Skip to main content

Logging and GDPR

Comments

1 comment

  • Eric

    Howdy David,

    I'll start off by warning I'm not a lawyer, so please take this as technical advice and not legal advice. 😉

    Most apache servers are logging IP addresses even after the GDPR became law.  They get away with doing so with the cookie warning on their website.  (yes, that's the one)

    If you'd like to host w/o that cookie warning, you can tweak apache to log or not log or not log connections using this guide here.  https://infosec-handbook.eu/blog/wss6-logging-monitoring/

    You're going to use something like they mention:

      CustomLog ${APACHE_LOG_DIR}/access.log [GDPR-compliant-log-format]

    Thanks!

    0

Please sign in to leave a comment.