Add IP info lookup for Admins

I propose adding a “lookup” button next to most IP addresses in user fields that are visible to admins:

Clicking the lookup button would pop up a dynamically queried box that shows a spinner, which will populate with additional lookup info about that IP as the data arrives, e.g.

We can start simple with just the top 3 here:

  1. Geolocation info for this IP, with Google Maps link
  2. reverse DNS lookup info for this IP
  3. lookup other accounts sharing this IP
  4. query server logs for this IP
  5. query flags filed against this IP

etc, whatever else it makes sense to query or show for an IP

This way if you have a sketchy user, you can verify where they’re coming from.

8 Likes

Unless we do the lookup at the time of creation, the geolocation could’ve changed no? Is there a way to do a lookup of an IP for the past?

1 Like

It says “Last IP address”. That’s where we last saw them. So what’s the issue, again?

1 Like

Yes, sure the last IP. But if you’d query for the GEO-Data of the IP, lets say a day later, when the user clicks on it, most services will give you the geoposition of it right now (not where it has been when we registered it). I was just wondering whether we want to take that into account, query at the time of registration for the data or whether there are services that keep a record we can look up at.

This seems like extreme hair-splitting, considering what we have now is nothing.

3 Likes

Oh, don’t misunderstand my request as critique please. I am totally up for it. That was merely an implementation detail question out of curiosity.

IP locations don’t change that frequently, and even less frequently at the country level, so looking up the current geolocation details is probably going to be OK.

To get this up and running quickly you could use the http://ipinfo.io API, which gives you a bunch of different details:

$ curl ipinfo.io/67.188.232.130
{
  "ip": "67.188.232.130",
  "hostname": "c-67-188-232-130.hsd1.ca.comcast.net",
  "city": "Mountain View",
  "region": "California",
  "country": "US",
  "loc": "37.4192,-122.0574",
  "org": "AS7922 Comcast Cable Communications, Inc.",
  "postal": "94043"
}
5 Likes

Oh wow, it includes the AS number? That could be useful for detecting cheap proxies.

Here’s what it returns for my droplet in the SF cluster:

curl ipinfo.io/107.170.242.76
{
  "ip": "107.170.242.76",
  "hostname": "hello.from.riking.org",
  "city": "New York",
  "region": "New York",
  "country": "US",
  "loc": "40.7267,-73.9981",
  "org": "AS14061 Digital Ocean, Inc.",
  "postal": "10012"
}

Yeah, “Digital Ocean” is way more useful than “New York” there.

And my current location on campus WiFi:

{
  "ip": "129.65.150.6",
  "hostname": "pcp069467pcs.wireless.calpoly.edu",
  "city": "San Luis Obispo",
  "region": "California",
  "country": "US",
  "loc": "35.3471,-120.4553",
  "org": "AS2152 California State University Network",
  "postal": "93407"
}

Again, AS number is really useful!

3 Likes

Well, if you want to work on this @riking be my guest :wink:

1 Like

Is anyone on this? @riking, @coderholic, @codinghorror? Otherwise I’d volunteer to work on it (this week).

3 Likes

Nobody is working on this, feel free to give it a shot. Also any bugs, bugs are our top priority at the moment. (hence I am slowing down on PR review work)

@sam, I see, thanks for the heads-up. Running through that category now and let me know if there is anything I can help with.

I would personally very much like to see this added!

As promised:

https://github.com/discourse/discourse/pull/2446

4 Likes

@lightyear this looks great. Copy added. :thumbsup: The accounts with same IP is a huge, huge help.

Thank you. Big step forward.

1 Like

always a pleasure. Do I get pinned global banner topics now :smiley: ?

ask @zogstrip he is working on it.

The bulk of this, and the important parts, are definitely all there now. The only bits left are:

  1. query flags filed against this IP
  2. query server logs for this IP

I’ll leave this open in case anyone wants to take those.

1 Like

Yes, sir!

2 Likes

1 Like

@lightyear I noticed this does not work at all for IPV6, e.g. this:

Any comment @supermathie?