Textpattern CMS support forum
You are not logged in. Register | Login | Help
- Topics: Active | Unanswered
Does someone use the Tab "Visitor Logs" - the IPs
Hello
In Germany we just have a low level data-privacy-decision. Following this decision furthermore it is not allowed to log the IP and the Hostname-Data of a user. In textpattern there are two component which use this data.
It’s the content comment view and the “Visitor Logs” view.
My question now is: Can somenone put his experiences hier i.e. a link to a separate article, which will demonstrate a problem, where you have need one of this tools?
Thanks for any help and
Best Regards
Wolfgang
Offline
Re: Does someone use the Tab "Visitor Logs" - the IPs
The IPs and the hostname data is logged to protect you from referrer and comment spammers
ie
- If the IPs are disabled in content comment view, you will not be able to block any insistent spammers and you will have to be cleaning up your site in a daily basis.
- If the IPs were not looged in the referrer stats you will not be able to block spam referrers in your htaccess file.
Sometimes spammer IPs lie within a range a a simple htaccess rule can block all the ips in that range instead of either having to clatter your htaccess file with all the domains or all the ips..
In short. IP logging is one of the only defence weapons we have to protect our sites from spammers.
If your server resides in Germany maybe you should follow Mario’s advice offered on a (very different) general topic discussion.
Last edited by colak (2007-10-23 13:01:02)
Yiannis
——————————
NeMe | hblack.art | EMAP | A Sea change | Toolkit of Care
I do my best editing after I click on the submit button.
Offline
Re: Does someone use the Tab "Visitor Logs" - the IPs
The physical location of one’s server doesn’t matter at all. BTDT.
Offline
Re: Does someone use the Tab "Visitor Logs" - the IPs
> The physical location of one’s server doesn’t matter at all. BTDT.
I think you are right …
Offline
Re: Does someone use the Tab "Visitor Logs" - the IPs
When Germany passes a law, the rest of Europe follows after a few years. What is the discussion over there regarding site security issues? I can fully understand the privacy issues but what do legit site owners say regarding their own rights?
Yiannis
——————————
NeMe | hblack.art | EMAP | A Sea change | Toolkit of Care
I do my best editing after I click on the submit button.
Offline
Re: Does someone use the Tab "Visitor Logs" - the IPs
An indication: The German Federal Minister for economy and technology has employees who operates the Internetz for him. I would not expect reasonable legislation from representives who have no relation to the web at all, at best, or consider it a threat. In the first place, site owners presumably are part of this threat for them.
Offline
Re: Does someone use the Tab "Visitor Logs" - the IPs
I think that this kind of law is quite “stupid” and non-working.
- Who will even supervise this?
- It won’t never cover whole world nor Europe.
- What about site’s own safety?
- “Is IP even so personal”?
- Does this law even help anything?
And what comes to Finland, I have to say, that this kind of law, will not probably come here during this century. Finland is quite against these kind of laws. After all our laws differ a lot from rest of the Europe, what becomes to privacity.
In another words I can sell your IPs and another information to others if I don’t promise other, if little plain the law ;) so don’t browse sites that are own by Finnish and hosted in Finland, heh – just kidding. But we must provide agreement if we log something personal up in any case. But no-one observes this in general.
Cheers!
Last edited by Gocom (2007-10-23 16:17:25)
Offline
Re: Does someone use the Tab "Visitor Logs" - the IPs
Hi Jukka
Unfortunately I have possible answers to your list above:(
- Your enemies/competition who can report you at any time
- Not if the governments get their own way
- Unfortunately governments never cared about the individual’s safety
- IP can be personal if you have a static one which can be used to hack your computer.
- In my view it creates more problems than it is attempting to solve
I agree with the Finish loaw regarding the privacy agreement. At least only those who break it can be prosecuted.
Yiannis
——————————
NeMe | hblack.art | EMAP | A Sea change | Toolkit of Care
I do my best editing after I click on the submit button.
Offline
#9 2007-10-24 20:16:31
- marios
- Archived Plugin Author
- Registered: 2005-03-12
- Posts: 1,253
Re: Does someone use the Tab "Visitor Logs" - the IPs
Seems to be a still a little in the gray area, all based on the Voss/Heise case from 2003. The District Court of Darmstadt then rules against Heise, that T-Online is bound legally, to delete session-based IP data from their logs in January 2006.
T-Online then files an appeal to the Federal Court of Justice in oct 2006, which is also lost, and the decision
applies more generally to all German ISP ( quote from the source below )
Below is the quote from the following resource
The decision (German) does not mean that T-Online is now obliged to delete all their IP-logs, the customers first need to complain. But, if they ask T-Online to delete their IP-logs, the ISP has no other choice than to comply. A lawyer from Frankfurt already sketched a sample letter to make this process easier.
So on one side of the fence you now have the European Mandatory Data Retention Directive of 2006 that stranded on European Shores with the whole Binlanded9/11/muppet-show fraud,
and on the other side you have legal ground to take down session based data, which is the quintessence of most commercial web-applications and e-commerce would of course not work without that.
Most strangeley enough, the T-Online case is based on Holger Voss prosecution in 2003 for supposedly having endorsed the 9/11 bomb attacks. ( Which where meant as a joke ).
Doesn’t make any sense to me. Need to do some more research on that.
However, seems to me like the thing you ought to do legally until now, (As a websiteowner and not as an ISP), is to put a legal notice on your Site, informing your Customers, that the Software, that you use to serve up your Site has logging features build in (as most CMS software does), and tell them that if they wish it to be removed, to send an e-mail to the webmaster, but otherwhise, if the customeris after the Serverlogs, please to contact the ISP directly
On the other hand, if there’s any court decision, that legally bounds you to not keep any session data as a Site Owner (Which I doubt there is), after the session expires, it can just be switched off entirely right from within the prefs, or be deleted manually on request by request situation.
P.S.: Here is an example of legal notice, how karlsruhe.de is doing it.
May be you could use that as a draft
regards, marios
Last edited by marios (2007-10-24 20:48:16)
⌃ ⇧ < ⎋ ⌃ ⇧ >
Offline