Active session info

Good morning, I was checking the active sessions and I found IP addresses coming from other countries, what I wanted to understand is if these are hacker attacks and if these active sessions can access the contents that I upload to the CMS and if in some way they manage to insert content. Is there a way to ban these IP addresses? How can I protect the CMS? Thank you.

If you see sessions from Sentinel and the like, that’s normal. There are many website scanners that probe the internet looking for threats, also website crawlers like Google.

The sessions page on xibo is a little confusing at first as it’s referring to web sessions more just than currently logged in active users.

Nginx will give you the same sort of results if you tail the log file.

Also just from console on your webserver try :
netstat -an | grep :443 | grep -v

I think you need to manage it using your firewall system, or a reverse proxy.