Jump to content
EyeDentify

Simple IP and HOST loging with $log->save()

Recommended Posts

Hello Fellow PW fans.

Tought i share a simple but usefull way of utilizing the $log system in PW to do simple loging on what IP visit the site and also the HOST.

Its not fancy, and its very basic, see it as a boiler plate. You can get all kinds of fancy with it.

Remember that the $log system automaticly records the URL from where it was called so we don´t need to supply that to our Entry.

I just wanted a simple entry with IP and HOST, the date is also recorded with the entry automaticly.

The beauty is that i can watch the logs from the ADMIN page almost in realtime.


I am using the "markup regions" output method so i put the code in my _main.php file.
You could just put it wherever like to be included with every page load in your site.

I hardcoded my logfile to be named ip_log_site but you can use what you feel is better.

Also made sure the loging do not happen if your logged in as admin (Super user).

See this PW Doc for more info:
https://processwire.com/api/ref/wire-log/save/
 

<?PHP
function logIP($session, $log) {
            
    /* get IP info */
    $ip_adress = $session->getIP();
    $host_address = gethostbyaddr($ip_adress);
        
    /*
    	log IP adress info
        NOTE: 'ip_log_site' is a hardcoded name 
        of the logfile, change for your preference.
    */
    $log->save("ip_log_site", "IP: {$ip_adress}, Host: {$host_address}");
        
}
/* if Super User (Admin) do not log */
if(!$user->isSuperuser()) {
    logIP($session, $log);
}
?>

Hope anyone have use for it.

 

/EyeDentify

  • Like 2

Share this post


Link to post
Share on other sites

Thanks for sharing this, EyeDentify – nice and simple 🙂

Just a little note before folks go implementing IP logging: IP addresses are considered personal data, and as such you should keep GDPR (and similar legislations) in mind. Here's SE question that covers the details related to logging IP addresses: https://law.stackexchange.com/questions/28603/how-to-satisfy-gdprs-consent-requirement-for-ip-logging. (The general consensus seems to be that you don't need to ask for permission before logging IP addresses, but there are other requirements you do need to keep in mind.)

  • Like 5

Share this post


Link to post
Share on other sites
12 hours ago, teppo said:

Thanks for sharing this, EyeDentify – nice and simple 🙂

Just a little note before folks go implementing IP logging: IP addresses are considered personal data, and as such you should keep GDPR (and similar legislations) in mind. Here's SE question that covers the details related to logging IP addresses: https://law.stackexchange.com/questions/28603/how-to-satisfy-gdprs-consent-requirement-for-ip-logging. (The general consensus seems to be that you don't need to ask for permission before logging IP addresses, but there are other requirements you do need to keep in mind.)

Your Welcome.

It´s kind of my thing to try to keep things simple and understandable.
Not just for myself but also so other could have use for my code.

I will think about the GDPR issue.

Have a nice day.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By opalepatrick
      Hi there, just looking for ideas for an IP restricted login page for employees on site? Where to start? Is the IP restricted idea best? Just basically want to make sure employees are in the building when they sign in. Thanks for any help.
    • By prestoav
      Posting in the hope this helps someone out of a hole!
      Having built 20+ sites on PW in the last couple of years (and loving it...) I came across a really odd situation recently.  The client's IT company and I 've been battling for a couple of weeks and today, finally, we have an answer!
      The site is built and temporarily housed on a shared hosting account we have for development. All tested well here so Access was granted to the client to start adding content. 
      The next day I get a call from the client to say the admin side of the site is logging them out every 30-40 seconds and they have to log back in again each time to continue. I tested again from our office with their login but all worked as expected. Other browsers, PCs etc. were all tried by the client but the problem persisted.  So, I get in my car and drive to the client's site. Sure enough, I see the issue on one of their iMacs. So I open up my MBP, connect to their network, log in as them and the problem is there. So, next, I came off of their network and onto my tethered iPhone on 4G. Bingo! The problem goes away.
      So it's their network that's the issue.
      Their IT company were called and, with us helping them wherever possible, they worked on it for 2 weeks to find the problem. I captured the port numbers in use by PW admin (60992, 60993, 61000, 61001, 61002, 61003 by the way) and the IT company opened those ports on the router but still, the problem remained :-(
      And then the breakthrough...
      They have two VDSL lines into the building that feed their router through a load balancer. It seems that their setup meant that responses to outbound traffic did not necessarily come back in via the same line. Processwire admin does not like this!
      So, the IT company put in a rule to direct all traffic from the IP of the shared hosting through the same route in and out of the building and BOOM! it all works as expected. Phew!
      All's well that end's well but it certainly put us through the wringer tracking it down. Actually, I think it's pretty cool that PW does this. A good extra security measure. Several other CMSs (no names...) worked just fine with this scenario but not PW.
      Anyway, happy client, happy me. Hopefully, this story helps someone else here too.
       
    • By snobjorn
      (I am unsure of where to put this question, it might be both module and template related.)
      I was looking at the module PageRenderIPRestriction and started wondering. Would it be possible to do something similar, but give a guest a user role based on IP (v6 preferrably)? Not for security measures, but for presentation.
      I'm working on a mixed webpage with both intranet features and normal web page stuff. There's some parts of my templates I was thinking of restricting to a specific (or multiple) user role(s), namely employees.
      Example:
      If visitor's IP range is A-B, then he's an employee and should be able to view some extra buttons in a news article.
      If visitor's IP range is else, no buttons are visibile.
    • By bearclaw
      Hello guys I'm new here!
      I've been working on this website that I've made with Foundation. I wanted to put a CMS in it so now i'm here!
      On my localhost the website works perfect. I've adjusted the Processwire CMS to my wishes and with /login I and other users would be able to change the texts on the website. So I thought I was ready to put it live. I exported the MySQL files. Created a new db. Imported everything. And via an FTP client uploaded all the files. The homepage works fine. But now whenever I want to login using /login which I changed /processwire to I get a 404 error:
      Not FoundThe requested URL /login was not found on this server.
      Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
       
      What am I doing wrong here?
      I've checked a lot of messages on this forum about the .htaccess file but I haven't got it to work yet and need help from more experienced PW users:)
       
      This is my website: http://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
          # -----------------------------------------------------------------------------------------------   # Access Restrictions: Protect ProcessWire system files   # -----------------------------------------------------------------------------------------------     # Block access to any htaccess files   RewriteCond %{REQUEST_URI} (^|/)\.htaccess$ [NC,OR]   # Block access to protected assets directories   RewriteCond %{REQUEST_URI} (^|/)(site|site-[^/]+)/assets/(cache|logs|backups|sessions|config|install|tmp)($|/.*$) [OR]   # Block acceess to the /site/install/ directory   RewriteCond %{REQUEST_URI} (^|/)(site|site-[^/]+)/install($|/.*$) [OR]   # Block dirs in /site/assets/ dirs that start with a hyphen   RewriteCond %{REQUEST_URI} (^|/)(site|site-[^/]+)/assets.*/-.+/.* [OR]   # Block access to /wire/config.php, /site/config.php, /site/config-dev.php, and /wire/index.config.php   RewriteCond %{REQUEST_URI} (^|/)(wire|site|site-[^/]+)/(config|index\.config|config-dev)\.php$ [OR]   # Block access to any PHP-based files in /templates-admin/   RewriteCond %{REQUEST_URI} (^|/)(wire|site|site-[^/]+)/templates-admin($|/|/.*\.(php|html?|tpl|inc))$ [OR]   # Block access to any PHP or markup files in /site/templates/   RewriteCond %{REQUEST_URI} (^|/)(site|site-[^/]+)/templates($|/|/.*\.(php|html?|tpl|inc))$ [OR]   # Block access to any PHP files in /site/assets/   RewriteCond %{REQUEST_URI} (^|/)(site|site-[^/]+)/assets($|/|/.*\.php)$ [OR]   # Block access to any PHP files in core or core module directories   RewriteCond %{REQUEST_URI} (^|/)wire/(core|modules)/.*\.(php|inc|tpl|module)$ [OR]   # Block access to any PHP files in /site/modules/   RewriteCond %{REQUEST_URI} (^|/)(site|site-[^/]+)/modules/.*\.(php|inc|tpl|module)$ [OR]   # Block access to any software identifying txt files   RewriteCond %{REQUEST_URI} (^|/)(COPYRIGHT|INSTALL|README|htaccess)\.(txt|md)$ [OR]   # Block all http access to the default/uninstalled site-default directory   RewriteCond %{REQUEST_URI} (^|/)site-default/   # If any conditions above match, isssue a 403 forbidden   RewriteRule ^.*$ - [F,L]     # -----------------------------------------------------------------------------------------------    # Ensure that the URL follows the name-format specification required by ProcessWire   # -----------------------------------------------------------------------------------------------      RewriteCond %{REQUEST_URI} "^/~?[-_.a-zA-Z0-9/]*$"     # -----------------------------------------------------------------------------------------------   # If the request is for a file or directory that physically exists on the server,   # then don't give control to ProcessWire, and instead load the file   # -----------------------------------------------------------------------------------------------      RewriteCond %{REQUEST_FILENAME} !-f   RewriteCond %{REQUEST_FILENAME} !-d   RewriteCond %{REQUEST_FILENAME} !(favicon\.ico|robots\.txt)     # -----------------------------------------------------------------------------------------------   # OPTIONAL: Prevent ProcessWire from attempting to serve images or anything in /site/assets/.    # Both of these lines are optional, but can help to reduce server load. However, they   # are not compatible with the $config->pagefileSecure option (if enabled) and they    # may produce an Apache 404 rather than your regular 404. You may uncomment the two lines   # below if you don't need to use the $config->pagefileSecure option.   # -----------------------------------------------------------------------------------------------      # RewriteCond %{REQUEST_FILENAME} !\.(jpg|jpeg|gif|png|ico)$ [NC]   # RewriteCond %{REQUEST_FILENAME} !(^|/)site/assets/     # -----------------------------------------------------------------------------------------------    # Pass control to ProcessWire if all the above directives allow us to this point.   # For regular VirtualHosts (most installs)   # -----------------------------------------------------------------------------------------------    RewriteRule ^(.*)$ index.php?it=$1 [L,QSA]     # -----------------------------------------------------------------------------------------------    # 500 NOTE: If using VirtualDocumentRoot: comment out the one above and use this one instead.   # -----------------------------------------------------------------------------------------------    # RewriteRule ^(.*)$ /index.php?it=$1 [L,QSA]   </IfModule>   ################################################################################################# # END PROCESSWIRE HTACCESS DIRECTIVES #################################################################################################     What am I doing wrong?    Thanks in advance! htaccess.txt
    • By suntrop
      On my site I am using the code from this post
      https://processwire.com/talk/topic/5082-default-language-per-domain-language-switcher-not-working/
      All homepages look fine and return the corresponding translation. But all links are still pointing to the default host not the one I am currently visiting.
      Is there any way I can strip out the host or let PW know to use the host the user is on?
×
×
  • Create New...