Vérifications d'e-mail/IP nécessitent un mot de passe

ct-337 · Octobre 12, 2025, 3:09

When checking someone’s email, IP^[1], or other sensitive info, you should be required to enter your password so you don’t accidentally check anything.

Whenever a staff member performs an IP lookup on a user, record the action in the Logs and Screening section Feature

In our forum, we have a few staff members (obviously) that can watch the forum just in case anything bad happens. While I was messing around with the admin controls, I saw an “IP Check” feature. I used it on myself, and it gave me the exact location. I saw that this could be abused, so I went to the Logs and Screening section to see if Discourse itself reports if a staff member has checked someone’s IP. It doesn’t. Here’s a video: Why does Discourse not report it to the Logs? I believe…

↩︎

Sujet		Réponses	Vues
Password reset email should send IP info Feature	46	2969	Février 18, 2021
Whenever a staff member performs an IP lookup on a user, record the action in the Logs and Screening section Feature	3	75	Septembre 21, 2025
Forgot_password abuse Feature	23	2363	Avril 26, 2022
Hide IPs behind a button like emails UX	4	398	Octobre 16, 2022
Can't request password change from that IP address? Support	3	527	Septembre 10, 2020

Vérifications d'e-mail/IP nécessitent un mot de passe

Sujets connexes