As soon as you cast the magic words "IP blocking" the default replies are always "think about the people behind a NAT firewall" and "there is no way you can use this". (I should write a bot for that someday ;)

I, however, think that's unfair judgment for this specific case. I doubt that you run an image gallery with the load of /. or google. In your case I wouldn't be bothered by the fact that two people *might* not be able to vote, because someone else in the LAN already did so. Besides that, do you really care that much if you miss one legit rating, if you can block certain script kiddies?

You can work out a login procedure, quite like Perlmonks, or Freshmeat for that matter. That way you can allow one vote per image, per user (as stated above), but I quite frankly get quite tired of all the websites you have to register for. You want to search through some message board? Register first! You want to read a certain post? Register first! You want to view an image? Register first!

Yet another way could be the use of cookies. This is very easilly worked around, but hey, it can prevent the truely ignorant script kiddy-wannabees from rating an image a thousand times.

Sessions could be another option. Same as with cookies. Easy to work around, but it'll stop the totally clueless.

But, as prophesied before, if some script kiddy really wants to screw up your ratings, chances are big [s]he'll succeed.

I think the easiest way for you, is to set up a simple database in which you store the IP of the voter, the image [s]he voted for, and the timestamp. Then disallow the IP to vote again for say a day or even a week. That way, you do allow others from the same IP to cast their vote (albeit with a delay) and you prevent the scriptkiddies from writing a simple bot to vote numerous times a minute. Then when someone wants to vote, you first check if their IP is already in your ban-database (for the specific image) and you check the timestamp (how long ago did we receive a vote for this already?). Based on the outcome of these tests, you either allow the vote, or politely report that the voter already voted for this image and that only one vote is allowed, possibly followed by your email address in case of questions.

Just my €0,02

--
b10m

In reply to Re: blocking IPs by b10m
in thread blocking IPs by Anonymous Monk

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.