I am using a wordpress plugin called "GD Star Rating" to allow my users to vote on stories that I post to one of my websites. http://everydayfiction.com/ Recently we have been having a lot of abuse of the system. Stories that have obviously been voted up artificially. "GD Star Rating" creates some detailed logs when a user votes on a story. Including; IP, Time of vote, and user_adgent, ect..
For example this story has 181 votes with an average of 5.7 http://www.everydayfiction.com/snowman-by-shaun-simon/ Most other stories only get around ~40 votes each day.
At first I thought that the story got on to a social bookmarking site Digg, Stumbleupon ect... but after checking the logs I found that this story is getting the same amount of traffic that a normal story gets ~2k-3k.
I checked if all the votes for this perpendicular story where coming from a the same IP address. I could see this happening if a user was at a school's computer lab using all their lab computers to vote up this story. Not one duplicate IP address in the log for this story.
SELECT
ip
, COUNT(*) as count FROMwp_gdsr_votes_log
WHEREid
=3932 GROUP BY (ip
) ORDER BYcount
DESCNext I thought that a use might be using a proxy to vote up a story. I checked this by grouping all the browser user_agent together to see if there a single browser voting in a perpendicular way. At most 7 users where using a similar browser but voted sporadically (1-5), no evidence of wrong doing.
SELECT
user_agent
, COUNT(*) as count FROMwp_gdsr_votes_log
WHEREid
=3932 GROUP BY (user_agent
) ORDER BYcount
DESCI also check to see if all the votes came in at a once. Maybe someone has a really interesting bot that can change the user_adgent and uses proxies, ect... At most 5 votes came with in 2 mins of each other. It doesn't seem to be any regularity on how people vote (IE a 5 vote does not come in once a min)
SELECT * FROM
wp_gdsr_votes_log
WHEREid
=3932 AND vote=5 ORDER BYwp_gdsr_votes_log
.voted
DESC
The obvious solution to this problem is to force people to login before they are allowed to vote. But I would prefer to not have to go down that route unless it is absolutely necessary.
I'm looking for suggestions on things to test for to detect the abuse.
Edit
Anther thing that I just tested was to see if all the people that voted on this perdicutre story were first time voters on the site by IP address. It appears that about 80 people by IP address voted on this story first and no other story. I check it against other stories and found that most of the time it is the opposite where 80% of the people that do vote, vote in several different stories as well. I think this proves that there is something fishy going on here but i'm not sure how they would have done it or how I could filter out the artificial votes.
SELECT id, `ip`, COUNT(*) as count FROM `wp_gdsr_votes_log` GROUP BY (`ip` ) ORDER BY `count` ASC
Edit 2
Wow OK, it looks like one of the band members from http://www.mychemicalromance.com/ (rhythm guitarist) posted a link about the article in their twitter and on the bands website. I'm just surprised that there hasn't been a big increase of visitors only people up voting the story..