1
simplesally
IP logging module

I am looking for a module that can help log the IP address of members. I am wanting to create a paid members section. One of my concerns is users sharing their login information. I would like to be able to log the IP address of members when they login. Does such a module exist?

2
skenow
Re: IP logging module
  • 2006/1/12 2:37

  • skenow

  • Home away from home

  • Posts: 993

  • Since: 2004/11/17


If you had such a capability, how would you go about differentiating different valid users from the same IP (shared interent access from behind a corporate router, for example)?

3
simplesally
Re: IP logging module

I would not be able to do so. That is one issue with trying to track abuse via such methods. However, I still feel it would be a very good module as it could be used to help protect/monitor abusive users.

4
Xeon_DP
Re: IP logging module
  • 2006/1/13 20:37

  • Xeon_DP

  • Just popping in

  • Posts: 25

  • Since: 2005/12/11


php automatically creates some server vars. you can write them in a log using a php script. including the file then in the mainfile would do it i guess.....

(its $_SERVER['something i forgot'] i believe.)

5
skenow
Re: IP logging module
  • 2006/1/13 21:06

  • skenow

  • Home away from home

  • Posts: 993

  • Since: 2004/11/17


$_SERVER(REMOTE_ADDR) contains the IP of the accessing computer.

What kind of abuse are you really trying to prevent? As a user, I may not always log in from the same location, or if I have a dial-up account, I may not always be assigned the same IP.

->Protector module logs IP of attempts hacks and abuses.
->CBB can log IP of posters.
->Xoops online module shows IP of currently logged in users
->Uservisit module tracks pages visited by members and time/lenght of visit
->X-monitor is an expanded Uservisit module, tracking actions by users

Good luck.

6
simplesally
Re: IP logging module

Quote:
What kind of abuse are you really trying to prevent? As a user, I may not always log in from the same location, or if I have a dial-up account, I may not always be assigned the same IP.


My goal is to monitor logs for password-sharing actions. For example, if I see Jane Dough logged in and I look over the records and see that there's 20 people trying to login at the same time with Jane's information, especially while Jane is already logged in. That is a pretty significant sign that either her account was comprimised or login information being shared.

In regards to dial-up, yes, I do understand about dynamic IP addresses. I know the IP address won't always be the same. If I see multiple IP addresses, then I see the owner of the IP block. If I see it belongs to the user's local ISP, then it's probably a dialup. In addition, most ISPs, as I have noticed, now have the term "dial", "dialup", or similar in the rDNS of the IP address for dialup users.

Granted, I am sure I have not mentioned some of the "tricks" to look for, however, it would take a bit of time to type up and list all the techniques for detecting suspicious activity.

Login

Who's Online

316 user(s) are online (266 user(s) are browsing Support Forums)


Members: 0


Guests: 316


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits