Thursday, May 13, 2010

Identify duplicate IP address use to the public

The Domain

You have a website that allows the public to add comments.

For example

  1. You have a forum that users can post to.
  2. You have a product listing that visitors can post reviews against.
  3. Any other listing that the public can comment on that would allow shills to manipulate public opinion for or against a topic/product.

The Problem

Public comments can appear to be from multiple independent sources when in fact they are the same person posting multiple times under different user name's or email addresses.

A Solution

Changing your email address is easy. But posting from multiple different IP addresses is more difficult. One solution to the problem is displaying the user's IP address next to each posting. However, this is often considered non-acceptable as IP addresses are sometimes considered private.

You could generate an image for each unique IP address and display that. This would allow people reading comments to link together identical IP images and know that the comments came from the same source. This is fairly easily done by using Gravatar. You can pick any domain to base your naming convention on, Gravatar doesn't care. Let's use If two visitors used the same IP address of say then you would generate a fake email of [email protected] and use the Gravatar algorithm to generate an image URL and display this as an image next to the post. This protects the exposure of the IP address to the public on your web page.

This would have the added benefit of also allowing users (or Admins) to quickly visually spot identical IP addresses being used. If you were serious about this though you would probably just write an admin report that picks out duplicate IP addresses on pages.

No comments:

Post a Comment