1

I'm currently working on helping with the development of a website. Someone this past weekend attempted to hack into the website, but failed. However, since the entire site was rewritten this last summer, there was no way to store their movements within the site and to catch the user's IP before they gave up.

Is there a way to track a users actions (such as which links they visit) while in a website and store it into a file (the website is small) in order to make sure we have a record of the actions, if anyone ever attempts to hack it again?

To see if I could do this, I started using logging, but ran into issues with how exactly I am supposed to record the users actions with logging. My setup is below, and it works, I just don't know what to put in place of the string currently inside of logging.info() to record the movements of the user. Thanks in advance for any help you can provide.

from ipware.ip import get_ip
import logging

def IPCatcher(request):
    ip = get_ip(request)
if ip is not None:
    print("We have an IP address for user")
    print(ip)
    logging.basicConfig(filename='log_recording.txt',
                        level=logging.DEBUG,format='%(asctime)s %(message)s',
                                                          datefmt='%m/%d/%Y %I:%M:%S %p')
    logging.info('This is working')

else:
    print("we don't have an IP address for user")
Improve this question
2
  • Are you using apache or nginx? Commented Oct 10, 2017 at 22:22
  • Right now I'm not using apache due to security and am thinking about nginx but are currently not using either. Would nginx help in this situation? Commented Oct 10, 2017 at 23:55

1 Answer 1

Reset to default
1

Logging in Django can be fairly daunting at first, but there's plenty to read up on around the web. To give you an overview, the easiest way to setup logging in django is to start with your settings.py file where you configure the logging;

LOGGING = {
    'version': 1,
    'disable_existing_loggers': False,
    'handlers': {
        'file': {
            'level': 'DEBUG',
            'class': 'logging.FileHandler',
            'filename': '/path/to/django/debug.log',
        },
        'mail_admins': {
            'level': 'ERROR',
            'class': 'django.utils.log.AdminEmailHandler',
        }
    },
    'loggers': {
        'django': {
            'handlers': ['file'],
            'level': 'DEBUG',
            'propagate': True,
        },
        'my_app': {
            'handlers': ['file'],
            'level': 'DEBUG',
            'propagate': True,
        },
    },
}

Replace my_app with your app label & then in your view the logging call will log to the file handler (note the mail_admins handler which will send an email to settings.ADMINS).

import logging

from ipware.ip import get_ip

# This gets a named logger, which should match your appname
logger = logging.getLogger(__name__)  

def IPCatcher(request):
    ip = get_ip(request)
    if ip is not None:
        logger.info('This is working')

I'd also recommend watching this for a tutorial on the subject; https://www.youtube.com/watch?v=BsbtPqQdo3Q

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Thank you very much for the help!
@scottyboy I meant to add as well, you can use a rotating file similar to apache logs. Take a look here for that; djangosnippets.org/snippets/2980

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.