Ive created a logfile class that will update the DB table when a new record is created, currently it will record the clients IP address,

My question is do I want the IP address? , will it be helpful in finding potential "Hackers", what should I be recording to track a person who is attempting to login continously through a loop or something.

If used this code to locate the IP address
http://www.go4expert.com/forums/showthread.php?t=285

IP is ok, hostname is better, user login ID is best.

UserID is a given every log record is associated with the acting user, What do you mean by hostname?



Lets say Im trying to break a users login and I attempt 10 times and fail how can I create a record on the server of the client that will enable me to prevent further attempts.

Is this Internet or intranet? If the latter and using DHCP then hostname will be constant, IP will not. Hostname is the name of the computer making the request.

How you block them depends on how your authentication works. Hopefully it's not done at the application level.

So if not application level then Networking? Firewalls etc? THe website will be hosted by an ISP should I build any functionality into the site that could help them prevent attacks?

Use Basic Authentication then analyze the access logs periodically for cracking attempts. You can then use some other means (e.g. htaccess with URL rewriting or deny sections of the authentication requirements) to block out bad doers.

Thanks