chlins
commented
1 year ago Currently, the client IP is not stored in the database, but maybe it can be grabbed from the nginx or core logs.
Open NitroCao opened 1 year ago
chlins
commented
1 year ago Currently, the client IP is not stored in the database, but maybe it can be grabbed from the nginx or core logs.
NitroCao
commented
1 year ago Currently, the client IP is not stored in the database, but maybe it can be grabbed from the nginx or core logs.
Yeah Nginx logs contain client IPs but it's difficult to associate them with corresponding accounts. I just found related issues:
lengrongfu
commented
1 year ago @chlins I think this is valuable, do you agree to do it? If yes, I can contribute.
dioguerra
commented
1 year ago Any news on this...
This is important to track security related issues...
I can try and fix this, if you think it's a good first issue.
reasonerjt
commented
1 month ago I agree having IP information is helpful, but it's secure only when it's accurate. I'm no expert in networking, but if the client is using VPN or from a different network, getting the source IP may be complicated.
Storing inaccurate information will only have negative effect to security.
NitroCao
commented
1 month ago I agree having IP information is helpful, but it's secure only when it's accurate. I'm no expert in networking, but if the client is using VPN or from a different network, getting the source IP may be complicated.
@reasonerjt It's unnecessary for developers to consider such complicated situations, it's for security team's.
kofj
commented
2 weeks ago In our case of cloud's customer, they required record client ip to the audit logs. But it is difficult to obtain the client IP accurately if the user uses a proxy, or the server is deployed in some special network area, such as behind CloudFlare.
Currently audit logs don't contain client IP, which isn't enough for security audit. Can we add it for audit log?