Mobile app version of vmapp.org
Login or Join
Welton855

: Is there any way to really ban people from a website? Suppose you have a user who is posting really offensive stuff on your website and so you ban them from your site (let's suppose your

@Welton855

Posted in: #Community #Moderation

Suppose you have a user who is posting really offensive stuff on your website and so you ban them from your site (let's suppose your web app has a way to mark that user account as banned so they can't login again).

Are there any intelligent ways to try and prevent this person from creating another account with a different username?

My hunch is that are no hard and final ways to do this besides some sort biometric login device*. But I am curious to know of anything I could do to make it hard for someone to keep doing it.

*And I guess that Tom Cruise has sort of found a way around that one too.

10.04% popularity Vote Up Vote Down


Login to follow query

More posts by @Welton855

4 Comments

Sorted by latest first Latest Oldest Best

 

@Vandalay111

Adding an invisible flash applet to your login page and using it to store a Flash cookie (95%+ browsers able to do so, much lesser known than regular cookies, much harder for most users to clear) on the user's machine would be a more persistent way of tracking and banning a user. See this StackExchange question that explores the subject:
stackoverflow.com/questions/483678/javascript-bridge-to-flash-to-store-so-cookies-within-flash

10% popularity Vote Up Vote Down


 

@Twilah146

In addition to artlung's list:

Banning IPs directly has the problem that it's easy to work around and that you lose the information from the IP address. Better let them register and after they post nuke their account so that they don't really know that you caught them over the IP or set them on silent mode that they think the can post but other won't see their posts.

Especially in Europe a lot of people are on dynamic IP addresses and you would have to ban the whole IP range of their provider to effectively ban them.

There are a few signs that a user might share two accounts and are therefore sock puppets. Moderators can use them when they have the suspicion that someone registered but the process could also be automated.

Does the IP belong to the same city?
Does the header of the browser suggest the same browser and screen-size?
Does the EMail address look like a real EMail address? What happens when you Google the part before the domain name? What happens when you search in facebook for an account of that email address?

Anti-aliasing on the web by Jasmine Novak et al is a paper that suggests that their automated algorithm archives a 90% accuracy for identifying sock puppets based on their habits of word choice and text formatting.

Having cookies that identify users can catch some users.

Authentication through sending an SMS.

Making a website invite only can help. If someone invites a person and that person get banned they can get a warning as well. Demonoid would be an example of a large website that uses the principle.

In Germany the new password that will be introduced will have a feature to authenticate users to websites and therefore provide real sock puppet protection. Unfortunately that's no international standard and therefore not much use.

Citizendium requires an official email address from a workplace or an university to register. That system works well at preventing sock puppets but it also seems to impede registration.
Requiring a healthy facebook account might be one alternative that could also work to expand the kind of authentication that Citizendium uses.

Wikipedia bans access from Tor and Anonymous proxies. If you don't have the resources to implement such a system yourself googling for an IP address can often tell you if the IP address is an open proxy and therefore landed in some spam sandbox.

If you have banned proxies and a user really produces real problems and is persistent you might have to think about going to the police. Defamation is a crime in a lot of countries. I hard from someone who moderates a local social network in Germany who got a court to forbid a certain user to visit the website because the user sexually harassed girls on the website.

10% popularity Vote Up Vote Down


 

@Dunderdale272

If you have a vibrant community, you will get a certain amount of this. Some approaches to consider when adding moderation layers.


Require payment to signup:
Some communities, like Metafilter, have full-mods, but also charge a small fee for all users (MeFi charges ) which cuts down somewhat.
Waiting periods: They also set time limits on some of the things you can do with a new account. So you can post a comment, but you can't create a new post for a time period (I believe 7 days). Making it harder for a new account to do something can be helpful, but it can also turn off legitimate users.
Shaming: Other comment communities--BoingBoing at one time used this--use a shaming technique called "disemvowelling" (Wikipedia) - basically if your post is a bozo, it gets all the vowels removed and you look like an idiot.
Put user in Stealth Mode: A sneakier tack is to simply allow the user to keep commenting, but completely hide their posts from all other users. They log in, and suddenly, mysteriously, nobody ever replies to their comments and threads. Now, if you have a public view, this falls down as a solution, because they catch on to the game quickly. But I always like this solution.
Moderate until proved non-bozo: Yet another thing to do is to put all new users or all users below a certain threshold of activity on a site on probation. Everything they do gets moderated until they post X non-bozo comments, etc. Big overhead there, but it works well on mailing lists I've moderated.
Allow anything, but don't save anything: A more unique solution is to simply never save anything, 4chan for example simply doesn't save anything -- no archives, no nothing. It invites and embraces bozos and all, but doesn't archive anything for more than a certain period of time, so there's less lasting effects of any one bozo. Note that 4chan still manages to need moderators, so even with this solution there's still a certain amount of overhead.
Give your mods tools: Let them see views of user activity per user and per thread, along with IP addresses and other "fingerprinty" data (email, user-agent, typical time of login) so that they can see who's on and what's happening. Showing them this stuff helps them understand the site and be proactive when things get out of hand.
Reputation Systems: StackOverflow and all the StackExchange websites keep track of user reputation and allow more capability with more rep. Slashdot is the first site I can remember to put something like this in place. Note, that you don't necessarily have to share reputation with your users, once calculated, it can be shared with mods to help them make their decisions.


IP banning is the first impulse everybody has, but it does occasionally grab innocent people, and for some jerky users, they're always at a different IP, which is a pain.



Update, 2011.
There are two interesting Drupal modules, usable obviously only on Drupal-based sites that might give you ideas: Misery, which creates miserable experiences for the user--random delays, apparent site bugs, random redirects; Cave, which is an implementation of "4" above, "Put user in Stealth Mode".

10% popularity Vote Up Vote Down


 

@Mendez628

You could block the IP Address. I know sites like Slashdot will block your IP if you are trying to do a DOS attack. That is more extreme and won't stop them from trying from another location or computer but it will slow them down.

Also, you can give a user a cookie with a GUID in it and if you ban that user completely from your site you could make it so it looks for the GUID and blocks them based on that.

The only other way to truly do it is by getting their MAC Address which I do not believe is possible on the internet without a thick client.

Again, none of these methods are foolproof but there is no way to really know who is visiting your site.

10% popularity Vote Up Vote Down


Back to top | Use Dark Theme