Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

GDPR and Statistical Analytics

Discussion in 'General Discussion' started by nickwuk, Apr 6, 2018.

Tags:
  1. nickwuk

    nickwuk Member

    Joined:
    Jul 18, 2009
    Messages:
    22
    Likes Received:
    2
    Trophy Points:
    53
    IP addresses are considered as Personal Identifiable Information (PII) under GDPR and therefore, although there may be a legitimate reason for recording IP addresses in raw server logs to maintain security, does that mean that IP addresses stored by AWStats, Analog Stats, and Webalizer for analytics need to be anonymised by eg changing the last segment to zeroes? Is IP anonymisation an available option in this software, and if not then does that mean this software needs to be disabled in Cpanel?
     
  2. cPanelLauren

    cPanelLauren Forums Analyst
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    1,424
    Likes Received:
    98
    Trophy Points:
    103
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hello @nickwuk

    We have a blog post that addresses some points of GDPR compliance and how it affects cPanel, some quotes from that article that should be noted are as follows:

    With that being said there is not any built-in feature that allows for removal or modifications of IP addresses in the statistics but I would strongly advise you to open a feature request for this here: cPanel Feature Requests - the site is currently undergoing maintenance and should be up in the near future.

    Thank you,
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. lorio

    lorio Well-Known Member

    Joined:
    Feb 25, 2004
    Messages:
    276
    Likes Received:
    9
    Trophy Points:
    168
    cPanel Access Level:
    Root Administrator
    You have many logs, which contain the IP. GDPR is not demanding that do not record IP addresses. You need to document everything. That is the hard work. cPanel Update and you got a new logfile somewhere. So you might have an interest in keeping the amount of saved data as low as possible. That way exposure of data is minimized.

    cPanel could start offering some tools or help around removing logfiles and data. And to reduce the amount of data that gets saved. Reducing apache logging accountwise could be done via CustomLogs, which are piped through a script.
    E.g. scripts like this Anonip | Swiss Privacy Foundation

    IPs could be converted into hashes (quite common option in webanalytics to be able to follow people through webpages without storing IPs longer than needed). You can find such options in Wordpress analytics addons.

    GDPR gives people the right, to get an export of all their data saved with you. That is a bit tricky when you got everything cluttered around in many logs and databases. When GDPR is in action and the first court-rulings are done, we might see a consolidation in the reseller space. Or more software designed around handling data in compliance with GDPR.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    Dan70 likes this.
  4. nickwuk

    nickwuk Member

    Joined:
    Jul 18, 2009
    Messages:
    22
    Likes Received:
    2
    Trophy Points:
    53
    It looks like AWStats and the like simply read IP data from the raw access logs ie no dedicated storage log, and I would hope that IP's in raw access logs are exempt from anonymising on the grounds of security (GDPR Recital 49 - I'm waiting for a response from the ICO on this question about exemption), although the requirement to minimise the length of time PII data is stored would have an impact on statistical history (unless using anonymisation as lorio mentions). If IPs in raw access logs were to be exempt then the right of access and portability I assume would not apply, however is there then still a GDPR issue with sharing those IPs with third party statistical analysis software?

    It will be interesting to see the response from well known Wordpress security plugins. There is obviously other software that does store IP addresses for purely for statistical analysis which as I understand will need to anonymise those IPs.
     
  5. cPanelLauren

    cPanelLauren Forums Analyst
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    1,424
    Likes Received:
    98
    Trophy Points:
    103
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hi @nickwuk

    If you do get a response from the ICO on the question could you post it here? It may be useful for other members in the future.

    I also want to note if the issue is the length of storage time you can control the length of time you keep logs. Speaking specifically of the domlogs (domain access logs or raw access logs) you can modify the amount of time you keep them directly from WHM in Tweak Settings under Stats and Logs there are a few options:

    - Delete each domain’s access logs after statistics are gathered
    This setting will force the system to delete all access logs after each run. The Metrics data will be present but the actual log files will be removed

    - Archive logs in the user's home directory at the end of each stats run unless configured by the user.
    This option will only be used if the user does not configure their log archiving preferences in cPanel and will archive their logs in /home/$user/logs/

    - Remove the previous month's archived logs from the user's home directory at the end of each month unless configured by the user.
    This option will only be used if the user does not configure their log archiving preferences in cPanel.

    cPanel also has some logs it rotates which can be modified as well such as ModSecurity,UPCP etc.

    You can also modify logrotate to modify any log files at specific intervals of your choosing
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    Dan70 likes this.
  6. lorio

    lorio Well-Known Member

    Joined:
    Feb 25, 2004
    Messages:
    276
    Likes Received:
    9
    Trophy Points:
    168
    cPanel Access Level:
    Root Administrator
    If you think about certain countries with data retention laws, you might are not allowed to delete data for a certain time-span. Every country can overrule parts of GDPR (mostly tax related)

    You're correct, that the Stattools offered via cPanel are accessing the logfiles. There is no other source. That makes is easier than using e.g. Google Analytics but IPs are stored. In e.g. Germany there are websites, which log 127.0.0.1 for every webaccess.
    This is stated in the data-protection information on these website. Some use thirdparty tools to tweak the storage behavior
    github.com/webfactory/mod_log_ipmask

    Many wordpress plugins with analytics or security functionality are offering tools to delete or change IP addresses in logfiles since years. Nothing new beside you now have a generic label "GDPR" to make it more easy to find such functions.
    Eg. Deleting and shorting IP:
    blog.nintechnet.com/ninjafirewall-general-data-protection-regulation-compliance/
    E.g Hashing IP:
    wp-statistics.com/2017/05/26/settings-page/

    The core of wordpress seems to get GDPR functionality as well.
    Proposed roadmap: Tools for GDPR compliance

    GDPR is not forbidding saving all this stuff. There are reasons to save IPs for longer times.

    I would like to see a way, to setup data retention time span and format of logging for every website via cPanel. Just a small step, when you think about all the logs and datastreams. The website seems to be a bigger part with all the external scripts (e.g. Google Analytics is known, but you have the same IP issue with Google Fonts and Google Maps.).
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #6 lorio, Apr 11, 2018
    Last edited by a moderator: May 7, 2018
    Dan70 and Infopro like this.
  7. Dan70

    Dan70 Member

    Joined:
    May 18, 2016
    Messages:
    19
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    Hamburg
    cPanel Access Level:
    Root Administrator
    Hi, since I think it adds to this discussion, I add it here...

    I followed cP's instructions and in WHM set the logging times etc...
    but I still wonder about tools like ie. cpHUlk, or the csf firewall or the blacklist ... how long is that IP data stored? Even hackers have in the eyes of Brussels a right of privacy and to be "forgotten"

    And do these tools transmit any data from my server, ie. to check with spam blacklist
    What about SpamAssassin? Does it transfer personal (ie. IP) data off my server?
    Any tool I have not mentioned yet?

    Thx a million to you all
    Dan
     
  8. cPanelLauren

    cPanelLauren Forums Analyst
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    1,424
    Likes Received:
    98
    Trophy Points:
    103
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hi @Dan70

    As far as cPHulk is concerned the amount of time you store logged data on your server is completely up to you, the logs can be set to be rotated out on a timed basis. For CSF the logs for IP's blocked or seen via CSF are logged to /var/log/messages this would depend on your logrotate settings. For IP's in the blacklist, whitelist and ignore list they would remain there indefinitely unless removed as far as I understand it, you may want to check with CSF for more specifics on that though.

    I know that the server does DNS lookups but they do not transfer actual data off the server. SpamAssassin does pass data through to DNSBL's to check if an IP is on a blacklist but that information isn't stored remotely.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    Dan70 likes this.
  9. Dan70

    Dan70 Member

    Joined:
    May 18, 2016
    Messages:
    19
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    Hamburg
    cPanel Access Level:
    Root Administrator
    HI Lauren, thank you... the logrotation, is that the same I set in WHM (2 tabs with logging)?

    Thx a million

    Dan
     
  10. cPanelLauren

    cPanelLauren Forums Analyst
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    1,424
    Likes Received:
    98
    Trophy Points:
    103
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    HI @Dan70

    Logrotate does essentially the same thing as cPanel's log rotation but goes beyond cPanel logs present at WHM>>Service Configuration>>cPanel Log Rotation Configuration. Information on logrotate can be found here: logrotate(8) - Linux man page
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    Dan70 likes this.
  11. Dan70

    Dan70 Member

    Joined:
    May 18, 2016
    Messages:
    19
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    Hamburg
    cPanel Access Level:
    Root Administrator
    excellent thank you...will look into this!!
     
  12. Dan70

    Dan70 Member

    Joined:
    May 18, 2016
    Messages:
    19
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    Hamburg
    cPanel Access Level:
    Root Administrator
    HI, found the next thing I don't know..

    in cPanel under Raw Logs, i find many old "
    Archived Raw Logs"
    am not aware I ever archived them...how can i (auto) remove all ?

    Thx

    Dan
     
  13. cPanelLauren

    cPanelLauren Forums Analyst
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    1,424
    Likes Received:
    98
    Trophy Points:
    103
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hi @Dan70

    If you go to WHM>>Server Configuration>>Tweak Settings you can disable Raw Access log Archiving:

    Both of these are on by default so you should only have one previous month's logs but if you don't want to archive any logs you can disable the first option.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    Dan70 likes this.
  14. Dan70

    Dan70 Member

    Joined:
    May 18, 2016
    Messages:
    19
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    Hamburg
    cPanel Access Level:
    Root Administrator
    Hi, thx... will try...but I see logs from 2017... can I delete these somehow?

    Thx

    Dan
     
  15. cPanelLauren

    cPanelLauren Forums Analyst
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    1,424
    Likes Received:
    98
    Trophy Points:
    103
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    The only way to do this is to login via SSH or use the file manager to remove them manually
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  16. Dan70

    Dan70 Member

    Joined:
    May 18, 2016
    Messages:
    19
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    Hamburg
    cPanel Access Level:
    Root Administrator
    HI Lauren, thank you... can you hint me to which folder I will have to look for to delete them?
    Thx again

    Dan
     
  17. cPanelLauren

    cPanelLauren Forums Analyst
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    1,424
    Likes Received:
    98
    Trophy Points:
    103
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hi Dan,

    Sorry about that! They will be located at /home/$user/logs/

    Thanks!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  18. naughtysquid

    naughtysquid Registered

    Joined:
    May 17, 2018
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    Sorry to dig up an older thread, but this comes up 2nd when googling and it's still open. I'm finding the answers here insufficient.

    Could a cpanel rep answer this:
    "Delete each domain’s access logs after statistics are gathered"
    - What's contained in them? Is this the "Raw Access" section in Cpanel for each domain?

    "Archive logs in the user's home directory at the end of each stats run unless configured by the user."
    - Where do we configure that?

    Not related to GDPR, but:

    "Include password in the raw log download link in cPanel (via FTP)."
    - Erm what, store the password? This can't be good for anyone's security?
     
  19. cPanelLauren

    cPanelLauren Forums Analyst
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    1,424
    Likes Received:
    98
    Trophy Points:
    103
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hello @naughtysquid

    cPanel access logs contain GET and POST requests for traffic to the site. They are the contents of "Raw Access Logs".

    In cPanel>>Metrics>>Raw Access there are two checkboxes at the top:

    Actually, this appears to serve no useful purpose and we do have an open case to have it removed CPANEL-20514 - the actual logs it's referencing aren't present. It looks like the case is set to be resolved for v74 of cPanel but until then you can disregard the setting.


    Thanks!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  20. naughtysquid

    naughtysquid Registered

    Joined:
    May 17, 2018
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    Okay thanks.

    In regards to AWSTATS, does it keep a record of users IP? Need to make sure our logs are cleaned of stuff like that, as I imagine once AWSTATS has done it's thing, it doesn't actually need the log files it uses?

    Can't find anything about dealing with the logs for that.
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice