.Jack Posted September 3, 2006 Share Posted September 3, 2006 As you probably know, not every action in the ACP is logged. Well, recently my forums were compromised, and the attacker decided to change around a few things in the ACP, almost all of these actions went unlogged. For example, he edited skin templates, edited some settings, etc. Most of these actions went unlogged.I would like to see improved ACP logging in future versions of IPB. Link to comment Share on other sites More sharing options...
princetontiger Posted September 3, 2006 Share Posted September 3, 2006 Maybe he cleared the ACP logs? Link to comment Share on other sites More sharing options...
Brandon C Posted September 3, 2006 Share Posted September 3, 2006 I definitely agree that the Admin Logs need to be greatly improved on as it lacks in many areas, as they are unrecorded and you have no clue on who did what. Link to comment Share on other sites More sharing options...
Arancaytar Posted September 4, 2006 Share Posted September 4, 2006 Maybe he cleared the ACP logs?There's no way that can be prevented (unless somehow the logs can be optionally written to a file so only the webspace owner can mess with them? That would be an idea...). However, I've also noticed that a lot of critical actions aren't logged, or logged with incomplete information. As for the MySQL console, the one tool in the admin panel that can change everything except for the skin files, that is completely unlogged.As it is, the admin log is just an automatic version of the "Admin Notes", and not a security feature. Link to comment Share on other sites More sharing options...
Antony Posted September 5, 2006 Share Posted September 5, 2006 I suggest the following measures to improve ACP security and logging:Prevent the MySQL toolbox from doing anything other than SELECTing the admin logs table.Log all queries run from the MySQL toolbox.Prevent the admin logs from being deleted via the AdminCP. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.