The IP address of all visitors is visible to the site administrator

The image below shows an extract from the server activity log of this site, as provided by the hosting company Infomaniak.

After a web search, it appears that the (partly blurred) IP address of a machine that has been connecting to our site several times a day for several days is apparently the subject of 40 complaints of malicious activity. These include attempts to break into a site by trying to guess user name/password combinations (brute-force attacks).

In the example below, a machine is apparently attempting an XML-RPC attack by trying to overwhelm our server with requests that can, when unfiltered, crash a database.

Here the attack is apparently filtered by the host’s security services, which only allow a small number of XML-RPC commands to pass through (1 per minute in our example), and eliminate most commands before they reach the server.

The host’s security services use the IP addresses of all connections to the site to identify the signature of an attack (e.g. the same request from the same machine a large number of times in a short period of time for a brute force attack).

The IP address and the e-mail address transmitted by visitors who comment on articles on the site are visible to the site moderators

The site administrator and moderators (author of the book and publisher of the site) do not use this information a-priori, but they do see it in the site’s comment moderation interface.

Example : three spam attempts (in pink).