Skip to content

moba/libapache-mod-removeip

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
 
 
 
 
 
 
 
 

Repository files navigation

mod_removeip - remove information about the remote IP

This module throws away the information on the remote IP and
hostname right at the beginning of handling the request.  That means
its not logged, is not available to any web apps, and can't leak
into error logs and the like.

This is written for use on servers with a strict policy on
protecting the identity of their users.  If the Spooks come and
demand that you hand over your server so they can try to identify
one of your users, this should be enough that you can categorically
state that there is no IP info to be found, and might mean your
server doesn't go offline.

There is currently no facility for enabling the module on a per site
or per directory basis.  It's an all or nothing thing.  This is
because the intent is to make sure IP info is not on the server at
all.  If people want more configurability, I might release an
alternative version.

I've included some configuration files as they'd appear on a typical 
debian apache installation.  They may be instructive for other 
distributions.  There's talk of getting a .deb file put together shortly.

Compile and Install for apache 1.3

cd apache1.3
make removeip
make install

Compile and Install for 2.0:

cd apache1.3
make removeip
make install

Configuration Directives:
REMOVEIPenable On
# Enable module.  Nothing happens without this directive.


Author:
Andrew McNaughton <[email protected]>
Based on code from mod_rpaf by Thomas Eibner <[email protected]>

License:
Apache License

About

Module to remove IP from apache2's logs.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages