The IP Logs screen is a security audit trail — it records account activity along with the IP address it came from. Open it from Reports → IP Logs in the sidebar.
IP Logs only record activity while IP Logging is switched on. Turn it on under Settings → IP Access — see Security and Spam Protection.
What the log records
Each entry in the table shows:
| Column | What it means |
|---|---|
| IP | The IP address the action came from. |
| Country | The country that IP address is located in. |
| Device | The browser and device used. |
| The email address involved in the action. | |
| Time | When it happened. |
| Type | The kind of action — Login, Register, Password Reset, or Logout. |
| Message | The result, such as success or failure. |
Filtering the log
Use the Type filter above the table to narrow the list down to a single kind of action — for example, only Login attempts. The table's own search box lets you search by IP address, email, or message text.
Investigating suspicious activity
- Set the Type filter to Login.
- Look for repeated failed attempts from the same IP address or against the same email.
- If you find an address you want to block, copy the IP and add it to the blacklist under Settings → IP Access (see Security and Spam Protection).
Reviewing the IP Logs every so often is a good habit even on a quiet site — it is the quickest way to spot a brute-force attempt on your sign-in form.