I am interested in finding a way to make apache be pseudo-anonymous in its logging. Your actions would be traced to your pseudonym, but NEVER to your actual identity. I've got some php scripts that currently act on IP addresses to see if you've already done something so you don't do it again, but I really don't like logging people's IP addresses when possible.
However, there are a number of reasons why a webserver would not want true anonyminity (in otherwords I dont just want to change LogFormat to remove IPs completely), such as dealing with abuse, log analysis (analog uses IP addresses to make a best guess of unique visitors based on IP), etc. I thought of saving IPs by doing a one-way hash on them (like a md5 sum?) which would preserve the uniqueness of the IP but also preserve the anonyminity - however in hashing IPs the search space is too small, with a big iron you could run through the possible hashes in about an hour, so it could be undone without much effort. IPv6 would change this of course. Is there an apache mod to do this? Has someone done this with a mod_perl thing? Does anyone have any good ideas on how to do this? I am looking for specifics, not something like "Write a perl script, that'll do it". Thanks! Micah
