vicidial.org

[ramizuabhalim]

Hi Support,

Do we plan upgrade the PHP version 7.x to 8.x?

[mflorell]

Probably at some point, but not for a while. We'll probably start doing compatibility testing on PHP8 later this year. I don't see any show-stoppers in the release notes, so that is encouraging.

[carpenox]

did you guys see the PHP repo's were infected by hackers with a malware/ransomware campaign....? scary

[mflorell]

Not too worried about the PHP GIT codebase getting some malicious code temporarily inserted into it, since they were immediately discovered and we only use older pre-built PHP packages. It pays to not be in the cutting edge

Also, they removed the affected GIT server right away and they are apparently moving to a more secure hosted GIT service so that kind of attack can't happen again.

[carpenox]

yea thats just crazy to me that this type of attack wasnt already defended against. This new world we live in with a world cyber war on the horizon is going to make it even more important for the community to start using the new feature you added for two factor auth, along with IP whitelist to make sure all of our servers are secure against making it easier by not doing anything and therefore further helping these cyber criminals that are targeting dialers for their ransomware campaigns and other social engineering tactics and/or MITM(man in the middle) attacks for their monetary gain. I have several articles showing people how to secure their servers and I hosted a free live webinar yesterday with a demonstration of how to apply such security techniques. Please if anyone has any questions on how to secure your servers, message me on skype or whatsapp, I am more than willing to help anyone in this community to provide you with the information to secure your servers.

[ramizuabhalim]

Hi Matt,

Good day to you.

Right now, our Vicibox still are using Php 7 right? Any plan to upgrade for Php 8?

Thank You.

[ramizuabhalim]

Hi Matt,

Do you plan to upgrade php 7 to php 8?
Is it possible we upgrade php 7 to php 8 in vicidial manually.

[carpenox]

They are working on it, it's not working with php8 yet. Manually could be done if you own changing code. It's a very large undertaking. Good luck

[ramizuabhalim]

HI Carpenox,

Noted with this.
May I Know any remediate solution to solve the vulnerability issue ?

Thank You in advance.

[carpenox]

Secure your server with proper firewall rules, using the dynamic portal

[ramizuabhalim]

Hi Carpenox,

Thank you for your advise. Let me check it out.

[mflorell]

We just committed hundreds of changes to our PHP codebase for PHP8 support in VICIdial. Check out svn/trunk revision 3863 or higher to test it out!

[mflorell]

We just committed hundreds of changes to our PHP codebase for PHP8 support in VICIdial. Check out svn/trunk revision 3863 or higher to test it out!

[hbondoc0988]

Wow.. this interesting

[carpenox]

I will be doing a live stream tomorrow demonstrating the upgrade for this if anyone is interested my contact info below.

[snmtech]

I will be doing a live stream tomorrow demonstrating the upgrade for this if anyone is interested my contact info below.

Hi carpenox, Do you have any DOC on this, please?

[carpenox]

U have not written an article for it but I can, give me a few days ill post it here when i get it done