Announcement

Collapse
No announcement yet.

Find out the IP that sent a PM?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Find out the IP that sent a PM?

    On one of my sites, the admin team received a PM from a user asking to have their account deleted. How can I find the IP address that sent the PM? The user believes his account was hijacked.

    To make things more interesting -- it looks like the admin who deleted the account may have been the one to hijack it. According to the logs - this admin edited the users accounts minutes before the PM was sent. Is there anyway I can drill down further to see if the account password was specifically changed?

    Thanks
    Plan, Do, Check, Act!

  • #2
    Go into your admin cp and go to the users name in the member's list in the cp all their info is there.
    Discussion Forum + Web Developement / Builders + Web Developers earn work here

    Comment


    • #3
      That didn't really answer his question. There is no way to 'drill down' to find if the password was changed.

      I don't think IP addresses are saved for PMs, but i'm happy to be corrected.

      Comment


      • #4
        I checked the PM tables and there isn't a field for IP addresses which is kind of surprising since every other interaction through the forum gets logged that way.
        Plan, Do, Check, Act!

        Comment


        • #5
          What about checking the raw web server (ie. Apache) log files to see who accessed private.php around that time?
          _________________
          ΜΟΛΩΝ ΛΑΒΕ

          Comment

          widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
          Working...
          X