Can you trace who used a php form on a website?

Hi there

Just wondering if there are any experts out there on this.

I have a 'contact us' form on one of my webistes - http://stayhome-mum.com/contactus.html

I had someone send me a message using this form, but they used a fake email when they filled it out.

This message I believe is from someone that is very close to crossing the line for stalking, but because they sent it through this form I cannot say for sure that it was them that sent it.

The message was very threatening - both in threatening to ruin my business as well as threatening bodily harm.

So I am trying to see if there is any way of being able to trace who sent the message through this form.

Is there anyone that has any knowledge on this that could help me with this please.

Thanks
Shezz

 

I personally know of 2 ways to trace it , one i'm positive will work of the second not as much
1. a court order obtained from your local prosecutor
2. a hacker

 

Because you're talking about something that has happened in the past, the best you're probably going to be able to do is get their IP address and follow up with their ISP. You can report the person to their ISP based on the IP address, but the ISP probably won't tell you anything about the person without law enforcement being involved. Assuming that your form server is behind a firewall, you could check the firewall logs for traffic against the server for that day. If the web server in question doesn't get very much traffic, you may be able to line up the time the email was sent with a list of IPs (or a single IP, if you're extremely lucky) in the firewall log. If your website is hosted by a third party, contact your service provider to let them know what's going on--as they may track the IP addresses of visitors to your site and may be able to provide you with that information. If you did not design your web page, you may also want to talk to the developer and ask them if they can capture the IP addresses of everyone that submits the form and have it included in the email... That would definitely be useful information, should the incident reoccur. If the email was threatening, I'd recommend talking with at least your ISP, to see what they recommend. Especially since the email threatened bodily harm, start a history by filing a report with your police department so that they can get involved.

 

One other thing... Whatever you do, don't delete the email you received! Depending upon how serious this is, if someone from law enforcement decides to do any type of forensics, they'll definitely want that.