IP address storage in SMF

[Kolya]

I have a few of questions about IP address storage in SMF. Mainly because I want to store as little as possible while maintaining SMF functionality.

1. It seems IPs in messages are stored forever. What purpose does this serve if any?
I'm considering to run a cron job that will set IPs in the message table to 0 if the message is older than X.

2. Does SMF store IPs of people who only visit but don't post?

3. Where else in SMF are IPs stored?

[Kolya]

I found the following in the database. No guarantee for completeness. Some of these may not be necessary to clean up because SMF removes old entries itself. I think all logs fall under this category.

Code Select Expand

$lastYear = time() - (365 * 24 * 60 * 60);
//Remove IP adresses older than a year
$query = "UPDATE smf_messages SET poster_ip = '' WHERE poster_time < ".$lastYear;
mysqli_query($link, $query);
$query = "UPDATE smf_log_actions SET ip = '' WHERE log_time < ".$lastYear;
mysqli_query($link, $query);
$query = "UPDATE smf_log_banned SET ip = '' WHERE log_time < ".$lastYear;
mysqli_query($link, $query);
$query = "UPDATE smf_log_errors SET ip = '' WHERE log_time < ".$lastYear;
mysqli_query($link, $query);
$query = "UPDATE smf_log_floodcontrol SET ip = '' WHERE log_time < ".$lastYear;
mysqli_query($link, $query);
$query = "UPDATE smf_log_reported_comments SET member_ip = '' WHERE time_sent < ".$lastYear;
mysqli_query($link, $query);
$query = "UPDATE smf_members SET member_ip = '', member_ip2 = '' WHERE last_login < ".$lastYear;
mysqli_query($link, $query);
$query = "UPDATE smf_log_online SET ip = 0 WHERE log_time < ".$lastYear;
mysqli_query($link, $query);

$query = "UPDATE smf_log_httpBL SET ip = '' WHERE logTime < ".$lastYear;
mysqli_query($link, $query);
$query = "UPDATE smf_login_security_log SET ip = '' WHERE date < ".$lastYear;
mysqli_query($link, $query);


The question remains what these IPs are actually used for after a year (or even after a month). I can't think of anything, because the connection between users and their IPs is usually quite volatile. But I'd be glad to hear it.

[Kindred]

and what, exactly, do you think that is saving you?

there are actually legal reasons to have the IP.  If the FBI shows up at your door and needs to know the IP of user JoeSchmoe for all posts....

additionally, I don't think that IPs are quite as "volatile" as you seem to think.  Many users still have the same IP...   or at the very least, the same close range of IPs.

[Kolya]

I don't think it's saving me anything. I think it is the ethical thing to do, to save no more personally identifiable data than necessary and no longer than necessary.
And I would be a bit surprised if the FBI showed up at my door because I don't live in the US. But you never know these days, eh?
But even if that happened, I cannot give away what I don't have.


EDIT: I find it quite disconcerting that the manager of these boards basically tells me that SMF stores IPs forever in case the FBI shows up. Is that the only reason?
I am not legally required to save this information by my own country's law. If anything I am required to do exactly as I want to do: Save as little and no longer than necessary.

[Arantor]

That and the fact it limits how useful the ban system might be.

But yes, there are legal obligations to keep such data in surprisingly many countries...

[Kolya]

Hello Arantor, glad to see you.
I'm aware of the use IPs have for the ban system. I only use IP based bans for short periods though, like a week or two. So that should be fine.

[Arantor]

In which case it is then simply a question of what legal obligations you as a data controller are required to comply with.

[Kolya]

Yes. I just wanted to make sure if there are any technical reasons (besides IP bans) for SMF to store this data. I gather there aren't any.
Thank you for your help.

[Arantor]

Long term, no. Short term there's the above plus flood control purposes. I see you're pruning the table but honestly it shouldn't live anywhere near that long.

[Kolya]

Yeah, some of those may be unnecessary as the data doesn't live that long to begin with.
I guess the most important ones are the first and last: smf_messages & smf_members. Plus some mods that also store IPs, like the HTTP Black List mod and Security Login mod.

[Sir Osis of Liver]

Lectures not withstanding, if you want to prevent SMF from capturing and storing IPs -

In /Sources/QueryString.php

Code Select Expand



/// Prevent IP detection
$_SERVER['REMOTE_ADDR'] = '0.0.0.0';
$_SERVER['HTTP_X_FORWARDE D_FOR'] = '0.0.0.0';

// Clean the request variables - add html entities to GET and slashes if magic_quotes_gpc is Off.
function cleanRequest()



[Kolya]

That's interesting, but not what I'm looking for, as I want to maintain full SMF functionality while only removing old IPs.
I have updated code in the second post. I'm running that as via a weekly cronjob now and it seems to work fine.

[Sir Osis of Liver]

Did you get all of them?  IPs are saved in smf_members, smf_messages, smf_log_reported_comments , and possibly other tables (didn't look through all of them).  They're also saved in server logs, and there's not much you can do about that on a shared server.

[Arantor]

All of those tables are listed in the second post. I *think* it's all of them but I haven't checked to be sure; nothing comes to mind, put it that way.

[Kolya]

I went through all the tables, I'm pretty sure I got them all.

The last two entries in the code in the second post are tables that were added by mods I use: smf_log_httpBL and smf_login_security_log.
If you don't have these mods, you won't need them.

Maybe someone wants to turn this into a mod with a scheduled task? Would be nice for those people who can't easily run cronjobs or don't know how.