I am looking for a module that can help log the IP address of members. I am wanting to create a paid members section. One of my concerns is users sharing their login information. I would like to be able to log the IP address of members when they login. Does such a module exist?

If you had such a capability, how would you go about differentiating different valid users from the same IP (shared interent access from behind a corporate router, for example)?

I would not be able to do so. That is one issue with trying to track abuse via such methods. However, I still feel it would be a very good module as it could be used to help protect/monitor abusive users.

php automatically creates some server vars. you can write them in a log using a php script. including the file then in the mainfile would do it i guess.....

(its $_SERVER['something i forgot'] i believe.)

$_SERVER(REMOTE_ADDR) contains the IP of the accessing computer.

What kind of abuse are you really trying to prevent? As a user, I may not always log in from the same location, or if I have a dial-up account, I may not always be assigned the same IP.

->Protector module logs IP of attempts hacks and abuses.
->CBB can log IP of posters.
->Xoops online module shows IP of currently logged in users
->Uservisit module tracks pages visited by members and time/lenght of visit
->X-monitor is an expanded Uservisit module, tracking actions by users

Good luck.

Quote:

My goal is to monitor logs for password-sharing actions. For example, if I see Jane Dough logged in and I look over the records and see that there's 20 people trying to login at the same time with Jane's information, especially while Jane is already logged in. That is a pretty significant sign that either her account was comprimised or login information being shared.

In regards to dial-up, yes, I do understand about dynamic IP addresses. I know the IP address won't always be the same. If I see multiple IP addresses, then I see the owner of the IP block. If I see it belongs to the user's local ISP, then it's probably a dialup. In addition, most ISPs, as I have noticed, now have the term "dial", "dialup", or similar in the rDNS of the IP address for dialup users.

Granted, I am sure I have not mentioned some of the "tricks" to look for, however, it would take a bit of time to type up and list all the techniques for detecting suspicious activity.