I have a site where users can post and vote for posts. It is very critical to allow guest users to vote for a post, it also very important to avoid multiple votes from the same guest.
Cookies, can be easily deleted, so this can't be the solution.
IP, very bad if you consider NAT situations.
So I think, I need more advanced way to go, maybe other type of cookies..?
If anyone have experience in similar context please help.
What you only can do about not logged in users - is to make as hard as possible for them to vote second time. For example you may:
On the client side:
On the server side - store and check as much information about user as you can:
etc.
But you still can not stop smart and really wanting to cheat anonymous users from voting.
So it may be more useful not to try to block voting but to detect and ignore "duplicate" votes instead (i.e. votes for the same option from the same ip and browser combination for certain time period may be considered "cheated").