...
Monitoring access to your server. [HOW-TO] Monitor and Set Email Alert For Unauthorized Access to FreePBX (Centos) Serverhttps://community.freepbx.org/t/how-to-monitor-and-set-email-alert-for-unauthorized-access-to-freepbx-centos-server/59420
Add IP ranges for your Region IP ranges https://cloud.google.com/vpc/docs/vpc#ip-ranges (example 10.140.0.0/20) to your FreePBX: Setting >> Advance SIP Settings >> NAT Settings >> Local Networks
Install Logwatch (work best on new install).
Install Tripwire (work best on new install).
If you are planning to use cell phones, I recommend setting you own OpenVPN server and whitelist the IP in the Firewall rules and install OpenVPN app on the phones.
Make sure Allow Anonymous Inbound SIP Calls and Allow SIP Guests (set to no) (Asterisk SIP Settings >> Security Settings).
Make sure to disable unused Feature Codes (Admin >> Feature Code) with attention to In-Call Transfers.
Make sure to blacklist offensive IP Addresses. Go to Firewall > Services > Blacklist > Add IP there.
If you are not planning to make international calls >> create restricted route see https://wiki.freepbx.org/display/FPG/Outbound + Routes +Configuration+Examples#OutboundRoutesConfigurationExamples-2.RouteName:RestrictedConfiguration Examples
Backup and Restore:
Backup can be best done through Snapshots and can be done manually or on scheduled basis.
In order to maintain your commercial modules, restored backup need to be attached to the original VM for the Zend ID / Deployment ID to stay the same.
Click on the Snapshot >> Create an instance. Try to keep the Region, Zone, Machine configuration, and Boot Disk type the same as the original VM.
After the new machine is created, go back to the new VM and turn it off >> Click Edit >> detach the Boot Disk by clicking on the x sign next to the Boot Disk.
Go to the original VM turn off, detach the Boot Disk by clicking on the x sign next to the boot disk >> then click add item and choose the disk just created >> Save >> Start the machine. You should have your same Zend ID / Deployment ID and all your modules.
...
Related articles/resources:
Pre-incident tools:
...