AbuseIO 4.0 Release

After a little delay removing a final bug and adding a few more improvements we’re happy to announce the release of AbuseIO 4.0.

Introducing AbuseIO 4.0

AbuseIO 4.0 is a full rewrite of the original 3.1 code and except for the core logic just about everything has been changed. We’d like to highlight some of the new or improved features in this version.

Fully build with Laravel and Composer

laravel-logo-white

composer

If you Never heard about Laravel before? Laravel basically is a web framework that makes it easier for you to develop your application. Most sites have a common set of functionality (like handling sessions, data validation, validations, safety checks, etc) and a framework is something that prevents you from re-writing this each time you create a website.

With Laravel nearly forcing you to create objects and validate them correctly its a big step up from the previous version which hardly did not do any validation at all and just assumed all data to be correctly set up. Using the Laravel framework we were able to rewrite all the base code from AbuseIO into code that is up to current PHP coding standards.

In addition we use Composer to add all the required packages and keep track for installed versions with easy updating of these packages.

For the developers among us, a comparison (disclaimer: viewer discretion is advised, some of the old legacy code might be considered as ‘shocking’ for experienced developers ;)) of the old versus the new code.

Modular parsers and collectors

packages

Starting with this release we are developing and releasing all the add-ons separately from the AbuseIO core release. This way you can easily enable or customize each add-on individually, but it also allows developers to use these add-ons in their own applications.
Every add-on comes with its own default configuration from AbuseIO, but can be configured to reflect your abuse policy and its enforcement.

Command line tools

AbuseIO4_CLI

If you have been running production with 3.x for a while, you’d noticed the lack of adding new tickets/data to the system without having to add a custom parser or even worse add them directly into the database. In this new release all the work you can do on the GUI can also be done from the CLI.

Branding & Account separation

accounts

With brands and accounting its possible to use a single AbuseIO installation to manage multiple brands of your company allowing you to change the items like the ASH template for your customers.

Permissions and Access Control

permissions

In addition to linking users to a specific brand or account, you can also limit a user for a very specific set of permissions. Each method and action has its own permission which is required and to simplify the management of permissions you can create roles with a specific set of permissions to be added to multiple users.

Searchable data tables

datatables

In the previous versions you were limited with a separate search form to only search within the tickets view, but with the new release you can apply filters on all of the views accessible.

Domain support

domains

In previous versions of AbuseIO the system only linked tickets based on IP addresses. Because of this the system only created a single ticket and added the complaints of all the different domains on to a single ticket, making it hard to see which complaints are new or old.
With the new support for domains you can add domains and link them to other customers apart from the IP owners. This way you can both contact the IP and domain owner at the same time. But it also allows shared hosting providers to contact their website administrators/users and keep tickets truly separate.

Improved interaction with customers

communication

The communication screens between the customer and the abuse desk have been improved a lot. The customer is now able to view their own messages and replies from the abuse desk in ASH, but the abuse desk still has the option to hide internal notes from the customer. In addition once a note has been added by the customer, it is marked unread and visible in the ticket view so you can see which tickets need a response.

Other improvements and changes

There are just too many more items we could tell you about, but to summarize:

  • More parsers, which adds support for default ARF or FBL, AbuseHub and many more.
  • Parsers that were initiated locally and were collecting data from a remote location are now renamed into collectors. All collectors run simultaneous as well as individually.
  • Automated upgrading of tickets to a higher priority (info, abuse, escalation).
  • Integration with your own IPAM or CRM, including prepared integration with NIPAP and phpmyipa.
  • Added IOdef documents to all outgoing e-mail reports allowing any external system to import the data.

Installation

If you are just starting with AbuseIO, then it’s best to start with the installation documents which can be found here. The installation itself is very simple, however if you get into trouble please check the known common problems section.

Upgrading from 3.x

If you are currently running AbuseIO 3.x in production please read carefully.

If you currently are running a 3.x installation it’s possible to use the migration tools to migrate all your existing data to the new version. There are a few important items to be aware of:

  • Make sure that your are running the latest version (3.1) from the GIT checkout before upgrading as it will contain all the required fixes to do a successful migration.
  • If you have made any custom modifications to the AbuseIO code or created external code that used AbuseIO code or its database then you must recheck all these changes. Its highly likely that these modifications are not working anymore as the code and database scheme is entirely different.
  • Especially if you have used the ‘findcontact’ methods, you must update to the new version of it. To get the new methods you must add findcontact-custom to the composer.json. After that you can find the methods in the vendor/abuseio/findcontact-custom directory to reenable these methods with your customization. Again, please note that you will need to update the code for the new environment!

A full and detailed migration path is mentioned in the documentation, which can be found at: https://github.com/AbuseIO/AbuseIO/blob/master/docs/migration.md