Categories
How It Is How To

Register IP – Multisite

When a new user registers on a WordPress site, their IP address is logged for the admins.

Spam is one thing, but trolls and sock puppets are another. Sometimes people just decide they’re going to be jerks and create multiple accounts with which to harass your honest users. This plugin helps you fight back by logging the IP address used at the time of creation.

Log into your WP install as an Admin and you can look at their profile or the users table to see what it is. For security purposes a user’s own IP is not displayed to them when they look at their own profile.

Privacy Notes

This plugin adds additional data to a new user’s wp_usermeta data under the signup_ip key. This data is directly tied to the user account, and is only editable via the database. Should a user account be deleted from the site, the data will be automatically deleted.

No external data is transmitted, it all stays on your install.

Download

Latest version: Download Register IP – Multisite v1.8.2 [zip]

Installation

No special activation needed.

FAQ

Q. Why do some users say “None Recorded”?
A. This is because the user was registered before the plugin was installed and/or activated.

Q. Who can see the IP?
A. Admins and Network Admins.

Q. Does this work on MultiSite?
A. Yep!

Q. If this works on SingleSite why the name?
A. There’s already a plugin called “Register IP”, but it didn’t work on MultiSite. I was originally just going to make this a MultiSite-only install, but then I thought ‘Why not just go full bore!’ Of course, I decided that AFTER I requested the name and you can’t change names. So you can laugh.

Q. Does this work with BuddyPress?
A. It works with BuddyPress on Multisite, so I presume single-site as well. If not, let me know!

Q. This makes my screen too wide!
A. Sorry about that, but that’s what happens when you add in more columns.

Q. What’s the difference between MultiSite and SingleSite installs?
A. On multisite only the Network admins who have access to Network Admin -> Users can see the IPs on the user list.

Q. How can I filter the IPs to, say, link to an IP checker?
A. There’s a filter! Toss this in an MU plugin:

function filter_ripm_show_ip($theip) {
    $theip = '<a href="https://duckduckgo.com/?q='.$theip.'">'.$theip.'</a>';
    return $theip;
}
add_filter('ripm_show_ip', 'filter_ripm_show_ip');

Changelog

1.8.2

  • 02 August 2020 by Ipstenu
  • Fix to show IP on your own page (if you’re an admin). This was always there, but only on other people’s pages, so you may not have noticed.
  • Tested 5.5 compat
  • PHPCS cleanup.

1.8.1

  • 07 March 2018 by ipstenu
  • Sanitize and escape IP address (props @juliobox)

1.8.0

Screenshots

  1. Single Site (regular users menu)

    Single Site (regular users menu)

  2. Multisite (Network Admin -> Users menu)

    Multisite (Network Admin -> Users menu)

37 replies on “Register IP – Multisite”

Hi,
Iโ€™ve installed your useful plugin that works fine. I would like to make a French translation for it but there is something wrong with Poedit (I cannot creat a new catalogue). Can you please send me a blank .po file please?
Thanks!
Best regards,
JG

I’m working on this RIGHT NOW! ๐Ÿ™‚ Version 0.2 will have a POT file in the languages folder, to let you change as you want!

Well, it seems that it the language files are not working, even with the last plugin version (by the way after the last plugin update, all the IP recorded wre lost!!). I must modify directly the register-ip-multisite/register-ip.php through WP editor to translate the text ๐Ÿ™
Do you need any further information?

Why this got caught in the spam trap…

There were TWO updates, one after the other, after a typo wiped out the IPs. What version are you using? You should be fine on 1.1

Iโ€™ve got the last version 1.0. Actually there is no new member, but I will create a new one myself to check that the IP is correctly recorded and then not deleted with the next update ๐Ÿ™‚

Hi there

I’m having a problem with this plugin and I’m sure it is my fault … when I’m logged in and looking at the list of users instead of seeing their IP I see this error

Warning: Missing argument 3 for ripms_columns() in /home/whitetsh/public_html/social-mix.com/wp-content/plugins/mu-plugins/register-ip.php on line 73
No login data available

Is this normal … or did I need to do something?

cheers

Damien

What version of the plugin are you using, and what version of WordPress?

The latest and greatest version SHOULD be okay with WP 3.1 and 3.0.3, both MultiSite and Single, but there ARE known issues with older versions and 3.0.3

can you tell me how can i block user ip using this plugin, plugin working fine but not stopping multiple registrations many users able to register from same ip

It doesn’t BLOCK anything. It just let’s you know what their IP is. You have to use WordPress’s blacklist to block.

Okay, I’m going to spin up a new instance, but I know it’s working great on 3.1 MultiSite, and I didn’t see any changes on 3.0.5 that would do this.

Not sure what else it could be as the plugin i am using to block spammeres blocks and logs the ip of spammeres trying to registre. But i really need the ip of the ones that gets threw the filter in order to add them to the filter.

I tried debuggin on this a bit, and i think i know what is going wrong. Users have to validate via email after doing the signup, so the users is only in the wp_signups table and there for can’t have meta data assigned as there is no user id.

I see that a users that i created from the admin interface has my ip logged, and since they are created directly that would to explain why it worked that time.

No that can’t be it, if I understand you right.

If you sign up on multisite, you have to validate by email. When you validate by email, it takes the IP used at THAT moment, on the validation, as your IP. It’s working just fine like that for me on my other site. So again, what is this OTHER plugin ๐Ÿ™‚

Problem solved ๐Ÿ™‚

Instead of update_user_meta on a might-not-yet-be-created-user you should use a add_signup_meta filter.

function log_ip_meta($meta){
$meta['signup_ip'] = $_SERVER['REMOTE_ADDR']; //Add user metadata to the usermeta table
return $meta;
}

// Hook into when the user is registered.
add_action('add_signup_meta', 'log_ip_meta');

My patch gets the IP even earlier, this is valuable to me as I can spot spammeres even if they haven’t activated there user yet.

I was having the issues with just teas 3 plugins enabled
http://crunchmeme.com/plugins/facebook-members/
http://ronaldheft.com/code/analyticator/
http://blog.stoutdesign.com/stout-google-calendar-custom-colors

I think it more likely that it’s a setting that i have that makes the update_user_meta method not work, but add_signup_meta should be a sure shut.

Okay, remember when you said this:

Not sure what else it could be as the plugin i am using to block spammeres blocks and logs the ip of spammeres trying to registre.

What plugin IS THAT? I really wanna know. I’ll regression test your fix, but remember this plugin is for Multisite AND Single Site, so while I can apply that IF multisite, I’ll still keep the old way for Single Site. And I don’t know why YOURS is failing. I have to make sure your fix won’t break anyone else, after all ๐Ÿ˜€

Also, I’m not sure it’s beneficial, until (and unless) WordPress builds in a way to check from the Admin end all the people who’ve signed up and not ‘activated’ for lack of a better term. This is useful for you, but I don’t personally worry about un-activated spammers, and between Bad Behavior, my .htaccess and WP Hashcash, I don’t have a lot of spam sign ups.

Ok, maybe i shouldn’t have called it a plugin, right now it is just a script i run that goes threw the database, not really talking to WP in any way ๐Ÿ˜ณ
Normally i have “Stop Spammer Registrations Plugin” installed to stop spammers from registering, but that was disabled while testing your plugin. I only had the 3 plugins i mentioned before installed while testing yours.
I am planning to integrate my script with the “Stop Spammer Registrations Plugin” but that won’t be untill later. Most of the spammers seams to have evaporated at the same time as my Adwords campaign ran out of cash ๐Ÿ˜ฎ

FYI, I am poking around with this. The problem, from my perspective, is that I have something that works well without a lot of jiggering for both single and multisite. You’re having problems because you’ve got a one-off script. I can’t reproduce the error, and frankly, it’s storing them where I see it as being useful. Further, as there’s no built in admin interface to see when someone’s registered but NOT activated, there’s no back-end available for the users. So there’s no point in putting data no one can get at (IMO). This is a situation I would say is exactly why the code is GPL ๐Ÿ™‚ Fork as you’d like, but I’m pretty sure I’m not going to fold this in.

Forks are normally for when you want to archive some thing different from upstream. The big issue with having a for is that you have to maintain your patch and do updates manually.
I don’t see how your code is able to store the ip before the user is actually created, or does it not run before the user validates there account?
Did you test my code and see I’d there are any regressions? If not is it not worth applying the patch to apply the users who has a set up similar to mine?

You DO want to do something differently. This plugin is a fork of the Register IP plugin, because I wanted to make it work on MultiSite (theres an amusing anecdote about that in the readme) as well as BuddyPress, while keeping SingleSite there.

The patch you gave doesn’t work on single site, which means I’d have to keep the version I do have AND write and if check for multisite, to do it both ways. It’s already a pain to have to dupe up functions for pre-3.1 multisite, and I’m looking forward to the 3.2 release when I can strip it out and make the plugin smaller. Basically, for ONE person, with a problem I can NOT reproduce, it’s an unnecessary complication. For now. If the situation changes, I’ll revisit, for sure.

The IP is grabbed whenever user_register is called in the process.

Hi – i’m looking for a plugin that can record user logins as i’m controlling user registration separately … your plugin seems to have gotten solid feedback / responses thus wondering if it is something that can be re-spun to record ip address of users when they login ..??..

i had been testing another plugin, wp-record -> http://wordpress.org/extend/plugins/wp-record-ip/ -> which worked a tad but seems to default to Greenwich Mean Time and not the local time of server or WP time settings … and that is where the WP Codex had link to other ip related plugins which got me here :>0

as fyi, recording ip during login can help in legal depts and yes, i know, ip’s are not full proof … but if a user account gets hacked and an ip is recorded during login, it does help create a log that can then get a court order to trace that ip … hence my search for plugin that records ip of user logins …

i’m also using MultiSite 3.1 network so if said plugin was MU ready, yee ha :>) cordially, chuck scott

ps – bravo to your support for dog fight extinction -> ie,
http://photos.ipstenu.org/2010/02/humane-society-gala-with-jorja-fox/ … technically i’d like to see more growth in love and light for all things healthy pets and earthly download / upgrade for new reality of “best of heaven on earth” for all living critters but i digress :>0

I’ve actually never bothered to check WHAT the time was, but in my play plugin that also snags registration TIME, it seems to default to server time.

Anyway, making it log IP at login could certainly be done, though I consider it outside the ‘scope’ since this is just to help narrow down on spam account generation. But. But. I’ll look into this. The problem with those logs is they get pretty large, so you’d want to limit them to the last 5 or so times you login.

FWIW, I’ve never once had to deal with a court order for IPs, and when I did need to dig into it for myself, I used my server logs (not WordPress).

thanks for quick response and yes, log files can grow quickly but i’ve been in habit of using another tool – html/os – that makes it easy to generate log files as csv text with htaccess limits for admins so periodically i just go in and drag those logs off server, back up and then let server keep going … so while server logs are fine, having a csv file with username-date-time-ip login just makes it easier to jump to issues … cheers :>) cs

I’d like to express a keen interest in logging:
– ip upon registration
– most recent 3 ips used
That would keep the volume of your logs down (instead of saving all ips per user).
The reason for this request is that Admin will be helpless if he ever loses that first registered ip, ie: if the plugin or site needs to be reloaded for whatever reason.

I did notice you said you check your sever logs for the latest ip.
How is that done? Or is there an article out there that instructs you how?

Thanks

IP on registration is already stored via this plugin. Thereโ€™s no way you could lose it unless you wiped your DB tables.

Most recent IPs โ€ฆ. Iโ€™ve considered it, but thatโ€™s actually stored in the comments anyway (not used when visited, just used when commented), and again, canโ€™t lose that easily If you were to store it per โ€˜visitโ€™ that would get CPU expensive pretty fast. Youโ€™d need to either check per page load (no) or per login (maybe).

I check my server logs by going over the last 500 visitors now and then (though I also use a firewall tool to monitor things โ€“ if you try and login with certain IDs, you get blocked right away).

My additional concern is about people hiding behind proxies.
If they register with one ip, then start uploading porn with another, blocking the first won’t do any good.
Are there other ways to keep apprised of their ongoing ips?
Btw, most other plugins of this nature report errors, bugs, and even exploits. Glad to have found this one.

Firewall stuff: I touch on it here http://code.ipstenu.org/2010/spam-splog-wars/ but its ConfigServer Security & Firewall. Not via cpanel, but it can work WITH it. This is server level stuff, not WP at all.

Frankly, you’re not going to have any luck blocking proxies, and it’s not worth the hassle. I don’t believe in any efficacy in blocking IPs, and I use these methods to stop stalkers, which is about the same thing.

Btw, most other plugins of this nature report errors, bugs, and even exploits.

I’m not sure if you’re saying I should report errors, or that the other plugins don’t work… ๐Ÿ˜‰

Okay, I’ll read up on those links you provide. Thanks very much.
re: “Btw, most other plugins of this nature report errors, bugs, and even exploits.” that’s in regard to other plugins that don’t work. ๐Ÿ˜‰

You can use “Stop Spammer Registrations Plugin” to block known bad IP’s, from spamming, and submit new onc.

I second that plugin use ๐Ÿ™‚ I use it since it’s a very elegant way of trapping comments etc vs Stop Forum Spam and a couple other places, WITH built in reporting. But I don’t go out and IP ban people on my own.

Comments are closed.