2

I can use log_format to remove the client IP from being written to the nginx access log. However, the error log always seems to include the client IP:

2018/05/18 15:43:55 [crit] 1234#1234: *1014 stat() "/var/www/initech/widgets.js" failed (13: Permission denied), client: 203.0.113.74, server: example.org, request: "GET /widgets.js HTTP/1.1", host: "example.org"

For GDPR compliance reasons I would like to stop the client IP from appearing in the error log. I know I can disable the error log entirely, but I don't want to do that. I want to fix the errors, not ignore them.

The Reverend
  • 21
  • 2
  • 1
    nginx supports [custom log formats via the `log_format` directive](http://nginx.org/en/docs/http/ngx_http_log_module.html#log_format), but the general understanding I have of the GDPR and error logging is that it's *generally* acceptable to collect IPs in error logs as long as there's log rotation and appropriate procedures/policies in place. See https://www.gdpreu.org/the-regulation/key-concepts/legitimate-interest/ – ceejayoz May 18 '18 at 15:55
  • 1
    There are quite a few situations in which the IP address in the error log is necessary. And it is not mandatory to remove it. – Michael Hampton May 18 '18 at 16:54
  • 1
    See [this](https://stackoverflow.com/questions/4246756/is-it-possible-to-specify-custom-error-log-format-in-nginx). – Tim May 18 '18 at 20:17

0 Answers0