How the protection from unfair voting is implemented?

In NorrCompetition the protection from unfair voting (voter fraud) depends on competition settings.

Users cannot vote by default. To give them this permission you should proceed to Options > Permissions tab and allow users from certain groups to vote for participants (set "Vote" to Allowed).

So the first and the main protection level is to allow only registered users to vote. When the user is voting, his user ID is checked first, and if he have not vote yet, user ID is being recorded to votes table.

The protection levels below are used for cases, when we allow unregistered user to vote.

IP-address check is the second protection level. When the user is voting, his IP-address is checked first, and if he have not vote, IP-address is being recorded to votes table. To enable this option open Options > Competition tab and set the "Check IP" parameter to Yes.

But, there are several problems with IP checks:

  • many users have dynamic IP-addresses
  • several users have the same IP-address (for example, different organizations). To solve this problem you can set check for IP+User-Agent combination.
  • a user can use a proxy-server to hide his real IP-address

Cookie check is the third protection level. When the user is voting, component generates a special cookie and writes it to the user’s browser. The user cannot vote when this cookie is set. To enable this option open Options > Competition tab and set the "Check Cookie" parameter to Yes.

The problem with cookie check is quite simple – the user can erase cookie file or simply vote using another browser.

One more protection is Captcha. You can display it to users and protect the voting from bots. Captcha only works on the participant's page. Please refer to Participant Layout Options document.

Despite all this protection options, please remember, that there is only one 100% protection from unfair voting - to allow only registered users to vote.