IP-Address has to be removed from comments… how does this work with Antispam B

  • Resolved Jürgen

    (@trimension)


    1 year, 1 month ago

    Hello…

    since the dsgvo does not allow the permanent storage of IP addresses, they must be deleted before the comment is saved. I use the “preprocess_comment” hook, which sets the IP address for all comments to 0.0.0.0 (Deleting the IP saves the own server IP)

    However, this could mean that all IP address checks by Antispam-Bee will come to nothing. The storage of spam comments for later recognition is also likely to be affected.

    It would be ideal to only delete the IP addresses of non-spammers after all the spam checks, but unfortunately the checks all take place later. Is there a solution for this problem?

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Contributor Torsten Landsiedel

    (@zodiac1978)

    1 year, 1 month ago

    Hi @trimension !

    since the dsgvo does not allow the permanent storage of IP addresses, they must be deleted before the comment is saved

    Yes, the permanent storing is not allowed, but you don’t need to delete the IP address immediately.

    Fighting spam is necessary and therefore a legitimate interest. To respect the GDPR and fight spam, you can use plugins which delete the IP after a specific amount of days.
    https://de.wordpress.org/plugins/dsgvo-tools-kommentar-ip-entfernen/

    If you want to use the local spam db feature in Antispam Bee you can also delete spam comments one day before the IP address is deleted, so you can have both.

    The other way to solve this would be to uncheck the local spam db feature to prevent false positives.

    Hope this helps!
    All the best
    Torsten

    Thread Starter Jürgen

    (@trimension)

    1 year, 1 month ago

    Hi Thorsten,

    Yes, I’m well aware of that… but it’s time-consuming and ultimately just a crutch…

    The plugin does not distinguish between ‘spam’, ‘trash’ and ‘normal’ comments when deleting IPs and deletes all existing, which is probably not even necessary…

    A better solution would be not to save the IP address at all for NON-Spam comments in the first place. Storing spam comments with IP addresses should not violate the GDPR as there is a continuing legitimate interest here (Blacklist)

    But the problem is that I don’t have a hook that would allow me to remove the IP address after the spam checks but before saving…

    The correct hook would be “preprocess_comment” but the spam checks happen later so I don’t know which IPs to delete and which not. The “pre_comment_approved” hook would be suitable here, but unfortunately it only filters the spam identifier itself… The comment data cannot be manipulated here 🙂 It should happen between the “pre_comment_approved” and the save into the db…

    Hence my question, is there a way to implement this, because that would be the cleanest solution, I think 🙂

    Plugin Contributor Torsten Landsiedel

    (@zodiac1978)

    1 year, 1 month ago

    Hi @trimension

    I discussed this with the team today, and we want to check how we want to proceed on the matter at our next Hackathon before WordCamp Germany. Maybe I can provide a solution then (or before, if someone has the time to try our ideas).

    At the moment, it is recommended to not save the IP at all for a comment:

    function wpb_remove_commentsip( $comment_author_ip ) {
return '';
}
add_filter( 'pre_comment_user_ip', 'wpb_remove_commentsip' );

    If the IP column is empty, we skip the check. You shouldn’t use a local IP (127.0.0.1) or another default IP address in combination with the local spam db. This would lead to all comments being marked as spam.

    Hopefully we have a better solution soon.

    All the best
    Torsten

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘IP-Address has to be removed from comments… how does this work with Antispam B’ is closed to new replies.

Tags