发表新帖
发表新帖

Is it reliable to use the IP address to identify a user on your website?

前端 未结
关注
12 1523
醉酒成梦
醉酒成梦 2021-01-04 14:44

Here is my situation. I am part of a project creating a P2P charity website, where users connect and can give money to one another. Because of the nature of the site, we kno

相关标签:
12条回答
  • 被撕碎了的回忆
    2021-01-04 14:52

    Recent legal case perhaps worth reading up on : http://yro.slashdot.org/story/11/05/03/2020205/An-IP-Address-Does-Not-Point-To-a-Person-Judge-Rules

    0 讨论(0)
  • 深忆病人
    2021-01-04 14:54

    No: for example, any company proxy will only have one external IP address, so everyone registering from within the network will appear to have the same IP address.

    0 讨论(0)
  • 太阳男子
    2021-01-04 14:56

    Totally unreliable...

    1. Somebody on dial-up will have a different IP address every time they "dial-up".

    2. DSL users will have a different IP address every time they reset or reconnect their account unless they pay for a static IP.

    3. Many users on a particular LAN will be sharing one public IP address.

    4. A particular user can login from home, work, public hotspot and have a different IP from each location.

    0 讨论(0)
  • 生来不讨喜
    2021-01-04 15:01

    No, not least because:

    1. IP Addresses can change over time, thanks to DHCP leases expiring.
    2. People access websites from many different locations including home, work, coffee shops, etc.
    3. When behind a NAT firewall or a proxy server, many people can share the same IP address.

    Will you have many people registering who are entitled to receive money? I'd suggest a manual verification process using real people if at all possible. If nothing else, you can claim to be exercising due diligence if there's a human involved.

    0 讨论(0)
  • 滥情空心
    2021-01-04 15:08

    If you want to identify users, you can use a cookie. One solution uses a combination of cookies, local storage, flash, and other state information that can be stored in a browser: http://samy.pl/evercookie/

    Nothing is 100% reliable. These cookies can be erased by a determined user, or in some browsers with one click. Ultimately, in many countries outside of the USA, a user has the right not to be tracked.

    0 讨论(0)
  • 隐瞒了意图╮
    2021-01-04 15:10

    It could be somewhat useful as part of a defense-in-depth approach, but I wouldn't call it "reliable".

    0 讨论(0)
 看不清?
提交回复
热议问题