That’s what i would like to do, but where would i find that information?

In the users table isn’t there, or I’m not searching in the correct place.

 

From: users-bounces@lists.roundcube.net [mailto:users-bounces@lists.roundcube.net] On Behalf Of Maarten
Sent: quinta-feira, 8 de Fevereiro de 2018 18:16
To: Roundcube Users mailing list
Subject: Re: [RCU] Unknown user in users table, very odd, possible security hole

 

I would start by checking the ip adress that user logged in with.

 

On 02/08/2018 07:10 PM, Jorge Bastos wrote:

Howdy,

 

I have a verrryyyyy odd thing happening.

I have an user, unknown, that is in my users table, for a domain that isn’t mine, and never was.

This records keep’s having last_login fields updated, so someway he’s being able to login right?

 

 

Odd to see that the field after the datetime fields (that is the failed_login_count) is zero,

 

Is there any plugin or so to records the IP from which the logins are made?

Where to search for this possible breach?

 

Regards,




_______________________________________________
Roundcube Users mailing list
users@lists.roundcube.net
http://lists.roundcube.net/mailman/listinfo/users