Your software
My Mautic version is: 2.16.0
My PHP version is: 7.1.32-1+0~20190902.23+debian9~1.gbp9d1be7
Your problem
My problem is: I posted this before and it seems to have disappeared. When I use a custom domain for mautic, let’s say m.demo.com when you go there you get the login portal for Mautic.
Issue is I want custom domains for my links but what to stop people accessing the login portal by cutting the link down.
For example client clicks link and goes to m.demo.com/84€3929 all hunky dory. But a client curting it off goes to m.demo.com/ then sees my mautic portal, not my site.
I really need a solution on this. Cant have the login portal open to all an sundry!
These errors are showing in the log: None
Steps I have tried to fix the problem: Not sure how to do this. Hence the question.
If you change the mautic’s root url, how does one then access the mautic login page?
After being brute force hacked I would like to have my login page not be easily found by simply inspecting the website its linked to and seeing the tracking pixel with url plain to see.
May have answered my own question. Simple add “/s” to your original mautic login page url to access the login page. Not that secure but more secure than not changing the base url
Is it possible to offload the front end to something like Cloudflare? We do this and limit the source addresses to Cloudflare’s range. Essentially that means Cloudflare can handle any brute force stuff and our own server IP’s are hidden as DNS will show cloudflare.
