Nederlands

WordPress downloaden

Plugin Directory

Database Anonymization

Deze plugin is niet getest met de laatste 3 grotere versies van WordPress. Mogelijk wordt het niet meer onderhouden of ondersteund. Ook kunnen er compatibiliteitsproblemen ontstaan wanneer het wordt gebruikt met recentere versies van WordPress.

Database Anonymization

Door De Internet Managers
Download

Beschrijving

Anonymize personal data (PII) in WordPress databases for development and testing. Comply with rules and regulations, prevent data leaks.

WordPress databases are often copied from production to test and development environments. This leads to a representative dataset for development and testing.
However, most production databases contain Personal Identifiable Information, so you need to have effective security controls in place to comply with rules and regulations such as EU GDPR.

This plugin contributes to compliancy and supports data leak prevention originating from non-production installations, while retaining the WordPress database structure and integrity.

  • It transforms PII to anonymous data using customizable rules, with each rule creating a step of the data transformation.
  • By retaining the data structure (in most cases), the anonymization will usually not break functionality and keep the data set sufficiently representative.
  • You can anonymize many data types using a wide range of transformations (listed below).
  • It comes with a built-in ruleset for default WordPress installs to get you off the ground.
  • You can add, change and delete rules to make the anonymization work as you see fit.
  • It provides powerful options to anonymize any column in any WordPress database table, supporting all plugins that use the database to store personal data.
  • It can target specific PII hidden in meta database tables such as WP options.
  • It can handle serialized data stored in database records.
  • It can handle JSON data stored in database records.

You can create rules to skip specific records that contain PII of admins, developers and testers. This prevents locking yourself out of WordPress and ensures that you and test users can perform their tasks while personal data from customers and other users is anonymized.

Optionally you can create a temporary back-up, so you can inspect the transformation results before finalizing the anonymization.

You will find this plugin in the Tools menu of WordPress.

Supported data types

All types of personal data are supported with all-purpose transformations.

There are special transformations for the following data types:

  • email address
  • person name
  • nickname
  • nicename (WordPress specific data type)
  • phone number
  • age
  • birthdate
  • IBAN
  • street address
  • city
  • URL
  • IP address
  • HTTP agent

All-purpose transformations

  • One string
    Fills a table column with a character string as defined by you, the same for all records.
  • Empty
    Fills a table column with empty values for all records.
  • Random characters
    Fills a table column with different random characters per record.
  • Random digits
    Fills a table column with different random digits per record.
  • Random pattern
    Fills a table column with different random digits or characters per record according to a pattern. Example: ###-aa/# generates 123-fj/4.
  • Lorem ipsum
    Fills a table column with a lorem ipsum text fragment.

Special transformations

These transformations are crafted for specific data types and create different values per record.

  • Random fake email address
    Generates an address like [name]@[domain].[extension] using a predefined list for fake domains and extensions and random characters for the name.
  • Copy user_email
    Copies the corresponding value of user_email in the WP users table. Requires that user_email has been anonymized in a previous step.
    This transformation helps to keep related records in separate tables consistent.
  • Derive user_nicename from user_email
    Derives the value for the column user_nicename from the column user_email in the WP users table. Requires that user_email has been anonymized in a previous step.
    This transformation keeps those related columns in the WP users table consistent.
  • Random full name
    Generate a full name combining random selections from predefined lists for first and last name.
  • Copy names from WP usermeta table
    Generates a full name combining first name and last name copied from the WP usermeta table. Requires that those columns in the WP usermeta table have been anonymized in a previous step.
    This transformation helps to keep related records in separate tables consistent.
  • Random nickname
    Generates a nickname using a random selection from a predefined lists combined with random characters.
  • Random first name
    Randomly selects a first name from a predefined list.
  • Random last name
    Randomly selects a last name from a predefined list.
  • Random phone number
    Generates random digits combined with predefined characters and digits. Example: +1 ##-####-#### (###) generates +1 59-6291-5282 (302).
  • Random_age
    Generates a random age with a specified minimum and maximum.
  • Random birthdate
    Generates a random birthdate derived from a random age with a specified minimum and maximum.
  • Random IBAN
    Randomly selects a non-existing International Bank Account Number from a predefined list. The format and checksum are valid.
  • Random street name
    Randomly selects a street name from a predefined list.
  • Random street name and house number
    Randomly selects a street name from a predefined list and combines this with a street number using a specified pattern. Example: ###-a s generates 627-d Fake Street.
  • Random city list
    Randomly selects a city name from a predefined list.
  • Random URL
    Generates a URL like https://www.[domain].[extension]/[path] using a predefined list for fake domains and extensions and random characters for the path.
  • Random IP address
    Generates a random IP address in the so called local range from 10.0.0.0 to 10.255.255.255.
  • Random HTTP agent string
    Randomly selects an agent string from a predefined list of fake entries.
  • Empty array values
    Sets an empty string for all values in a serialized or JSON array stored in database records.
  • One array value
    Sets one specific string for all values in a serialized or JSON array stored in database records.

Schermafdrukken

  • Overview of transformation rules: columns to anonymize, sorted by execution order.
  • Page to edit a rule, with an explanation of the transformation and a preview of the table column in its current state.
  • Overview of the rows that will be skipped during the transformation. This is where you exclude yourself and other developers or testers that need their records retained.
  • Start page to run the anonymization with an optional back-up.
  • Progress is displayed during the anonymization process.
  • After the run has completed, you can deciode to restore or delete the back-up.
  • This is an overview of all anonymization runs on the current database.
  • You can inspect the data of all WordPress tables before and after anonymization.

Installatie

  1. Install the plugin in a non-production WordPress environment.
  2. In the menu go to Tools – Database Anonymization.
  3. Review, change and add transformation rules (columns) in the first tab.
  4. Review, change and add records (rows) that must be skipped in the second tab.
  5. Run the anonymization in the third tab.
  6. Review previous runs in the fourth tab.
  7. Review the results by inspecting tables in the fifth tab.
  8. If you have created a back-up before running the anonymization, be sure to delete it to ensure no personal data remains in the database.

FAQ

Does this plugin work for all WordPress tables?

Yes, it does. Most transformations require that the table has a primary key of one column, except the all-purpose transformations One value and Empty. These can be used on any table.

Transformations may have additional requirements with regard to the column length and type.

How does the plugin process meta tables in WordPress that can basically contain any kind of data?

In meta tables, one record can have a different meaning than the next record. The plugin processes this structure by applying a filter to create a subset of records.

Let’s explain by giving a example.

In the WP usermeta table, the meaning of the record is defined by the contents of the column meta_key.
E.g. meta_key = first_name. The contents of the column meta_value for this record will be interpreted as being the first name of a person.

Another record may have a different value for meta_key.
E.g. meta_key = locale and meta_value = en_US must be interpreted as the user preference for US English.

So if you want to anonymize all first names in the WP usermeta table, you can apply a filter to only transform records with meta_key = first_name.

Where do the predefined lists originate from?

Most lists originate from Chat GPT, inspired by a US and European perspective.
The non-existing IBANs originate from Random Iban Generator.

Can I change the list entries?

In this free edition it is not possible to customize the lists. The upcoming Enterprise Edition provides this feature.

Can I import or export transformation rules?

In this edition it is not possible to import or export transformation rules. The upcoming Enterprise Edition provides this feature.

Where are the transformation rules stored?

These are stored in the WordPress Options table. So beware: if you overwrite the database with a new copy, the rules will be lost.

Why is this plugin for development and test installations only?

It is highly likely that you will disrupt business processes if you accidentally run this plugin on a WordPress production installation that contains personal data.

Is compliancy guaranteed?

No, most certainly not. This plugin can support you and your organization in becoming or staying compliant with applicable privacy laws and regulations.
It remains your responsibility to configure this plugin, to run it, to inspect the results and to delete any back-ups that remain.
Next to that, there are many more aspects to data protection compliancy than PII anonymization of non-production databases alone.
Furthermore, the standard conditions apply, so use of this software is at your own risk.

Beoordelingen

Very useful!

8 juni 2024
Great to have staging/dev environments for tests, provide access to other people without compromising data, etc.It would be even better with some little extras for using it on multiple sites, like quickly duplicating rules, import/export rules and settings, or presets for plugins that add profile fields, like BuddyBoss/Buddypress.But again, the core functionality does what is says in the tin :).Thanks for the work!
Lees 1 beoordeling

Bijdragers & ontwikkelaars

“Database Anonymization” is open source software. De volgende personen hebben bijgedragen aan deze plugin.

Bijdragers

“Database Anonymization” is vertaald in 1 taal. Dank voor de vertalers voor hun bijdragen.

Vertaal “Database Anonymization” naar jouw taal.

Interesse in ontwikkeling?

Bekijk de code, haal de SVN repository op, of abonneer je op het ontwikkellog via RSS.

Changelog

1.0.0

  • First release of the plugin.

1.1.0

Fixed bugs
Added Lorem ipsum transformation
Added support for serialized data in columns
Improved validation and error handling

1.1.1

Tested up to WordPress 6.3.1 (no bugs found)

1.2.0

Fixed bugs
Added support for JSON data structures stored in database record fields

Meta

Waarderingen

Bekijk alle
Log in om een beoordeling te versturen.

Ondersteuning

Iets te melden? Hulp nodig?

Het supportforum bekijken