search

wisp-gg / frontend

The frontend for WISP Game Panel
https://wisp.gg
MIT License
42 stars 15 forks source link

Introduce IP logging for panel admins #312

Open 0xCiBeR opened 2 years ago

0xCiBeR commented 2 years ago

Describe the feature and why you would like to see it.

It's important for panel admins(owners) to have at hand info about the users of their platform. This is specially important when trying to investigate some issues with your client and sending out pertinent abuse complaints to ISP providers. Not having this data will reduce the info we have on our users for no good reason, having the ip of a user doesn'r really pose a threat nowdays since IPs are mostly dynamic and with a simple router restart will change a users IP.

It is on the other hande important to have when investigating subusers activity on clients servers, as these people use social engineering techniques to gain access to servers, mostly as subusers and do malicious activities on servers we host.

There is a reason most tools nowadays, to name a few: WHMCS, GMAIL, etc sends you alerts with detailed info incluiding IP adresses when suspicious activities are detected.

Of course you have ways of circunveting said checks(not every system or security messure is bullet proof) but not having it just reduces are anti abuse utilities overall where there is no real reason to do so.

I do understand that showing IP adresses to clients might push to malicious activities, or not? But i can understand they are not equipped with enough knowledge to handle sensitive information, but we as service providers should and are ultimatly the keepers of such info, through billing and other systems. Keeping this info from your customers just seems odd, since no one else does this.

Describe the solution you'd like.

Show IPs on audit logs for panel admins, and maybe? exclude them from clients? Also showing last used ip when visiting a user info on the panel is standard and also not shown and would be a nice to have, like any normal user system which stores basic info on users. Its not like we are asking to show users passwords, just their IPs.

Optional additional context to this request.

No response

0xCiBeR commented 2 years ago

Bump, we are still facing the repercussions of not having proper IP logs implemented. For example a client creates a ticket claming the think someone else is using their server, there is no clear way to see a ip historic or something to understand what is going on neither in the panel nor SFTP logs.