No announcement yet.

Find out the IP that sent a PM?

  • Filter
  • Time
  • Show
Clear All
new posts

  • Find out the IP that sent a PM?

    On one of my sites, the admin team received a PM from a user asking to have their account deleted. How can I find the IP address that sent the PM? The user believes his account was hijacked.

    To make things more interesting -- it looks like the admin who deleted the account may have been the one to hijack it. According to the logs - this admin edited the users accounts minutes before the PM was sent. Is there anyway I can drill down further to see if the account password was specifically changed?

    Plan, Do, Check, Act!

  • #2
    Go into your admin cp and go to the users name in the member's list in the cp all their info is there.
    Discussion Forum + Web Developement / Builders + Web Developers earn work here


    • #3
      That didn't really answer his question. There is no way to 'drill down' to find if the password was changed.

      I don't think IP addresses are saved for PMs, but i'm happy to be corrected.


      • #4
        I checked the PM tables and there isn't a field for IP addresses which is kind of surprising since every other interaction through the forum gets logged that way.
        Plan, Do, Check, Act!


        • #5
          What about checking the raw web server (ie. Apache) log files to see who accessed private.php around that time?
          ΜΟΛΩΝ ΛΑΒΕ


          widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.