mod_removeip - remove information about the remote IP This module throws away the information on the remote IP and hostname right at the beginning of handling the request. That means its not logged, is not available to any web apps, and can't leak into error logs and the like. This is written for use on servers with a strict policy on protecting the identity of their users. If the Spooks come and demand that you hand over your server so they can try to identify one of your users, this should be enough that you can categorically state that there is no IP info to be found, and might mean your server doesn't go offline. There is currently no facility for enabling the module on a per site or per directory basis. It's an all or nothing thing. This is because the intent is to make sure IP info is not on the server at all. If people want more configurability, I might release an alternative version. I've included some configuration files as they'd appear on a typical debian apache installation. They may be instructive for other distributions. There's talk of getting a .deb file put together shortly. Compile and Install for 2.0: cd apache2.0 make removeip make install Configuration Directives: REMOVEIPenable On # Enable module. Nothing happens without this directive. Author: Bernd Holzmüller <bernd@quarxconnect.de> Andrew McNaughton <andrew@scoop.co.nz> Based on code from mod_rpaf by Thomas Eibner <thomas@stderr.net> License: Apache License