Mautic SSL encryption

Is it really necessary to have ssl on my mautic web app? What will happen if I don’t?

2 Likes

You need it, if you don’t have SSL, whatever info you are collecting from your visitors is not encrypted, that is, it would remain in plain-text, and can easily be stolen. This is called a man-in-the-middle attack. Be careful, there is a guy in the middle :wink:

Worst-case scenario, you won’t use it cos you are not collecting sensitive information, event at that, Chrome or any major browser will flag your site as not secure.

You can easily use a free one, it’s a no brainer.

Edit: Some email providers are also likely to flag your email

2 Likes

Hey dev, thanks for the reply. Can you help me out set it up? I tried couple of times and I always have issues with DNS. I have couple of domains on namecheap and so far I’m not sure if I have to set up any record on namecheap(redirection record or something else). Can it be done only with the ssh console? I kinda don’t think I can only do this with console only since then I can choose someone elses domain and use it? :slight_smile:

Beside this one I have scheduled campaign issues(not sending emails) and when I fix these two I think I’m good to go. I need to prepare everything before New Year. Thanks

Hey Tarik,

The best way to install an SSL certificate is with Certbot. This is best done via ssh so if you have access you should open up a terminal and download Certbot.

sudo apt install certbot
If you using Nginx, add this: sudo apt install python3-certbot-nginx

Then obtain certificate using the following command:
sudo certbot --nginx --agree-tos --redirect --hsts --staple-ocsp --email you@example.com -d mautic.example.com

If you using apache:
sudo apt install python3-certbot-apache

and then:

sudo certbot --apache --agree-tos --redirect --hsts --staple-ocsp --email you@example.com -d mautic.example.com

Regarding your campaign issue, can you explain a bit more what the problem is. Have you setup cronjob correctly ?
What version of Mautic are you running

1 Like

excuse last question, I see you running mautic 3 :smiley:

Yh, correct or go here https://certbot.eff.org/instructions and choose your specifications.

1 Like

Hey mikew, its mautic 3.2.2.

I was able to get ssl following their instructions with certbot I think. No one mentioned creating A redirect record and pointing to static IP.

Cron jobs come with installation. I didn’t touch anything there. FYI I installed mautic by bitnami from google market place.

So, SSL is ok now. I have two problems to fix before New Year. Tracking issues and scheduling emails.

I will let you know later if it works since this is new server I configured couple of hours ago.

Best,

1 Like

Sending segment email is working. Tracking is not working for sure since it says 100% open as soon as I reload the page.

when you talk about tracking are you referring to email tracking ?
What ESP are you using ? And how are you testing the email tracking

@mikew I’m using gmail. I was referring to open tracking.

How am I testing? Well, I read and checked by opening original emails I got from mautic and along with the email it is sending image. So when someone opens email its tracking it since image is loaded idk, something like that.

Recently I sent segment email to 15 of my email addresses and few sec after that I reloded the email section and it was 66% open rate :slight_smile: I reloaded it again and it was 100% which is not possible.

Indeed, image was sent along with email:

<img height=3D"1" width=3D"1" src=3D"https://MY.REALDOMAIN.HERE.com/email/5fe90ece=
9624b007139954.gif" alt=3D"" />

@devsrealm Any advice :slight_smile: ?

Yh, correct. The tracking pixels.

Well, it works for me, just tested now. So, this is what I’ll say you should do, inspect the email with the inspect tool, and try loading the tracking pixel, in my case, I got a blank view:

tracking pixel

Same, I just tried it and I got black screen

You could maybe try updating to the latest version, and ret running a new test

its 3.2.2 already :slight_smile:

I will try asking on bitnami forum and will let you know.

Okay, let’s know how it goes

Hi there,

I’m wondering if this still applies to the following set up.

I have Mautic installed on a different server than the main domain. The main domain has SSL installed. I set up DNS to point xxx.domain.com to the Mautic IP. When I access xxx.domain.com, https seems to work.

So do I still have to install SSL on the server that has the Mautic instance?

Thank you.

Hello!
SSL works this way:
The webserver serving that specific instance must have access to the CERT file and serve the certificate together with the website. Like a cop showing his badge while he is talking to you.
You need to install the SSL on that subdomain.

Joey

1 Like

How does SSL work for the Mautic server though?

We run Mautic on a DO server. At the DNS we point an A record from a subdomain to that server IP address and that seems to work no problem. When we pull up the subdomain, the SSL seems to be working as expected and Mautic is running normally under that subdomain.

In our configuration settings inside Mautic we’re using the subdomain as the Site URL. I believe the SSL is provided by a wildcard certificate for our primary domain via our DNS provider, which in this case is Cloudflare.

However, we can also still pull up the same Mautic instance if we load the DO IP address directly, and that way loads Mautic without the SSL on a regular http address.

Is there such a thing as loading a separate SSL certificate for the Mautic server?

Or do I just need to somehow force redirect from the IP address to the subdomain we configured with SSL?