mod_removeip 0.2 review
Downloadmod_removeip is an Apache module that can remove information about the remote IP. This module throws away the information on the r
|
|
mod_removeip is an Apache module that can remove information about the remote IP.
This module throws away the information on the remote IP and hostname right at the beginning of handling the request. That means its not logged, is not available to any web apps, and can't leak into error logs and the like.
This is written for use on servers with a strict policy on protecting the identity of their users. If the Spooks come and demand that you hand over your server so they can try to identify one of your users, this should be enough that you can categorically state that there is no IP info to be found, and might mean your server doesn't go offline.
There is currently no facility for enabling the module on a per site or per directory basis. It's an all or nothing thing. This is because the intent is to make sure IP info is not on the server at all. If people want more configurability, I might release an
alternative version.
Compile and Install for apache 1.3
make removeip
make install
Compile and Install for 2.0:
not completed. let me know if you want it.
make removeip-2.0
make install-2.0
Configuration Directives:
REMOVEIPenable On
# Enable module. Nothing happens without this directive.
Requirements:
Apache
mod_removeip 0.2 search tags