I have followed your instructions and looked at the anonymous contacts.
All the pages they clicked on do not exist, and what is worrying me is that our Mautic is currently not yet connected to any page, and it is not yet in production for our customers to reach. So apart from our testing emails, and certain people who have access to the page, there shouldn’t be anyone accessing our Mautic at all. Where would all these anonoymous contacts come from?
I am quite new to Mautic, and seeing all these contacts being added from random IP without knowing what they are doing in my Mautic is really concerning.
During the 19 days I didn’t use Mautic, there were over 1500 anonoymous contacts being added, and I don’t even know where they come from.
Is there anyway for me to improve the security of my Mautic?
This is exactly right. Scripts are used to scan directories on servers looking for common vulnerabilities, or access to files that can be edited to give escalated privileges. The script gets a 404 error if its web based or access denied if its otherwise. Keeping your server up to date and using something like Fail2ban is an easy way to secure. Here is a snap of my Fail2Ban log with 4500+ blocked IP address for exactly this issue.
I have read through the link you provided, it makes me feel better than at least I am not alone, and others have the exact same issue too.
However, I am still a bit puzzled, since I use this on an AWS instance (packaged on Bitami), and I am a bit confused about adding the code you have given to the file on the instance. So I thought about using what you have mentioned, Fail2ban.
Can you please give me some direction on how to install Fail2ban on the server?