Welcome to WebmasterWorld Guest from

Forum Moderators: open

Message Too Old, No Replies

Browser-side computer identification?

I want to BAN a few people i just don't have the tools.

1:18 am on May 20, 2008 (gmt 0)

New User

10+ Year Member

joined:May 20, 2008
posts: 21
votes: 0

We are in Poland. There's a huge telecom company here that offers a huge range of dynamic IPs (through an offer called "Neostrada"). Many people use it. Some of them are malicious users (i call them "Neo-brats").
I want to ban those "Neo-brats". I have access to php scripts serverside (and all that goes with it). But first I need to identify the ones to ban. But how...
- email? Nope. They'll make a new one.
- user account? Same.
- username pattern? Same.
- IP? it's dynamic, so they'll just switch it with a hardware reset.
Those are the options i currently have in my system. And they won't do it.

I can't just ban the whole IP range - I don't want to ban the good users along with the bad ones. Email pattern (some site exclusion) is out of the question for the same reason.

So my question is: is there any cross-browser "javascript or something" method to uniquely identify a given computer?

Php obviously won't do it. And I consider cookies as my last resort (a poor one), since they're easy to delete and don't travel between browsers.

Sorry if i posted in the wrong part of the forum - just didn't seem to find a better place. Also if there was a question like that already answered somewhere - just post the link. I just couldn't think of a way to think up decent keywords for the matter to search for it.

1:29 pm on May 20, 2008 (gmt 0)

Senior Member

WebmasterWorld Senior Member blobfisk is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Feb 25, 2002
votes: 0

Hi Furiat and welcome to WebmasterWorld!

AFAIK there is no surefire way of identifying someone using JS. There are too many ways of faking your identity on the client side and security restrictions on browsers only allow you to get so much information using JavaScript.


5:12 pm on May 20, 2008 (gmt 0)

Preferred Member

10+ Year Member

joined:July 13, 2006
votes: 0

Why not try marking all of the good users from that network rather than the bad ones? Anyone who is not marked as good would have their messages delayed or whatever. You can use their email to mark good ones, since it is unlikely a bad user would know or have access to a good users email.
9:58 pm on May 20, 2008 (gmt 0)

New User

10+ Year Member

joined:May 20, 2008
votes: 0

Thanks for the welcome (though i had an account here a few years ago - i just forgot what was it's username).

Can you post some details on identification still? I bet that most of my problem-causers are not bright enough to fake their identities and the ones that are smart enough to do it are also smart enough to ensure they don't get caught in the first place. I want to defend against a plague - not a few smart roaches.
So please assume browser settings based around defaults and if there is something that can help - don't hesitate to post it. Remember it has to be something cross-browser (so that switching to another one of the 3 popular browsers won't fake the identity).

Interesting idea in general - unfortunately it's no good in this particular case.

More details on the case: The site itself is a browser-based game (no applets) and the biggest issue with the users are multiple accounts which are not permitted. Also there are some other ToC breakers, but "multiples" are the big problem.

There are approximately 10%-20% bad users against 80%-90% good ones. Also identifying a good user isn't "bulletproof". And delaying messages and such ideas is a great solution for forum/community sites of any kind, but won't work in a browser-based game.

10:22 pm on May 20, 2008 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:May 6, 2008
votes: 0

What are these malicious users doing?