IP address is also written to (intranet|opac)-access.log. There is no user information logged, but there might be enough URL and browser information logged to leak the user's identity, especially in combination with information in the database. On Sun, Jun 25, 2017 at 4:45 PM, Chris Cormack <chrisc@catalyst.net.nz> wrote:
* Indranil Das Gupta (indradg@gmail.com) wrote:
Hi,
As $SUBJECT says. Do we?
Once a user is logged in, their ip is stored in the session data. If you are using mysql or disk for this, and never purge them then you effectively log IP numbers for logged in users. However if you use memcached or purge the tables, they are only there a short time.
(This is discounting webserver logs of course)
Hope this helps
Chris
regards indranil
-- Indranil Das Gupta L2C2 Technologies
Phone : +91-98300-20971 WWW : http://www.l2c2.co.in Blog : http://blog.l2c2.co.in IRC : indradg on irc://irc.freenode.net Twitter : indradg _______________________________________________ Koha-devel mailing list Koha-devel@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
-- Chris Cormack Catalyst IT Ltd. +64 4 803 2238 PO Box 11-053, Manners St, Wellington 6142, New Zealand
_______________________________________________ Koha-devel mailing list Koha-devel@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/