your username and password, you will be challenged for a second factor of authentication. Oracle recommends using phishing-resistant MFA devices such as FIDO2 compliant security keys for all cloud administrators.

Immediate Recommended Action: Enable MFA for all Oracle Cloud administrators. To set up MFA using Oracle best practices, see the IAM MFA documentation: https://docs.oracle.com/en-us/iaas/Content/Security/Reference/iam_security.htm#iam_mfa_best_practice

Action Recommended

Service(s): Oracle Cloud Infrastructure
Tenant Name: redacted

What should I do if I am still having an issue?

Click this link to view your available support options.
"https://cloud.oracle.com/support/home"

 

[dallas]

ATTENTION
For the moment I'm assuming that no security action is needed in spite of the following email; but it does mention "In the future, Oracle will enforce this policy for all OCI tenancies."


here is text of email received from Oracle Cloud:

Oracle Cloud Infrastructure Customer

Security is a top priority for Oracle. To help improve the security posture of your Oracle Cloud Infrastructure (OCI) tenancy, Oracle is taking steps that will require the use of multi-factor authentication (MFA) for all new tenancies. In the future, Oracle will enforce this policy for all OCI tenancies.

MFA helps reduce the risk of your tenancy being compromised by strengthening the authentication process. Along with your username and password, you will be challenged for a second factor of authentication. Oracle recommends using phishing-resistant MFA devices such as FIDO2 compliant security keys for all cloud administrators.

Immediate Recommended Action: Enable MFA for all Oracle Cloud administrators. To set up MFA using Oracle best practices, see the IAM MFA documentation: https://docs.oracle.com/en-us/iaas/Content/Security/Reference/iam_security.htm#iam_mfa_best_practice

Action Recommended

Service(s): Oracle Cloud Infrastructure
Tenant Name: redacted

What should I do if I am still having an issue?

Click this link to view your available support options.
"https://cloud.oracle.com/support/home"

I got that email too. It says this so I'm ignoring it at the moment

Oracle is taking steps that will require the use of multi-factor authentication (MFA) for all new tenancies. In the future, Oracle will enforce this policy for all OCI tenancies.

 

[ostridge]

got that email too. It says this so I'm ignoring it at the moment

Yes that would be the correct response atm for existing tenancy; but for new tenancies and future we will be needing a new recipe maybe some working it out the kitchen.

 

[rvgeerligs]

Yep. That's why there's a tutorial.

something is working. where is the tutorial? How to I log into the GUI on oralcle? Added def gateway to ./add-ip

 

[ostridge]

something is working. where is the tutorial? How to I log into the GUI on oralcle? Added def gateway to ./add-ip

Hi and wilcome to the forum
The tutorials can be found on the Incrediblepbx Tiki Wiki - Latest-Issues-of-Interest

of course you may prefer to start on the Incrediblepbx Tiki Wiki homepage

For oracle look on the Products page where you find Incredible PBX 2027 for Ubuntu 22.04 which is the latest or you could opt for an earlier offering.

 

[ostridge]

How to I log into the GUI on oralcle?

As the server is hiding behind the iptables firewall you need to set up some Virtualhosts via the cli in -
/etc/pbx/httpdconf/public.conf

Look in the thread here for

Access the webserver via FQDN​