• cmnybo@discuss.tchncs.de
    link
    fedilink
    English
    arrow-up
    13
    ·
    9 months ago

    IP bans are not very useful considering that almost nobody has a static IP these days.

    CGNAT IP addresses change frequently and can be shared by over 100 users. I find it very annoying to have to connect to a VPN until my IP changes because someone else got the IP I’m using banned.

    Browser fingerprinting would be a better way of detecting ban evaders.

    • haui@lemmy.giftedmc.com
      link
      fedilink
      arrow-up
      2
      ·
      9 months ago

      They‘re useful for a very short amount of time and add frustration for the spammer but yes, the downsides are large as well.

      If a person knows how to change their ip after being banned, they probably dont use a normal browser either, dont you think? Or have I missed something about browser fingerprinting? You can post to lemmy over an api, right?

    • Mnglw@beehaw.org
      link
      fedilink
      arrow-up
      2
      ·
      9 months ago

      browser fingerprinting is inherently bad for privacy and would require scripts that nobody wants to run

      not to mention the GDPR issues with servers having that amount of data

      • cmnybo@discuss.tchncs.de
        link
        fedilink
        English
        arrow-up
        4
        ·
        9 months ago

        I’m not a fan of fingerprinting either, although good luck avoiding it considering just how much of the web is behind Cloudflare.

        • Mnglw@beehaw.org
          link
          fedilink
          arrow-up
          5
          ·
          9 months ago

          the fediverse largely prides itself on no tracking, in fact in the past instances that used cloudflare have been harshly criticised.

          This is against the fediverse’s core values

          • xthexder@l.sw0.com
            link
            fedilink
            arrow-up
            1
            ·
            9 months ago

            I’ve had my server behind Cloudflare this entire time. Should I not be doing that? At a minimum I need something to hide my server’s real IP.