Duplicated customer IP

Hey @pierregofu,

Duplicated “Customer IP” info on orders is generally the result of another plugin being out of date or not fully/accurately configured.

I would recommend placing some test orders while performing a conflict test, as that is the best way to track down where this issue is coming from.

Hello and thanks for your answer.

I’ve spent hours today to solve this problem and I just found out what was doing this. So in case someone has a similar problem :

It seems that there was a conflict between Woocommerce and the headers from my host server. So in wp-config.php I wrote ( I found this code on another forum ) :

$_SERVER[“HTTP_X_REAL_IP”] = explode(“,”,$_SERVER[“HTTP_X_REAL_IP”]);
$_SERVER[“HTTP_X_REAL_IP”] = $_SERVER[“HTTP_X_REAL_IP”][0];

define(‘WP_CACHE’, true);

Now I only have one customer Ip adress in the administration panel and I hope there will be no problem with payments.

Now I have another question : why exactly is Woocommerce collecting ip adresses ? ( avoiding fraud ? ) and is it compatible with GDPR ?

Regards

Hi, @pierregofu!

Thanks for updating us on how you were able to solve your IP address issue! It does make sense that the issue would be server-related as 127.0.0.1 is a default localhost IP address.

Now, for your other questions:

why exactly is Woocommerce collecting ip adresses ? ( avoiding fraud ? )

Exactly right! The IP addresses are collected mainly to prevent payment gateway fraud by matching an IP address with the customer’s billing country. It’s also sometimes used for region-specific pricing.

and is it compatible with GDPR ?

The answer here varies per site. This is because every site, even if they’re all using WooCommerce, will use different plugins, settings, and so on.

We’re unable to give legal advice on how to make sure a site is compliant with GDPR, so the best course of action would be to speak with your lawyer about what information you do/do not need to collect, and then set your site up accordingly.

If you’re interested, we have more information on GDPR and WooCommerce here:
https://woocommerce.com/posts/gdpr-compliance-woocommerce/

Hi,

Thanks for the answer.

About the Ip adress collected by woocommerce, I think it is not a problem if I write in the Privacy policy why the ip is collected BUT it might be a problem that the ip adress is not deleted after payment. When the order is completed I do not need ip adress, yet it is still in my database… So not very GDPR compliant…

Is there a way to delete ip adresses when the customer has completed his order ?

Thank you

Hi @pierregofu,

> Is there a way to delete ip adresses when the customer has completed his order ?

WooCommerce hooks in with WordPress’s “Right to Erasure” tool, which you could use to erase a person’s personal data. You can find more details on how this tool works with WooCommerce here:

https://woocommerce.com/posts/getting-ready-for-gdpr-right-to-erasure-requests/

Did you try that?

Hello,

The right to erasure tool is useful when a customer wants us to delete all his data and account… But in my case I would just like to avoid keeping unnecessary data like IP adresses in my database, for GDPR considerations.

Thanks

Hi @pierregofu,

We do not have a way to do this by default in WooCommerce. But this might be possible using custom code.

We highly recommend contacting one of the services on our WooCommerce Customizations Page for assistance in achieving this using custom code.

Thanks,

Since it’s been a while since the last update, I’m going to close out this thread. However, if you need any further assistance related to core WooCommerce functionality, feel free to create a new post. Thanks!