Manual:Database fields containing sensitive data
This data should be redacted from database backups released to the public.
| Extension/core | Table | Field | Comments |
|---|---|---|---|
| Core | archive | It's full of deleted edits | |
| recentchanges | rc_ip | Stores the IP address of the user specified on rc_user if $wgPutIPinRC is enabled (as it is in the default configuration) | |
| user | user_real_name | Stores the user's real name | |
| user email | Stores the user's email address as plaintext | ||
| user_password | Stores a hash of the user's password | ||
| user_newpassword | Generated for the mail-a-new-password feature | ||
| watchlist | wl_title | Could be used to see what pages are watched by whom, and what pages are unwatched | |
| AJAXPoll | ajaxpoll_vote | poll_ip | IP addresses of voters |
| CheckUser | cu_changes | cuc_ip | IP addresses of editors |
| cuc_ip_hex | Hex of IP addresses of editors | ||
| Comments | Comments | Comment_IP | IP addresses of commenters |
| Comments_Vote | Comment_Vote_IP | IP addresses of people who voted for a comment | |
| SocialProfile | user_board | All messages which have ub_type = 1 are private.
| |
| user_relationship_request | The whole table contains nothing but private data (user-to-user friend/foeship requests). | ||
| VoteNY | Vote | vote_ip | IP addresses of voters |
| WikiForum | wikiforum_category | wfc_added_user_ip | IP address data. |
| wfc_edited_user_ip | |||
| wfc_deleted_user_ip | |||
| wikiforum_forums | wff_last_post_user_ip | ||
| wff_added_user_ip | |||
| wff_edited_user_ip | |||
| wff_deleted_user_ip | |||
| wikiforum_threads | wft_user_ip | ||
| wft_deleted_user_ip | |||
| wft_edit_user_ip | |||
| wft_closed_user_ip | |||
| wft_last_post_user_ip | |||
| wikiforum_replies | wfr_user_ip | ||
| wfr_deleted_user_ip | |||
| wfr_edit_user_ip | |||
See also
[edit]- bugzilla:55953 — Create maintenance script that backs up everything but the tables and fields containing sensitive data