I have a vulnerability in my site. Initiator other and full IP address

  • I have a vulnerability on my site that I can’t detect where it came from.

    Someone creates a subscriber user and suddenly has administrator access to my site (from an existing administrator user)

    I am trying to find out where the subscriber user is created with Simply History but the “initiator” is always “other” which doesn’t help me much. I am also asking if there is a way to know the full IP address, because it always shows me the ip’s this way: 111.111.1.X

    Thanks

Viewing 1 replies (of 1 total)
  • Plugin Author eskapism

    (@eskapism)

    Sorry to hear about your problem. I would check that all my plugins etc. are up to date. Also if you have access to your nginx and php-logs they mey give some more info.

    By default the stored ip address is anonymized. You can store the full ip address if you place this snippet in for example your functions.php file:

    <?php
// Disable IP anonymization to allow full
// IP address to be added to events.
// e.g. "17.253.144.10" will be stored
// instead of "17.253.144.x".
add_filter( 'simple_history/privacy/anonymize_ip_address', '__return_false' );
Viewing 1 replies (of 1 total)
  • The topic ‘I have a vulnerability in my site. Initiator other and full IP address’ is closed to new replies.