New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Stats must be explicitly disabled, leading to GDPR non-compliance by default. #142
Comments
Fixed in Sympl, a fork of Symbiosis. |
This issue is about upgrades from older versions of Symbiosis. As Sympl does not support upgrades from Symbiosis (why not?) it is NOT "Fixed" in Sympl, is it? |
FYI, Sympl doesn't officially support in-place upgrades from Symbiosis as there are numerous other packages included in most Symbiosis installs which are unmaintained. It's certainly possible to do this (purge Symbiosis, install Sympl), Symbiosis doesn't cleanly remove itself. The current suggested method of Symbiosis 'upgrades' still apply however, which is 'install on a new machine and migrate sites over'. Sympl is configuration compatible with Symbiosis, so this still applies. |
Who suggested that method of upgrading? It'd be a disaster. |
That has been the official line from Bytemark Support for at least the period of Feb 2016 - June 2019, and likely still is. Migrating everything is fairly simple though as you only need to sync the databases and then rsync the |
There are a few other details that might be relevant to some users. They should be covered in the Symbiosis migration guide. https://docs.bytemark.co.uk/article/symbiosis-migration-guide/ Reasons for migrating like this:
Downsides: |
Note also that Sympl is a FORK of Symbiosis, not an upgrade. Nevertheless, I'm sure this project would welcome merge requests, if a migration-free migration path (oh, did I say that? Perhaps I mean a migration-free transition) were required. |
I've yet to have a problem doing it my way: I do the upgrade on the staging server copy of the server, and then when everything is as it should be, I do exactly the same thing on the production server. |
By default, Symbiosis should (based on issues and previous merges) default to automatic web stat generation being disabled.
This is not the case however, as the non-existence of the
config/stats
file is taken as a 'true', leading to stats being generated.This can be missed in testing as stats are only generated after log rotation, based on the *access.log.1 files, so if no logs were written/rotated, then no stats will be generated.
This is a problem due to GDPR defining IP addresses are considered personal data, meaning that sites running on Symbiosis are not GDPR compliant by default.
Mitigation:
htdocs/stats/.htaccess
containingRequire all denied
for each site.config/stats
containingfalse
for each site.This affects all versions of Symbiosis with automatic web statistics.
The text was updated successfully, but these errors were encountered: