The nginx logs on poal's main servers(the main poal.co) are automatically flushed once a week, we keep them for a week purely for debugging problems that pop up. The other servers for the other things that poal does IE mumble, matrix/riot, search and on and on I honestly don't remember how I set all those off the top of my head but I did make a point to make sure periodically the logs get nuked. I guess I can go back and look when I get some time if you want.
That's good to nuke regularly, that way a user theoretically can't be proven liable for anything they posted before the last flush. Debugging is necessary obviously, but ideally there would be no logs at all of user IP's, and you could even make a statement about that in the ToS, that way if the site was compromised the user would have a legal defence in that the terms were violated by the site if the IP was logged.
You have a good point I’ll see what I can do about reducing/eliminating them in the future.
you should also look into moving servers out of the NSA's reach
Already outside the US might move again
(post is archived)