anonymize IP in logfiles after log rotation

Discussion in 'ISPConfig 3 Priority Support' started by chico11mbit, May 23, 2018.

  1. chico11mbit

    chico11mbit Member HowtoForge Supporter

    Hi,
    i know that ispconfig takes care of the logrotation from the logfiles in the /var/www/clients/clientXXX/domain/log folder.
    Now the DSGVO is ante portas. So is it possible to anonymize the IP adress (perhaps last 3 digits) when the apache log is rotated and compressed?
    I think this will be ok, because i think many people wnat to use the logfiles for fail2ban analysis.

    For Apache2 Logs in /var/log/apache2 I use
    https://www.privacyfoundation.ch/de/service/anonip.html
     
    Last edited: May 23, 2018
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    We have built a function into vlogger to anonymize IP addresses directly. This will be released in the next 2 days.
     
  3. chico11mbit

    chico11mbit Member HowtoForge Supporter

    Hi Till,
    It's nice that you can now make the logfiles anonymous. If you use fail2ban with special filters, which evaluate the individual logfiles of the websites, it would be good if there would be a setting, that only the compressed logfiles are anonymized. Otherwise fail2ban always locks the wrong IP address (x.x.x.0)
     
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    We might add such a feature in future. Anonymizing files after one day would mean that you store IP addresses. So you will have to inform your users in the exact same way as if you would not anonymize IP's at all which means you can turn off IP anonymization anyway. anonymizing on compression would make only sense if you plan to store the logs for a very long time, e.g. for several months or years, which probably not many people plan to do
     
  5. chico11mbit

    chico11mbit Member HowtoForge Supporter

    That makes sense. I think it is in the legitimate interest of the website operator to use the logfiles for security purposes. Probably it is enough to include such a passage in the data protection declaration.

    btw. These english answers in this thread were translated from german to english with deepl.com.
     
  6. till

    till Super Moderator Staff Member ISPConfig Developer

    I guess that's what most websites do and how I did it here in the privacy policy at howtoforge as well.
     
  7. till

    till Super Moderator Staff Member ISPConfig Developer

    Btw. Yes, deepl is really cool. By far the best translation tool that I've seen yet.
     

Share This Page