E-Mail/IP-Prüfungen erfordern Passwort

ct-337 · 12. Oktober 2025 um 03:09

When checking someone’s email, IP^[1], or other sensitive info, you should be required to enter your password so you don’t accidentally check anything.

Whenever a staff member performs an IP lookup on a user, record the action in the Logs and Screening section Feature

In our forum, we have a few staff members (obviously) that can watch the forum just in case anything bad happens. While I was messing around with the admin controls, I saw an “IP Check” feature. I used it on myself, and it gave me the exact location. I saw that this could be abused, so I went to the Logs and Screening section to see if Discourse itself reports if a staff member has checked someone’s IP. It doesn’t. Here’s a video: Why does Discourse not report it to the Logs? I believe…

↩︎

Thema		Antworten	Aufrufe
Password reset email should send IP info Feature	46	2969	18. Februar 2021
Whenever a staff member performs an IP lookup on a user, record the action in the Logs and Screening section Feature	3	75	21. September 2025
Forgot_password abuse Feature	23	2363	26. April 2022
Hide IPs behind a button like emails UX	4	398	16. Oktober 2022
Can't request password change from that IP address? Support	3	527	10. September 2020

E-Mail/IP-Prüfungen erfordern Passwort

Verwandte Themen