Hacker News new | past | comments | ask | show | jobs | submit login
Show HN: ipscrub, an IP address anonymizer for Nginx (github.com)
42 points by masonicb00m 11 months ago | hide | past | web | favorite | 17 comments

I’m sure laws differs between countries, but isn’t there a law in Europe that forces you to log IP for eventual police investigation ?

It was true some years ago in France (a law from 2011 says you must keep 1 year of logs for user posting content on your website [1]), and it’s the big question I am asking myself for several months with GPRD comming.

Everyone I ask had its own way of seeing it and I’m confused.

[1] https://www.legifrance.gouv.fr/affichTexte.do?cidTexte=JORFT... (in French, article 3)

Edit: found the law

In some countries in europe (e.g.: Germany) they are pretty strict against maintaining logs that associate employee web traffic with the employee. Plus,GDPR will introduce some concerns like you mentioned.

For that law you referenced,I am not sure it would apply for a network provider as it would for a site-owner (e.g.: VPN or CDN provider vs a website)

This looks great for GDPR and a good way to get in compliance by pushing the problem way upstream as to not have to figure out delegations at the app layers.

This module makes it impossible to detect and handle IPv6 /64 subnets. Perhaps the first and last 64 bits should be hashed separately.

What do you mean when you say “detect and handle IPv6/64 subnets”?

I’m not too familiar with IPv6 but would love to improve support for it if the project is deficient somehow.

With the original IP, addresses are fairly expensive. With IPv6, even home users are assigned a /64 subnet at the smallest, so a malicious actor can iterate through many addresses. Generally for things like per-IP ratelimiting, you treat a whole IPv6 /64 subnet like you would treat a single IP address.

Even using anonymization such as this you should not keep logs for longer than necessary to debug and delete after a month or two

Why would you need to avoid logging IPs?

I prefer to look at it the other way around. Why would you need to log IPs? It’s like asking people for their social security number (USA) just to have a unique identifier—this is more info than you need.

It can be useful to find out who's been spamming requests at your server and block connections on the firewall level.

From the project summary:

“You can use this hash to link requests from the same source, without identifying your users by IP address”

So perhaps it is/will be possible to take actions against bad IPs.

With more difficulty. I can hardly use hashes to blacklist IP ranges in my firewall, even if it could, the performance would suck due to the necessary hashing.

No. Not using this module. The hashes are based on an ephemeral salt so there is no way to reconstruct the hash using only the IP address.

Good point.

1) You respect user privacy.

2) Your product is user privacy related and you want to state truthfully you do not record user IP addresses anywhere on your end (such as nginx logs that you may still need to debug issues in production).

Under GDPR it's considered personal data

Some businesses like the VPN industry take pains to respect and protect the user's privacy.

Applications are open for YC Summer 2019

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact