Cryptolog

Cryptolog enhances user privacy by logging ephemeral identifiers rather than actual client IP addresses in Drupal's database tables and syslog.

When Cryptolog is enabled, Drupal 8's \Drupal::request()->getClientIP() and Drupal 7's ip_address() output a 128-bit HMAC of the client IP address (in IPv6 notation), using a salt that is stored in memory and regenerated each day.

Because Cryptolog uses the same unique identifier per IP address for a 24-hour period, it is still possible to do some statistical analysis of the logs such as counting unique visitors per day. In addition, unlike other solutions of setting $_SERVER['REMOTE_ADDR'] to either one static IP address or a completely random IP address, Drupal's flood control mechanisms still function as normal.

Drupal modules will submit the hashed IP address to remote services (e.g. a credit card payment gateway); therefore Cyptolog effectively anonymizes IP addresses sent to third-party services (aside from services which receive HTTP requests directly from the end user).

Note: As long as the salt can still be retrieved, brute force can be used to generate a rainbow table and reverse engineer client IPv4 addresses. However, once the salt has expired and a new salt regenerated, or the web server has been shutdown or restarted, it should not be feasible to determine client IP addresses, aside from using forensic methods on unencrypted swap space etc.

Drupal 8 requirements:

One of the following: APCu PHP extension, Memcache Drupal module, Memcache Storage Drupal module, or Redis Drupal module (in dev release of this module) is recommended as a memory-based key/value store for the salt. The backend store will be chosen automatically based on which backends are present, with a preference for backends which can be shared between servers (Memcache and Redis), and will fallback to the database-backed cache.

Drupal 7 requirements:

One of the following: APCu PHP extension, APC PHP extension, Memcache Drupal module, or XCache PHP extension is required as a memory-based key/value store for the salt. The backend store will be chosen automatically based on which backends are present, with a preference for Memcache which can be shared between servers. Please note that after enabling the module, you must also add it to your site's settings.php file! See INSTALL.txt for instructions. Likewise to disable the module you must remove it from your site's settings.php file.

Acknowledgments:

This module was inspired by the Cryptolog Python log filter script.

Similar modules:

IP anonymize logs IP addresses as per normal, and then retroactively scrubs them according to a configurable IP address retention period.

Supporting organizations: 

Project Information

Downloads