Skip to content

[bug]: Global Search "Intrusion Detection" Opens Wrong Module and Clears Whitelist #971

New issue
New issue
Open
Open
[bug]: Global Search "Intrusion Detection" Opens Wrong Module and Clears Whitelist#971
Labels
bugSomething isn't workingtriageTriage
@pandamienvr

Description

@pandamienvr
pandamienvr
opened on Feb 12, 2026

FreePBX Version

FreePBX 17

Issue Description

When using the global search bar in the FreePBX web GUI to search for "Intrusion Detection", the result opens:

Admin / System Admin / Intrusion Detection

instead of the expected:

Firewall / Intrusion Detection

Opening the System Admin Intrusion Detection page immediately modifies the whitelist configuration without any user interaction or confirmation.

Specifically:

The "Trusted" import selection becomes unselected

The whitelist is reduced to only 127.0.1.1

No Save button is present

The change appears to be applied automatically upon page load

As a result, previously trusted IPs are removed from the ignore list, which causes Fail2Ban to block legitimate SIP registrations. In my case, this resulted in complete loss of access to FreePBX from my company's public IP.

Operating Environment

FreePBX: 17.0.25
System Admin: 17.0.2.36
System Firewall: 17.0.1.35
OS: Debian 12.13
Kernel: 6.1.0-43-cloud-amd64
Architecture: x86_64

Relevant log output

Metadata
Metadata
Assignees
No one assigned
    Labels
    bugSomething isn't workingtriageTriage
    Type
    No type
    Projects
    No projects
    Milestone
    No milestone
    Relationships
    None yet
    Development
    No branches or pull requests
    Issue actions