In the last month my development focus has been on General Data Protection Regulation ( GDPR ) and the changes required to my oik-bwtrace plugin that will enable me to continue to use it on publicly accessible live sites.
[bw_fields featured]
Affected areas
- Trace files should not be generally accessible using the browser.
- Output should not be kept longer than necessary.
Solution
- All trace files must be stored within a user defined directory.
- This directory should not be accessible using a browser.
- Admin function to purge files older than a user defined retention period.
This solution has been developed for oik-bwtrace v3.0.0. Alpha versions of the plugin have been tested on my sites and are now available from [github bobbingwide oik-bwtrace] and [bw_link oik-plugins.com].
Recommendation for current users
If you have oik-bwtrace installed and activated on a publicly accessible site - live or staging.
- Upgrade to the new version as soon as possible.
- Visit Settings > oik trace options
- In the Options box
- Deselect the Trace enabled checkboxes
- Save changes
- In the Trace files box
- Set the
Trace files directoryto the home directory. - Set the
Retention periodto 0. - Save changes.
- then Purge trace files
- Set the
- If you want to continue using trace on the site
- Change the
Trace files directoryto a folder which is not accessible from a browser.
- Change the
- If you want to continue to keep Daily Trace Summary logs then select the
Log transactions to daily trace summary filecheckbox. - Otherwise, deactivate the oik-bwtrace plugin.
If you are using oik-bwtrace for local development then you'll still have to set a Trace files directory in order to be able to continue to use the output.
The post GDPR and oik-bwtrace appeared first on herb miller.