Security and privacy

Am not this forums moderator ...

Please read the info on this forum:

https://moodle.org/mod/forum/view.php?id=7301

suggest that nmap discussion is not within the scope of these forums. Also suggested you run the Security Check on each of your instances.
Site Admin -> Reports -> Security checks
Questions about what you see there are within the scope of these forums.

Now about an nmap scan of ports ...
Suggest you install logwatch.

Logwatch sends a daily email report of the day before's activity.   Would be a handy tool to determine if .... note that's IF ... you need to take things to the next level.

Also a repeat:
https://nmap.org/book/defenses.html

But before you do anything that link suggest, see below!!!

BTW, most of what was shared with you in a private email about your server/instances was not discovered by nmap, but just a browser, using no AI tools, and just navigating the browser to known directories in moodle code (something anyone could do).

If you do continue on the topic strongly suggest you work with your hosting provider.  Reason: what you are asking would require server settings at the network layer (moodle is application layer) and if you get something wrong at that layer, you could, un-knowingly, block yourself from your own server ... not just one of the 3 instances of moodles you have on that server ... the entire server!

'SoS', Ken