I created a webapplication with no registration required and I need to reasonably limit user's actions such as adding a comment or voting.
I wanted to do it simply by identifying users with their IP addresses, however I learned that these can be easily spoofed. Moreover, sometimes there can be a number of users behind one IP address. Additionally, I did not find 100% reliable way to determine user's IP.
How can one deal with this problem? Are there any other ways to set limits per user? Or maybe IP addresses are "good enough"? If yes, what is the best way to determine it?
