I started a poll a few days ago. I typically get around 10 votes a day, so when the vote count hit 100 within 2 days, I knew something was up.
I checked the poll logs and sure enough, I could see 5-vote bursts from the same IP address at the same time, like this:
Guest 91.217.90.28 / 91.217.90.28 February 8, 2012 @ 7:10 pm
Guest 91.217.90.28 / 91.217.90.28 February 8, 2012 @ 7:10 pm
Guest 91.217.90.28 / 91.217.90.28 February 8, 2012 @ 7:10 pm
Guest 91.217.90.28 / 91.217.90.28 February 8, 2012 @ 7:10 pm
Guest 91.217.90.28 / 91.217.90.28 February 8, 2012 @ 7:10 pm
Later the IP would be slightly different, such as 91.207.90.28.
I'm pretty sure this is where the spammer got his idea:
http://www.holisticsearch.co.uk/2010/10/20/faking-a-poll-result-the-spammers-view/
Possible solutions:
1) Blocking the IP - this is not a good idea because in my example alone, over 10 different IPs have been used, and they're probably fake anyway.
2) Blocking bots - the Bad Behavior plugin does a very good job of this, and I only recently disabled it as an experiment to see how much legitimate traffic was being blocked. That also likely explains how I've been running wp-polls for over 2 years, and this is the first time I've had a spam problem.
3) Fixing the problem that allows this kind of spam - this might be a design issue, not an easy thing to fix. Lester?
4) Changing to a different poll plugin - do any of the others have a way around this or do they all suffer from such spam?
5) Managing the problem - if I could do bulk vote deletes, I would just do that before closing the poll so as to have clean final results.
Suggestions?
Jacob
