Avoid IP leakage in traces
Closed this issue · 3 comments
emanuelb commented
nijel commented
It's not really needed, it's coming from standard CakePHP logging.
nijel commented
I've removed it from the issues. On the other side, there are many logs on the web server which will store the IP address, so I don't think this is worth addressing besides taking care of not disclosing them when creating issues on GitHub.
emanuelb commented
The webserver IP storage in logs can be addressed also by general solutions to IP logging:
- not log IPs.
- Log masked values (2 bytes stripping is recommended) see: https://piwik.org/docs/privacy/#step-1-automatically-anonymize-visitor-ips
- Hashed values (preserve same IP detection always) or encrypted-with-throw-away-keys (preserve same IP detection between rotation of encrypted keys, see slides 23-25 in https://www.eff.org/hope9/privacy-tricks)
taking care of not disclosing them when creating issues on GitHub.
it's better to come up with solution that doesn't rely on taking care, such as disabling output of Client-IP in CakePHP traces.
I've removed it from the issues.
👍 here the last remaining issues that contain ClientIP to remove:
non stacktrace error:
#72