The tab Rules contains specifications of the database columns that will be anonymized. Basic transformation rules for WordPress core tables are available by default. If you have used the automatic generation feature on the Start tab [Enterprise Edition], you will find those rules here as well.
You can add, change and delete rules on this tab, as explained below.
The topics of this page are:
- Overview of rules
- Edit a rule
- The table preview
- Rules for metadata tables
- Rules for tables with JSON or serialized arrays
- Add a rule
- Delete a rule
Please note:
- In this manual, all tables have the prefix wp_. This prefix may be different for your WordPress database.
- If an image contains text that is too small to read, click to expand.
Overview of rules
This plugin applies a set of rules to transform personal to anonymized data. As part of the installation, the plugin automatically creates rules to anonymize personal data stored by core functions of WordPress.
The screenshot above shows the first six rules, sorted by the column Order.
The second rule looks like this:
This rule applies to the table wp_users using the column user_login (which contains all user names for the login page of WordPress). The rule transforms the data, assuming that it has the form of email addresses. The transformation used is called Username from email.
To learn more about this transformation, click on the (i) icon next to random_email_list to display a tooltip.
Edit a rule
What if you want the user name to become a random string instead? In that case, you have to edit this rule.
- Hover with your mouse pointer on the table name for this rule, which is wp_users.
- Click on Edit.
The display changes to the edit screen for this rule.
The information of this rule is displayed in an editable form. On the right, there is an explanation of the selected transformation method (in this case Username from email).
Use this screen to change the rule. In this example, we want to change the transformation that is being used.
- Click on the dropdown next to the field Transformation.
- Select the bottom one: Random string by pattern.
In the explanation, you can read the following:
- The field Pattern contains a default pattern that will be used. You may change this to a pattern to resembles a username, such as aaaa.aaaa.###
- Click on the Save button to submit the changed rule.
The overview screen appears. Notice that the rule for has changed.
The table preview
When editing or adding a rule, you will see a fragment of the data in the WordPress database at the bottom of the screen.
Example
if you edit the first rule (wp_users – user_email), you will enter the edit form which will display a fragment of the table wp_users at the bottom part of the screen. The column user_email is marked in red.
- This fragment displays the first 10 rows and the specific columns that will be affected by this rule.
- The table name is shown in the top left corner: Contents of wp_users.
- The colums are shown with there column name: ID, user_login et cetera.
- The column that is selected by this rule, is marked with a red background and a white font.
- If there are more rows affected by this rule, you can browse to the next page using the > button in the top right corner.
- Use the horizontal scroll bar on the bottom to view columns that are currently invisible due to limited page width.
Rules for metadata tables
To read this section, you have to understand what metadata tables are.
To apply a rule to data stored in a metadata table, we use a so called filter.
Example
Find the rule in the list that looks like this.
This rule will anonymize first names of users which are stored as metadata in the wp_usermeta table. This table stores all kinds of user data.
If you edit this rule, the following screen will appear.
You can see that this rule applies to the column meta_value. This column contains all kind of data, but we only want rows that with first names in them. That’s what the filter is for. It states that we only want to apply this rule to rows that have the value first_name in the column meta_key.
The table preview on the bottom of the screen demonstrates that the filter is properly applied.
Pleas notice the following:
- Only specific rows have been selected, as can be derived from the fact that the numbers in umeta_id are non-consecutive.
- The meta_key has the value first_name for all rows.
- The meta_value contains first names.
- You can add an extra filter to further refine the selection.
As a result, this rule will only affect the relevant rows in wp_usermeta.
Rules for tables with JSON or serialized arrays
To read this section, you have to understand what tables with JSON or serialized arrays are.
Example
The table wp_postmeta stores various types of data about WordPress posts. One of them is metadata about media files, which is stored as serialized arrays. This can contain data that you may want to anonymize, e.g. the photographer’s name or location data .
The following rule is not available in the default rule set. You can create it yourself if you want by clicking on Add a rule. Choose the following values:
- Table: wp_postmeta
- Column: meta_value
- Filter: meta_key = _wp_attachment_metadata
- Type: array
- Transformation: One value
- Value (string): none
Notice the following:
- The rule applies a filter, because wp_postmeta is a metadata table and we are only interested in rows that contain _wp_attachment_metadata.
- The type is array. This covers both JSON and serialized arrays.
- The transformation is One value. This will change all array values to one value, which is provided in the field Value (string). In this example, it contains none, which means that the string ‘none’ will be used as the value for all string values in the array. Numeric array values will change to 0.
The table preview will show something like this.
In this preview, the original array data is displayed in a readable format. Between brackets [ ] you can see the array keys (which are similar to field names). On the right side of the arrow ( => ) you will find the array values.
If you apply this rule, the anonymized result will be a follows.
Key specific transformations [Enterprise Edition]
In the example above, one transformation was applied to all array values. To be more specific than that, choose the transformation key_specific_transformations to choose a transformation per array key.
The screenshot below provides an example of a transformation used for data stored by the plugin CFDB7 (form entries).
- The array keys in this example are your-email, your-complaint and Yourstreetaddress.
- For each array key, a transformation is selected. The available transformations are listed in the dropdown.
- The third field contains parameters for the transformations.
- You can add a new array key by clicking on Add a row.
- Unspecified array keys will not be anonymized. This allows you to preserve the corresponding values, while anonymizing other values that (may) contain personal data.
Add a rule
The plugin provides a ruleset for WordPress core functions by default. If you have other plugins that store personal data, you will need to add rules for anonymization.
Some guidance to help you along:
- The Enterprise Edition can automatically generate rules for the most common form plugins as well as WooCommerce and ProfilePress.
- For the Free Edition or other plugins, add the rules per plugin. Complete all rules for plugin #1 before you start with plugin #2.
- Discover where and how a plugin stores data by reading about personal data in this manual and by using the tab Inspect tables in the plugin.
- Click on the button Add rule near the top of the screen.
- A form will appear to add a rule.
Some default values will be filled in that can be changed.
Work from top to bottom.
Inspect the effect of the rule in the table preview section at the bottom of the screen. This preview will refresh after each change.
- Rules will be applied in sequence (see Run anonymization). Start with selecting the execution order of this rule.
- Select the table. This will refresh the values for the column.
- Select the column.
- If you are dealing with a metadata table, create a filter (as explained).
- Select the type of data that is in the column. If that is not possible, choose other. Your selection will refresh the values for the transformation.
- Select a transformation. If you are not sure which one to select, leave it on the default value.
- Depening on the selected transformation, you may need to provide additional information in the parameter field. The label of this field depends on the transformation.
- If you select array as transformation, read the information about working with JSON / serialized arrays.
- Add a comment explaining the purpose of this rule. This will help you and team members to quickly grasp the rules’ intent.
- Click on Save to add the rule. The plugin will validate the added data and will inform you of any invalid or missing items. If there are no issues, you will return to the overview of rules. The new rule has been added.
Delete a rule
- Hover with your mouse pointer on the table name for the rule that you want to delete, which is wp_users in this case.
- Click on Delete.
A confirmation screen appears with all data for this rule.
- Click on Delete to confirm the deletion.
- Click on Cancel to abort.
A deletion is permanent and cannot be undone. You will have to recreate the rule if you need it to be restored.