When 'Post Settings > Limit editing time' is disabled with value 0, phpBB does not log the IP address used to edit a post.

Recently a user on our forum from Russia had his credentials stolen after using a WiMax network, The imposter did not create any posts however edited all his existing posts over a few hours. Our forum is hosted on Sourceforge and we do not have access to server logs, only the IP logs created when a user posts (Logs via the Moderator Control Panel).

I recommend either changing the MCP logs to record the users IP on logon instead of only logging IP at post creation as there are many operations a user can preform without creating a post that can harm a forum, especially if that user was a moderator.