Libravatar (obsolete)

Hide user IP addresses

Bug #1394845 reported by François Marier on 2014-11-21

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Libravatar (obsolete)	Fix Released	Medium	François Marier

Bug Description

To improve the privacy protections of the service, we should stop logging our users IP addresses.

This involves removing them from the account and photo tables, as well as installing libapache2-mod-removeip on both www and the mirrors.

Tags:

François Marier (fmarier) on 2017-05-29

Changed in libravatar:
status:	Confirmed → In Progress

Revision history for this message

François Marier (fmarier) wrote on 2017-05-31:

While the mirrors don't need IP addresses, it is sometimes useful to debug problems on the main service.

Given that libapache2-mod-removeip isn't very configurable and always strips out IP addresses:

"There is currently no facility for enabling the module on a per site
or per directory basis. It's an all or nothing thing. This is
because the intent is to make sure IP info is not on the server at
all. If people want more configurability, I might release an
alternative version."

perhaps following the EFF DNT policy (https://www.eff.org/dnt-policy) is a better approach for the main application.

Revision history for this message

François Marier (fmarier) wrote on 2017-06-20:

The following has been done:

- no longer logging IPs in the DB
- purged the existing IP addresses from the DB
- no longer logging IPs on mirrors (via libapache2-mod-removeip)
- apache log retention of 10 days as per EFF DNT policy

Changed in libravatar:
status:	In Progress → Fix Released
information type:	Private → Public

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.