How to hide commentor’s IP addresses
-
I wanna have a blog with more than one authors and admins,
for security of my visitors, I’m interested in hiding my own IP address and those of people who commentI used to do this by editing the php files when I had wordpress on my own host
But how can I do it on wordpress.com?
I think keeping IP addresses should be an option that is set to “don’t!” by default, is there anyway to make that happen?
-
So far as I am aware, all IP’s are hidden on WordPress.com. They are visible in the Dashboard of your blog, but not visible to blog users.
-
If you are talking about in the dashboard comments page, then that is not possible here.
My suggestion would be to send your request in to support so that they can put it on their list for consideration. http://wordpress.com/contact-support/ .
-
they are invisible to users, but they are visible to contributors and admins, I just wanna turn that option off , IP addresses are too important in some cases you do not wanna put people’s information at risk!
-
That is not an option at WordPress.com. I, personally, would not make anyone admin or contributor if I did not trust them with my IP address; after all, if you’ve ever emailed them, they have your IP address!
-
yes raincoaster if your blog is about fashion and kittens you probably won’t care! but you need to realize some communist and Islamic countries prosecute internet users for political activities, for example China and Saudi Arabia! so IP address may not look important to you now but if you were a human right activist or simply someone from these countries who has some brain and want to use it on net, then your IP address will be pretty damn important for you! cause your IP address will be the difference between life and death for you.
It’s not just that you trust people or not, what if you get hacked somehow, then the hackers (government agents?!) will have all email addresses, nicknames and IP addresses of your visitors, they can find locations and etc, therefore you are simply putting people’s lives on risk by letting your blog store their IP addresses
people in such countries learn to hide their IP addresses, not all email services send your IP when you send email.
But not all your visitors are smart enough to know how to do that!
Not only that, but having your IP address will give an attacker direct access to your computer, and he can TRY to nail you down, why give sick people this valuable tool?! most social networking and even chat programs try to hide IP addresses, why should wordpress give it out like it’s not important at all?
Whether you agree or disagree with importance of IP addresses, I think everyone can agree that nobody is gonna die for making IP address recording an option! if you like this option you’ll use it and if you don’t, you wont! so why not make it “optional” ?!
Don’t you think it’s silly for wordpress to force everyone to use something that could potentially be dangerous to some users?
-
The only way to hide them is to go self-hosted and then “hack” the underlying wordpress PHP script files. Making sure that information is not kept though will take quite a bit of trial and error since the IP addresses are held in the database, and you would have to make sure that that section of the code was disabled so that the addresses were not recorded.
And, every time you update WordPress, you will have to go through the same “hacks” again, and if wordpress makes changes in those sections of the PHP scripts, you will again be doing it by trial and error.
-
WordPress.com doesn’t show the comment poster’s IP publicly. It can be seen only by administrators and editors of the blog who can moderate comments.
Changing WordPress to hide the IP from administrators doesn’t solve the problem you think it does. Someone posting a comment on your blog still has to trust that you have successfully and honestly changed the WordPress code to hide it. But the point is that they don’t trust you (if they did there wouldn’t be a problem).
The biggest risk to someone in a repressive country is that their internet connection is monitored. Whether or not the IP address is recorded by WordPress has no effect on that.
-
>WordPress.com doesn’t show the comment poster’s IP publicly. It can be seen only by administrators and editors of the blog who can moderate comments.
And that is still a bad thing, it should be optional
>Changing WordPress to hide the IP from administrators doesn’t solve the problem you think it does. Someone posting a comment on your blog still has to trust that you have successfully and honestly changed the WordPress code to hide it. But the point is that they don’t trust you (if they did there wouldn’t be a problem).
You are misunderstanding the issue, the issue is not the trust of users, the issue is keeping them safe.
people can be pretty much traced and found by IP addresses, so giving regimes people’s IP addresses will simply lead to their arrest, I’m not claiming this will totally secure people all around the world, what you are saying is like saying one should not try to abolish cancer because there are other causes for death too :)>The biggest risk to someone in a repressive country is that their internet connection is monitored. Whether or not the IP address is recorded by WordPress has no effect on that.
Not true, accounts on wordpress can always be hacked from security holes in other softwares, also people you trust may simply “change”!, that’s why the responsible thing for word press to do is to making IP recording optional.
-
thesacredpath, I know that and I have done it before, it’s not that hard to do really, you need to change the sql insert command so that it inserts 111.111.111.111 instead of the actual command.
But I don’t wanna host my own blogs because of some other problems, I rather use wordpress.com how can I make wordpress.com hear my suggestion and reasoning?
-
accounts on wordpress can always be hacked from security holes in other softwares
I know that you have valid concerns about safety but in the 2+ years I have been hosted here on wordpress.com, not a single blog has been hacked. In every single instance, the claim of “I’ve been hacked” has been the result of people sharing logins and passwords, or simply having a password that is easy to guess. So while the security of the self-hosted WordPress may be an issue, to make a claim that the software used here is vulnerable, is, at best, misleading.
also people you trust may simply “change”
This is your real vulnerability. And the only way to avoid that is to trust no one.
-
Are there any plans to increase the visibility of the IP address. I know one software…shinystat or stemeter allowed us to name the IP user and then moniter his/her conduct and stats on the site. It also gave us insight into the ISP of the commentator
Is Wordpres looking at any of these tools that will help us manage the blog better. For example..if we discover that 30% of the hits are from Italy, we can begin Italian translations with an Italian flag etc etc etc.
Is there a suggestion box in WordPress. If not why not?
-
one quick note, to disable this feature, edit /wp-includes/comment.php
Find:
$result = $wpdb->query( $wpdb->prepare(“INSERT INTO $wpdb->comments
(comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_author_IP, comment_date, comment_date_gmt, comment_content, comment_approved, comment_agent, comment_type, comment_parent, user_id)
VALUES (%d, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %d, %d)”,
$comment_post_ID, $comment_author, $comment_author_email, $comment_author_url, $comment_author_IP, $comment_date, $comment_date_gmt, $comment_content, $comment_approved, $comment_agent, $comment_type, $comment_parent, $user_id) );Change to:
$result = $wpdb->query( $wpdb->prepare(“INSERT INTO $wpdb->comments
(comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_author_IP, comment_date, comment_date_gmt, comment_content, comment_approved, comment_agent, comment_type, comment_parent, user_id)
VALUES (%d, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %d, %d)”,
$comment_post_ID, $comment_author, $comment_author_email, $comment_author_url, “111.111.111.111”, $comment_date, $comment_date_gmt, $comment_content, $comment_approved, $comment_agent, $comment_type, $comment_parent, $user_id) ); -
@arashbikhoda – did you read this? https://en.forums.wordpress.com/topic/7-things-to-know-before-posting-in-wordpresscom-forums?replies=1
We do not have access to php files here at wordpress.COM
-
@moinansari – yes there is a “suggestion box” You can either post in the ideas forum or send it to support
-
@ arashbikhoda
This is wordpress.COM. We do not have access to the underlying theme or wordpress files and probably never will since this is a multi-user platform and everyone shares the same files. A change made by one effects everyone else whether they want it or not.
Your solution is for self-hosted blog – which are supported at http://wordpress.ORG/support/ .
This sticky post at the top of the forum explains the difference between .COM an .ORG: https://en.forums.wordpress.com/topic/please-read-me-first-before-posting?replies=1
-
-
I mean I asked arashbikhoda to explain in public cause he sent me a private message explaining this
-
Posting it here in the wordpress.COM forums though only confuses those here at wordpress.COM. Someone is bound to come along and want to know how they access the files here at .COM so they can do this. They will say, “but it says I can in this forum thread I read… see, here it is.”
- The topic ‘How to hide commentor’s IP addresses’ is closed to new replies.
WordPress.com Forums 