-2

I'm setting up a new server for a website. I want to ensure that my users' privacy is well protected (at least from my side). Initially I wanted to not track IP addresses at all. However, I need some rough estimation of the user's location so that I know where in the world to place my servers to improve access speeds. The city and even region is not that important, I'm only concerned with the country.

Instead of not logging IPs at all, I decided to rather anonymize them. I want to anonymize as many octets of the IP as possible (increase anonymity), but still have a good pinpoint of the country (accuracy).

I found a few articles that discuss this, but they are only concerned with a single octet. According to those articles, about 1-5% of countries might be misclassified if one octet is anonymized.

Does anyone know (more or less) how this accuracy looks like when anonymizing 2 or 3 octets?

Robert Ruter
  • 11
  • 2
    Approximately zero. – Michael Hampton May 10 '18 at 09:13
  • The past few hours I've been implementing a script to check a range of different IPs. With 2 obfuscated octets, the majority are wrong. Although it seems that the continent is still correct - but that might be a coincidence. – Robert Ruter May 10 '18 at 12:06
  • And after thinking a bit, it is kind of obvious. If you have a class A or class B IP and the company/ISP is in control of the entire sub-range, 2 obfuscated octets are still detecting the country accurately, since those companies control the entire range. If the ISP does not control all the IPs or uses a class C, detection is pretty much 0. Since most home users have one of the latter IPs, it seems like 1 octet is the limit. – Robert Ruter May 10 '18 at 12:11

1 Answers1

0

Instead of obfuscating parts of the IP address (198.51.100.xx, 198.51.xx.xx, 198.xx.xx.xx) do the GeoIP resolution against a local database and log only the country. This way you'll have accurate statistics without storing any parts of the IP. The local database is crucial as you don't want to send the IP addresses to a 3rd party.

Esa Jokinen
  • 43,252
  • 2
  • 75
  • 122