Verificações de e-mail/IP exigem senha

ct-337 · Outubro 12, 2025, 3:09am

When checking someone’s email, IP^[1], or other sensitive info, you should be required to enter your password so you don’t accidentally check anything.

Whenever a staff member performs an IP lookup on a user, record the action in the Logs and Screening section Feature

In our forum, we have a few staff members (obviously) that can watch the forum just in case anything bad happens. While I was messing around with the admin controls, I saw an “IP Check” feature. I used it on myself, and it gave me the exact location. I saw that this could be abused, so I went to the Logs and Screening section to see if Discourse itself reports if a staff member has checked someone’s IP. It doesn’t. Here’s a video: Why does Discourse not report it to the Logs? I believe…

↩︎

Tópico		Respostas	Visualizações
Password reset email should send IP info Feature	46	2969	18 de Fevereiro de 2021
Whenever a staff member performs an IP lookup on a user, record the action in the Logs and Screening section Feature	3	75	21 de Setembro de 2025
Forgot_password abuse Feature	23	2363	26 de Abril de 2022
Hide IPs behind a button like emails UX	4	398	16 de Outubro de 2022
Can't request password change from that IP address? Support	3	527	10 de Setembro de 2020

Verificações de e-mail/IP exigem senha

Tópicos relacionados