Cryptolog enhances user privacy by logging ephemeral identifiers rather than actual client IP addresses in Drupal's database tables and syslog.
Once enabled in a site's settings.php file, Cryptolog replaces the PHP global variable $_SERVER['REMOTE_ADDR'] with an HMAC of the client IP address, using a salt that is stored in memory and regenerated each day.
Because Cryptolog uses the same unique identifier per IP address for a 24-hour period, it is still possible to do some statistical analysis of the logs such as counting unique visitors per day. In addition, unlike other solutions of setting $_SERVER['REMOTE_ADDR'] to either one static IP address or a completely random IP address, Drupal's flood control mechanisms still function as normal.
Drupal modules will submit the hashed IP address to remote services (e.g. a credit card payment gateway); therefore Cyptolog effectively anonymizes IP addresses sent to third-party services (aside from services which receive HTTP requests directly from the end user).
Note: As long as the salt can still be retrieved, brute force can be used to generate a rainbow table and reverse engineer the client IP addresses. However, once the salt has expired and a new salt regenerated, or the web server has been shutdown or restarted, it should not be feasible to determine client IP addresses, aside from using forensic methods on unencrypted swap space etc.
Requirements: One of the following: Memcache Drupal module, APCu PHP extension, APC PHP extension or XCache PHP extension are currently required as a memory-based key/value store for the salt. The backend store will be chosen automatically based on which PHP extensions are loaded, with a preference for Memcache which can be shared between servers.
Acknowledgments: This module was inspired by the Cryptolog Python log filter script.
Similar modules: IP anonymize logs IP addresses as per normal, and then retroactively scrubs them according to a configurable IP address retention period.
Drupal 8: An initial Drupal 8 version of this module is available, which uses a kernel request event subscriber to modify the client IP address on each request.