Hide user IP addresses
Bug #1394845 reported by
François Marier
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Libravatar (obsolete) |
Fix Released
|
Medium
|
François Marier |
Bug Description
To improve the privacy protections of the service, we should stop logging our users IP addresses.
This involves removing them from the account and photo tables, as well as installing libapache2-
Changed in libravatar: | |
status: | Confirmed → In Progress |
To post a comment you must log in.
While the mirrors don't need IP addresses, it is sometimes useful to debug problems on the main service.
Given that libapache2- mod-removeip isn't very configurable and always strips out IP addresses:
"There is currently no facility for enabling the module on a per site
or per directory basis. It's an all or nothing thing. This is
because the intent is to make sure IP info is not on the server at
all. If people want more configurability, I might release an
alternative version."
perhaps following the EFF DNT policy (https:/ /www.eff. org/dnt- policy) is a better approach for the main application.