Closed Manuel-Innovapps closed 2 months ago
@Manuel-Innovapps You've written "1. Enable setting customersettings.storeipaddresses". But in this case IP addresses will be store in the [Customer] table as well. Did you mean "1. Disable setting customersettings.storeipaddresses"? So when disabled, then IP address should not be stored in [Customer] and [Log] tables?
@AndreiMaz I'm sorry for the confision, this is exactly what I meant.
They should especially not be stored in logs, if a customerId is passed. But I think generalizing to all logs should work out just fine.
Closed #7155
nopCommerce version: 4.60.x +
Steps to reproduce the problem:
customersettings.storeipaddresses
Based on the GDPR this is not allowed, as with this log file the displayed IP address can be directly associated with the customer.
Proposed solution: If
customersettings.storeipaddresses
is disabled, IP addresses in the logs should not be stored for registered customers (or even any customers).https://github.com/nopSolutions/nopCommerce/blob/8ad98f390753bce78fed8cdc6f712ffdb513fe2b/src/Libraries/Nop.Services/Logging/DefaultLogger.cs#L191-L201