Add settings for comment_IP and storage duration

Right now I altered these values directly in the plugin, but that’s not really a good solution…

I’m open to adding these as configurable parameters. However, I’d like to learn more about why you’d want to change them before making any changes. The defaults have been really carefully selected to not need changing.

override the comment_author_IP to be used (I prefer to set the IP to 127.0.0.1)

You risk having a plugin block access from the loopback interface that way. This could cause all sorts of problems for you.

0 was chosen as it’s the default value in WordPress for an unspecified IP address, it resolves to 0.0.0.0 in most of PHP’s functions for handling IP addresses, and it’s the documented default return value for get_comment_author_IP().

perhaps even only anonymize the existing IP by deleting one or two octets

Please provide a use case for a partial IP. Keep in mind that IPv4 depletion means IP assignments have become very granular, so you can’t tell much — if anything — from a partial IP these days. E.g. my current home IP address is located in Spain according to GeoIP databases, but I’m actually in Norway. —and that is with the full IP address. I can’t really see any use for a partial IP, so the plugin just gets rid of them at the end of the 60 day period.

set the maximum storage duration of the original IP address – 60 days seems a bit too much to be really compliant with DGPR

This isn’t legal advise. I’m not a lawyer. You’re allowed/have a legitimate purpose for storing IP addresses under the GDPR for the purpose of detecting and preventing fraud, and for network and operational security. It can take days or a weeks before an IP is recognized as an aggressive spammer, and a spam-fighting plugin can retroactively act and remove comments submitted by the IP in question. Likewise, a comment moderator can spot the same IP posting many comments under different names but from the same IP. You really have a legitimate interest in storing the IP for a year or two!

Two months was chosen after reviewing literally hundreds of privacy policies and finding that of those who specifically mentioned comment IP removal, they did so after two or three months. E.g. “We store the IP addresses along with any submitted comments for two months to prevent spam, fraud, and abuse.” Anti-spam plugins seem to be capped at retroactively deleting things after 4–6 weeks. 60 days seemed to fit well with the ecosystem and with how other websites already handle this.

The reliability of GeoIP is another story, […] I got inspired by Matomo (formerly Piwik) which already has an option to delete the last one or two octets from the IP before storing it in the database.

The two are actually two sides of the same issue. Partial IPs allowed Piwik to still get good GeoIP lookups, but that isn’t really the case anymore. I can’t really see any use for a partial IP anymore.

Could you please attach the diff of your modifications so I can see what variables you’ve changed? I’ll add this to my todo list for 2018-W22.

The next release will have a filter for tweaking the deletion time.

@somevapourtrails. This isn’t legal advice but don’t panic. There is exceptions for fraud and abuse detection and prevention, as well as for maintaining and auditing system security. Keeping IP addresses around for a month or two for these purposes isn’t any cause to worry. As long as you don’t use the data for any other purpose, you’ll be fine.

@pputzer WordPress.org colab infrastructure is terrible for plugins. However, you can just send me a standard patch file. Open source did just fine long before GitHub, and patch handling isn’t a lost art.

@themnbvcx-1 did you get a chance to test the changes?

Open source sure did, but there’s a reason why Linus wrote Git. Sending patches via contact forms or posting them in here is not something I’ll fiddle around with.

Let’s do it Linus’ way then. I’ll setup a patch submission mailing list and you can send your patch there. 😜

No, but seriously. Just attach your patches here. You haven’t even mentioned what changes you wish to make.