Detecting abuse for post rating system
Posted
by Steven smethurst
on Stack Overflow
See other posts from Stack Overflow
or by Steven smethurst
Published on 2010-05-28T22:44:23Z
Indexed on
2010/05/28
22:52 UTC
Read the original article
Hit count: 281
I am using a wordpress plugin called "GD Star Rating" to allow my users to vote on stories that I post to one of my websites. http://everydayfiction.com/ Recently we have been having a lot of abuse of the system. Stories that have obviously been voted up artificially. "GD Star Rating" creates some detailed logs when a user votes on a story. Including; IP, Time of vote, and user_adgent, ect..
For example this story has 181 votes with an average of 5.7 http://www.everydayfiction.com/snowman-by-shaun-simon/ Most other stories only get around ~40 votes each day.
At first I thought that the story got on to a social bookmarking site Digg, Stumbleupon ect... but after checking the logs I found that this story is getting the same amount of traffic that a normal story gets ~2k-3k.
I checked if all the votes for this perpendicular story where coming from a the same IP address. I could see this happening if a user was at a school's computer lab using all their lab computers to vote up this story. Not one duplicate IP address in the log for this story.
SELECT
ip
, COUNT(*) as count FROMwp_gdsr_votes_log
WHEREid
=3932 GROUP BY (ip
) ORDER BYcount
DESCNext I thought that a use might be using a proxy to vote up a story. I checked this by grouping all the browser user_agent together to see if there a single browser voting in a perpendicular way. At most 7 users where using a similar browser but voted sporadically (1-5), no evidence of wrong doing.
SELECT
user_agent
, COUNT(*) as count FROMwp_gdsr_votes_log
WHEREid
=3932 GROUP BY (user_agent
) ORDER BYcount
DESCI check was to see if all the votes came in at a once. Maybe someone has a really interesting bot that can change the user_adgent and uses proxies, ect... At most 5 votes came with in 2 mins of each other. It doesn't seem to be any regularity on how people vote (IE a 5 vote does not come in once a min)
SELECT * FROM
wp_gdsr_votes_log
WHEREid
=3932 AND vote=5 ORDER BYwp_gdsr_votes_log
.voted
DESC
The obvious solution to this problem is to force people to login before they are allowed to vote. But I would prefer to not have to go down that route unless it is absolutely necessary.
I'm looking for suggestions on things to test for to detect the abuse.
© Stack Overflow or respective owner