איך מנהלי מערכת אחרים מתמודדים עם חשבונות שנפרצו?

mbauman · 14 בספטמבר,‏ 2025,‏ 3:02am

We recently had three TL1 user accounts that were obviously hacked/compromised/taken-over — likely through a compromised password. The attacker changed (and deleted!) the old email addresses, and then posted spam.

What can an admin do in this situation? Is there a way I can recover the old email so I can notify the user? Does discourse send emails to an address that’s being destroyed, notifying the user of the occurrence?

We ended up just suspending their accounts. But I’m curious if there are any admin tools I’m missing or how others have tackled this problem.

Moin · 14 בספטמבר,‏ 2025,‏ 6:14am

I just tried it out: the old email address was notified.

This is an automated message to let you know that your email address for
%{site_name} has been changed. If this was done in error, please contact
a site administrator.

Your email address has been changed to:

%{new_email}

You can check the email logs at /admin/email-logs. If you filter by username, you should see both the confirmation email sent to the new address and the notification sent to the old address.

נושא		תגובות	צפיות
Does changing admin e-mail address work with the new address? Support	2	528	25 במרץ,‏ 2020
Handling old accounts that have changed emails? Feature	5	893	13 במרץ,‏ 2020
What to do if your Discourse is compromised Self-Hosting reference	0	10249	24 בפברואר,‏ 2016
How to change email if access to old email is no longer available? Support	19	6335	5 בספטמבר,‏ 2022
So I can't login anymore :( and won't receive email logins or forgotten password emails Support	10	1853	1 באוקטובר,‏ 2019

איך מנהלי מערכת אחרים מתמודדים עם חשבונות שנפרצו?

נושאים קשורים