The MU forums have moved to WordPress.org

Logs/User Activity (8 posts)

  1. nbut
    Member
    Posted 16 years ago #

    Hello all. I just wanted to know if Wordpress Mu has logs of any kind or any sort of function that allows me to see user login activity.

    I'm asking because I found a blog post where a user posted an entry but the poster never physically posted it. Someone else logged into the person's account to post it. Is there any way to check what IP/date/time accessed the user account?

    Thanks.

  2. andrea_r
    Moderator
    Posted 16 years ago #

    you could check the access logs on your server, if you have them. nothing like that is built in to MU though. You have to cross-reference posting time with those access logs to find the IP.

  3. nbut
    Member
    Posted 16 years ago #

    Darn. I thought that there might have been something built into Wordpress Mu.

    Server logs it is.

    Thanks for your reply.

  4. andrea_r
    Moderator
    Posted 16 years ago #

    Well, the only ones I know of are plugins (and not all MU ones) and they don't help much after the fact, either.

    Are you absolutely *sure* someone else got into their blog and posted?

    The only reason I ask is because I recently had a user convinced her blog was hacked and posting duplicate entires, when in reality all that was happening was trackbacks from sploggers/content lifters.

    Or could someone have used the remote posting ability?

  5. lunabyte
    Member
    Posted 16 years ago #

    Yeah, XMLRPC is always a possibility. Especially if you're on an older version.

  6. nbut
    Member
    Posted 16 years ago #

    Yes, I'm pretty sure it's not a case with trackbacks. The blogs are on an intranet and the post that the poster didn't write wasn't spam or anything like that. It was an actual post, albeit with misspellings and such (which I found peculiar because the blog author does not write like that).

    Not sure about the remote posting ability though. What exactly is that?

  7. andrea_r
    Moderator
    Posted 16 years ago #

    remote posting ability = xmplrpc.

    And this happened on an intranet? Did the user have an easily guessable password? Went away from their workstation with it up in a window?

  8. Cruz
    Member
    Posted 15 years ago #

    Hi,

    Before I renamed the wp-signup.php page, I was getting a lot of spam accounts that appear to be auto posting. Is it possible for spammers to "auto post" via the following pages?

    /wp-admin/post-new.php
    /wp-admin/categories.php

    I'm raising this because those files are getting a lot of hits despite the fact that site is currently under reconstruction with all users removed.

    Thank you.

About this Topic