How is it possible that the user's IP address is made anonymous. So that it's DSGVO-compliant
My limited understanding is that you have no control over whether the IP gets sent by the user's browser. I assume that you only need to make sure the IP is not saved on your site. I also can't imagine a way for the authorities to know whether your site saves the IP addresses or not, short of a subpoena demanding your code and/or database.
As an aside, how can we possibly protect a site from hackers, scrapers, and DDOS attacks if we can't save IP addresses?
Patch core/components/quip/processors/web/comment/create.php and comment line 118