I am in the process of building a very simple poll, but i am concerned about people gaming the poll and just submitting the same vote over an over again. I am not talking about somebody double clicking the submit button, but maliciously trying to flood the poll with garbage. While i understand that there's no totally foolproof solution, what are some of the ways i could protect my application?
+6
A:
Presumably you're talking in terms of a web app? Captcha's are popular - they prevent automatic flooding.
Cookies can help slightly as well (if the user isn't smart enough to clear it).
You can do IP logging, but I wouldn't recommend it since it does have false positives (for instance if you block the IP of a proxy, then any users using that proxy get blocked). The better way would be to force users to register first (again - use a captcha here) if that's an option.
Also, you can implement a low-pass filter per IP (in other words, filter out submissions with a high frequency from a single IP or block of IPs) to filter out (or at least warn you) potential attacks.
Vitali
2009-09-29 02:41:12
A:
you can record the ip address associated with each vote and do a quick db query to see if someone from that ip has voted before. its not fool-proof, because people can move around to different networks with different ip addresses, but it would definitely cut back on gaming the poll.
Scott M.
2009-09-29 02:41:35
A:
You could:
- Require them to register then login to vote on the poll (can have email activation for accounts)
- Save votes with IP address in a database (not 100% foolproof but good otherwise)
- If your poll is meant for guests/visitors to vote, then I highly recommend a CAPTCHA to stop BOT submissions
Baddie
2009-09-29 02:42:47