Results 1 to 3 of 3

Thread: Effective and usefull things to log about website visitors

  1. #1
    Flak Monkey! Dorza's Avatar
    Join Date
    Jul 2003
    Location
    UK - South Wales
    Posts
    1,762
    Thanks
    34
    Thanked
    17 times in 15 posts
    • Dorza's system
      • Motherboard:
      • Asus P5B Deluxe - WiFi
      • CPU:
      • Q6600 @ 3.06Ghz
      • Memory:
      • 2GB Crucial
      • Storage:
      • 500GB Samsung SpinPoint
      • Graphics card(s):
      • Geforce 9600GT
      • PSU:
      • Cosair HX520W
      • Case:
      • LianLi something something or other
      • Monitor(s):
      • Eizo FlexScan S1910 (1280*1024)
      • Internet:
      • 2mb Virgin (when they want to give me that: else 1mb)

    Effective and usefull things to log about website visitors

    I'm curious to know what sort of information I should be collecting about website visitors. I want to make sure that if things go tats up (i.e my site gets hacked) that I have logged enough useful information about that attacker/would be attacker for somthing to be done about it.

    I have the most obvious things logged like IP, Browser and OS all of which i know can be disguised as something else particularly the IP addy, but what other information should i try to find out about visitors? Is there anything I can do to ensure that the IPs I log are the real IPs of the user and not some proxy. Would logging the page they came from be of any help if something went wrong? I'm talking about implementing this user logging with PHP. I know theres a lot of information I could log about a user through PHP but I'm not sure how much of it is actually useful.
    Last edited by Dorza; 10-08-2006 at 01:17 AM.

  2. #2
    Vive le pants! directhex's Avatar
    Join Date
    Jul 2003
    Location
    /dev/urandom
    Posts
    17,074
    Thanks
    228
    Thanked
    1,027 times in 678 posts
    • directhex's system
      • Motherboard:
      • MSI X99A Gaming 7
      • CPU:
      • Intel Core i7 5280k
      • Memory:
      • 32GiB ADATA DDR4
      • Storage:
      • Corsair Neutron XT 960GB
      • Graphics card(s):
      • MSI GTX 980 Gaming 4G Twin Frozr 5
      • PSU:
      • Corsair AX860i
      • Case:
      • NZXT H440
      • Operating System:
      • Ubuntu 17.10, Windows 10
      • Monitor(s):
      • Dell U2713HM
      • Internet:
      • FIOS
    you could log the actual page requests - which would show you what exact URL was used for any URL-based SQL injection type attacks

  3. #3
    Flak Monkey! Dorza's Avatar
    Join Date
    Jul 2003
    Location
    UK - South Wales
    Posts
    1,762
    Thanks
    34
    Thanked
    17 times in 15 posts
    • Dorza's system
      • Motherboard:
      • Asus P5B Deluxe - WiFi
      • CPU:
      • Q6600 @ 3.06Ghz
      • Memory:
      • 2GB Crucial
      • Storage:
      • 500GB Samsung SpinPoint
      • Graphics card(s):
      • Geforce 9600GT
      • PSU:
      • Cosair HX520W
      • Case:
      • LianLi something something or other
      • Monitor(s):
      • Eizo FlexScan S1910 (1280*1024)
      • Internet:
      • 2mb Virgin (when they want to give me that: else 1mb)
    Is that the same as logging what page they came from before they made an impression on one of my pages?

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •