I'm curious to know what sort of information I should be collecting about website visitors. I want to make sure that if things go tats up (i.e my site gets hacked) that I have logged enough useful information about that attacker/would be attacker for somthing to be done about it.
I have the most obvious things logged like IP, Browser and OS all of which i know can be disguised as something else particularly the IP addy, but what other information should i try to find out about visitors? Is there anything I can do to ensure that the IPs I log are the real IPs of the user and not some proxy. Would logging the page they came from be of any help if something went wrong? I'm talking about implementing this user logging with PHP. I know theres a lot of information I could log about a user through PHP but I'm not sure how much of it is actually useful.