MyBB Community Forums

MyBB Community Forums > Development > Suggestions and Feedback > Optionally saving IP hash instead of IP
Full Version: Optionally saving IP hash instead of IP
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

Lennart Sauter

2015-09-11, 07:08 AM
This is a follow-up of this thread:
http://community.mybb.com/thread-165794.html

I'd propose a setting to let the admin choose between saving the full IP of a user (like MyBB 1.8 does it) and saving a hashed value to identify the user, based on two digits of the IP and the user agent for example.
This would allow us to identify (and ban) single users while respecting their privacy and not storing IPs. It's basically the same way the open source analytics platform Piwik works.

I'd also like to keep the recorded info from visitors to a minimum by default.

Best regards
Lennart Sauter

Euan T

2015-09-11, 08:39 AM
Surely saving the useragent wouldn't be of much use (the user could just switch browsers)? In that case, hashing part (or all, using a decent hashing algorithm) of the IP would possibly be a better solution surely?

Lennart Sauter

2015-09-11, 09:18 AM
If the IP can not be reverted or we'd replace the last two digitpairs by zeros this should work just as well.

Euan T

2015-09-11, 11:44 AM
(2015-09-11, 09:18 AM)Lennart Sauter Wrote: [ -> ]If the IP can not be reverted or we'd replace the last two digitpairs by zeros this should work just as well.

It could be retrieved if given enough computing power and time (if we hashed the IPs with bcrypt for example, it would take a while to reverse engineer them, yet still give all the advantages that storing the full IP gives).
MyBB Community Forums > Development > Suggestions and Feedback > Optionally saving IP hash instead of IP