🌎 IP address anonymizer for Ruby and Rails
Works with IPv4 and IPv6
Designed to help with GDPR compliance
Add these lines to your application’s Gemfile:
There are two strategies for anonymizing IPs.
This is the approach Google Analytics uses for IP anonymization:
- For IPv4, set the last octet to 0
- For IPv6, set the last 80 bits to zeros
IpAnonymizer.mask_ip("220.127.116.11") # => "18.104.22.168" IpAnonymizer.mask_ip("2001:4860:4860:0:0:0:0:8844") # => "2001:4860:4860::"
An advantange of this approach is geocoding will still work, only with slightly less accuracy. A potential disadvantage is different IPs will have the same mask (
22.214.171.124 both become
Transform IP addresses with a keyed hash function (PBKDF2-HMAC-SHA256).
IpAnonymizer.hash_ip("126.96.36.199", key: "secret") # => "188.8.131.52" IpAnonymizer.hash_ip("2001:4860:4860:0:0:0:0:8844", key: "secret") # => "f6e4:a4fe:32dc:2f39:3e47:84cc:e85e:865c"
An advantage of this approach is different IPs will have different hashes (with the exception of collisions).
Make sure the key is kept secret and at least 30 random characters. Otherwise, a rainbow table can be constructed. You can generate a good key with:
request.remote_ip in Rails.
For masking, add to
config.middleware.insert_after ActionDispatch::RemoteIp, IpAnonymizer::MaskIp
For hashing, use:
config.middleware.insert_after ActionDispatch::RemoteIp, IpAnonymizer::HashIp, key: "secret"
- Logstop - Keep personally identifiable information (PII) out of your logs
View the changelog
Everyone is encouraged to help improve this project. Here are a few ways you can help:
- Report bugs
- Fix bugs and submit pull requests
- Write, clarify, or fix documentation
- Suggest or add new features
To get started with development:
git clone https://github.com/ankane/ip_anonymizer.git cd ip_anonymizer bundle install bundle exec rake test