Anonymizing Users in Discourse

(Robin Ward) #1

Did you know that Discourse has had the ability to anonymize users for quite some time? Lately we’ve improved it so the scrubbing involved is even more thorough.

How do I anonymize a user?

At the bottom of a user’s admin page, there is an “Anonymize User” button:

You’ll be asked to confirm. If you agree, the user will be anonymized.

How thorough is the anonymization?

  • A new username will be randomly assigned to the user such as anon123456. This new username will be applied to all their posts in the system, and we will update all @mentions and quotes too.

    • The new username is not applied to: deleted posts, post revisions when the current post doesn’t mention or quote the renamed user anymore, oneboxed user profiles, queued posts, or staff logs
  • Their email, name, date of birth and avatar will be removed

  • Their user profile will be removed

  • Any api keys generated for the user will be revoked

  • Any authentication mechanisms (google/facebook/etc) will be revoked

IP History

Discourse will retain the user’s IP addresses in our logs associated with the anonymous user. However, there is a new mechanism to clear those out too available to developers.

When using our UserAnonymizer class, you can pass in an :anonymize_ip option with an IP to replace, for example

If provided, Discourse will go through several tables in our system and update the IPs associated with the anonymous user to the new value.

If you’d like to enable this feature on your Discourse, we recommend creating a plugin to handle your particular workflow.

User Deletion

It’s worth mentioning that new users can delete their own accounts. If you sign up for a forum and regret it, you can back out as long as you haven’t had too much activity.

A note about GDPR compliance

A lot of people have been talking about the new GDPR regulations coming into effect in Europe this year, specifically the Right of Erasue and how that applies to their web applications.

The anonymization tools in Discourse are available to all administrators, but we recommend you contact a legal professional if you require GDPR compliance. Said professional will be able to audit your systems and tell you if you meet the requirements.

Anonymize user quotes keeps username
(Daniela) #2

Just tested on try.
In the quotes the username is anonymized but not the avatar (see Do you use a mobile device for ALL your work? Tell me how! - tech - Demo).
As an administrator instead, every time I tested this function making an anonymous user, when I click the back button of the browser twice to return from the user’s admin page to the topic I was reading I always end up on page 404.

(Gerhard Schlager) #3

Will be fixed soon.

Well, that error is to be expected. You visited the user’s profile page before you anonymized the user and that page is still in the browser history.

(Daniela) #4


That’s true, because Discourse try go back to the original admin user page, which is no longer available, then reload the admin user page of the anonymous user, the second click on the back button would like to return to the original-user/summary page that no longer exists and you go to page 404 instead.


May I ask what the default activity limit for this is? (days and posts?)


You can delete your own account, as long as you have only 1 post or less. This is not configurable at the moment.