Users with different IPs
-
Hello people,
In the “User Login” screen of the AIOWPSec plugin, both in the “Logs of failed login” tab and in the “Account activity logs” tab, I noticed that for each user several different IPs are registered.
Of course, a user can change devices, but it is not natural for them to change so much, because in the records they show that on the same day, the same user logged in to his account or failed to log in with multiple IPs (something like 10 different IPs, for example). It is not natural for a user to change devices so much.In the case of “Login Failure Logs”, we can conclude that it could be a hacker who has discovered someone’s username and is trying to login using multiple IPs. I receive emails with notification of blocking the site, where sometimes it shows me that the same user tried to log in several times but failed, and the IPs shown are different, so I believe it may be hackers.
But for the case of “Account Activity Logs”, this tab shows the users who have logged into your accounts, so it means that they are the real users (not hackers). And this tab also shows that the user entered his account with several IPs (including several on the same day).I also realized that even the comment logs, the same user as comments several times, are registered different IPs. However, in this case I realized that between several comments in about 4 weeks, it shows the same IP, and then changes to another IP and thus always records that same IP for about 4 weeks and then changes again to another IP and continues so for about 4 weeks and changes to another IP, and so on.
Can you explain to me why these IP variations for the same user?
I appreciate the help.
- The topic ‘Users with different IPs’ is closed to new replies.