River Tarnell wrote:
apache logfiles (/var/log/apache/access) have now been
modified to not
include the remote client's IP (it will show 127.0.0.1 instead). real
logs are available in /var/log/apache/private/access for people in the
'privlogs' group.
Thanks again for that. However, we've been talking on IRC about
alternatives, since there are some things that rely on the client IP -
Interiot's TSTOC thingy for instance, and it's nice to have for
webalizer, too.
We have discussed the following:
a) make a script that replaces the IP by a hash value (MD5 or
something). That way, counting unique clients is still possible without
exposing the IP. This could be done by a per script wither live using
tail -F, or regularly using cron. The script would need access to the
real logs, of course. And we would still need the current public log
that has 127.0.0.1 for everything, so tools that rely on apache log
format don't get confused.
Assuming that it's OK to know the IPs of people that visit our tools on
the toolserver explicitly, but not to know the IPs of WP visitors that
unknowingly leave a trace on the toolserver along with a visited page
and date/time, there are more options:
b) create a subdomain/virtual host for the hit counter. That virtual
host would have a separate, anonymized log. The "normal" tools would
have a full log with client IPs - they can find out the IP anyway.
c) similarly, requests/logging for the hit counter could be done by
lighttpd or something similar; Maybe that's faster than apache, I don't
know. All we need is logging, really.
I just put this here for reference, and as something to think about.
Regards
Daniel
--
Homepage:
http://brightbyte.de