邮件/IP 检查需要密码

ct-337 · 2025 年10 月 12 日 03:09

When checking someone’s email, IP^[1], or other sensitive info, you should be required to enter your password so you don’t accidentally check anything.

Whenever a staff member performs an IP lookup on a user, record the action in the Logs and Screening section Feature

In our forum, we have a few staff members (obviously) that can watch the forum just in case anything bad happens. While I was messing around with the admin controls, I saw an “IP Check” feature. I used it on myself, and it gave me the exact location. I saw that this could be abused, so I went to the Logs and Screening section to see if Discourse itself reports if a staff member has checked someone’s IP. It doesn’t. Here’s a video: Why does Discourse not report it to the Logs? I believe…

↩︎

话题		回复	浏览量
Password reset email should send IP info Feature	46	2969	2021 年2 月 18 日
Whenever a staff member performs an IP lookup on a user, record the action in the Logs and Screening section Feature	3	75	2025 年9 月 21 日
Forgot_password abuse Feature	23	2363	2022 年4 月 26 日
Hide IPs behind a button like emails UX	4	398	2022 年10 月 16 日
Can't request password change from that IP address? Support	3	527	2020 年9 月 10 日

邮件/IP 检查需要密码

相关话题