Features
GDPR & IP Anonymisation
LoginPlus can store IP addresses as one-way SHA-256 hashes instead of plain text, so login and lockout records don’t retain personal data longer than necessary. This helps sites meet GDPR and similar data-minimisation requirements.
Enabling anonymisation
Go to LoginPlus → Settings → Logging and switch on Anonymise IP addresses. The setting is off by default.
What gets hashed
| Storage location | Behaviour when enabled |
|---|---|
Activity log (ip_address column) | Every new login/lockout event is stored as sha256(ip + AUTH_SALT) instead of the raw IP. |
| Known-IP list (per-user meta, used for “new IP” email alerts) | Also stored as a hash, so the anonymise setting covers every place LoginPlus keeps an IP long-term. |
| Security alert emails | Still show the real IP address in the email body. Alerts are a one-off notification sent only to the site admin, not persisted in the database, so showing the actual address there doesn’t defeat the purpose of hashing stored data. |
The hash uses your site’s AUTH_SALT as a pepper, so hashes can’t be reversed or looked up against a rainbow table without access to wp-config.php.
Trade-offs
- Hashed IPs cannot be read back — the Dashboard’s activity table will show the hash string instead of a readable address.
- Turning the setting on only affects new events — existing plain-text entries already in the activity log or known-IP list are not retroactively hashed.
This setting does not affect the IP allowlist in Brute Force settings — allowlist checks always compare against the live request IP, not the stored/hashed value, so allowlisted IPs are still exempt from lockout whether or not anonymisation is on.
Data minimisation via retention
Anonymisation and retention work together: set a Retention period under LoginPlus → Settings → Logging (default 90 days) so activity log entries — hashed or not — are deleted automatically after that many days.