Meso-rx And Ip Address Logging

I've had a few questions about IP address logging. I thought it would be good to share this with everyone.

The application that powers the MESO-Rx forum is called Vbulletin. By default, IP addresses are logged in two instances:

They are logged with each new registration. And they are logged with each new post. This IP data provides an extensive historical record.

The explicit purpose of the IP logging is to prevent/control spamming/trolling on the forum. Most forum administrators find this to be extremely useful for this purpose.

As some of you may have noticed, MESO recently found it useful to expose an individual who had been using multiple handles to troll/spam the forum.

While this may have been good for the forum, the amount of information obtained from his logged IP address records was troubling. MESO doesn't feel comfortable having this amount of information on anyone.

Unfortunately, most members do not use TOR or VPNs to protect their privacy. So this led to the following decision:

Effective December 11, 2013, MESO-Rx no longer maintains IP address logs as part of the Vbulletin application. These have been disabled. Furthermore, the historic record of IP address logs since the very beginning of the forum have been purged today. In other words, MESO has absolutely no IP address records stored for any current members in Vbulletin.

Members who have registered prior to today will not have any IP address records logged in Vbulletin going forward from this date.


Here are a couple of caveats:

First, IP addresses will continue to be logged for new member registrations in Vbulletin. The log will include ONLY the IP address used at the time of registration and NOT IP addresses linked to posts. However, MESO will purge this data every 30 days.

Secondly, the previous information is application-specific; it applies only to the Vbulletin application. I have been corresponding with MESO's web host regarding privacy issues related to IP addresses. IP addresses are logged at the server level (IIS) for troubleshooting purposes only; they are deleted within 30 days.

The type of logs collected are known as system logs and are not correlated with user data. They are maintained solely for troubleshooting.


MESO has the option of disabling these logs. But my web host has strongly advised against it. MESO has not ruled out disabling the logs in the future upon further review of the consequences of such an action.
 
Thanks for the proactive response on this issue! Now it's time to download TOR, since other forums don't seem to be as security conscious.

I encourage everyone to ask other forum administrators to at least purge the historic record of IP addresses logged by vbulletin.

I can completely understand why forum owners would be reluctant to disable IP logging linked to posts. This would make it more challenging to ban spammers/trolls. But at least they can purge the IP address records from the past.

It should be noted that disabling IP address logging in the vbulletin admincp options section is not sufficient. That will only prevent future logging. IN order to delete past logging, two simple SQL queries need to be run on the database.

This is all easily done.
 
Anyway you can add a SSL cert to the site?
This is on my to-do list. There are a couple of issues I need to fix particularly changing paths to images so it won't continually give errors e.g. partially encrypted/mixed content errors. Also, there may be some issues related to SEO and indexing of the site.
 

Misterboots

Member
Spyder or anyone who knows, what is SSL and how will it work to better MESO? Definitely not doubting, just interested. I feel like I have seen that when ordering things online, from like ebay maybe?

Thanks

B double O
 

Candyskull

Member
Spyder or anyone who knows, what is SSL and how will it work to better MESO? Definitely not doubting, just interested. I feel like I have seen that when ordering things online, from like ebay maybe?

Thanks

B double O

You gotta learn some Google fu bootsie. To sum it up really quick it's data encryption between host (this site) and users (us). It's a step in protecting your identity.

Now, go do these three searches for practice:

VPN
TOR
Proxy
 
Effective December 11, 2013, MESO-Rx no longer maintains IP address logs as part of the Vbulletin application. These have been disabled. Furthermore, the historic record of IP address logs since the very beginning of the forum have been purged today. In other words, MESO has absolutely no IP address records stored for any current members in Vbulletin.

Members who have registered prior to today will not have any IP address records logged in Vbulletin going forward from this date.


Here are a couple of caveats:

First, IP addresses will continue to be logged for new member registrations in Vbulletin. The log will include ONLY the IP address used at the time of registration and NOT IP addresses linked to posts. However, MESO will purge this data every 30 days.

The IP addresses for new member registrations between 2013-12-11 and 2014-01-05 have been deleted.
 
Top