Need help? Check out our Support site, then

Comments IP Address Dispute

  1. I noticed the IP addresses of a new party commenting on my Blog matched the home and work IP addresses of a friend of mine who also comments on my blog. I accused my friend of making phony comments as this new person. In disgust, I removed all comments from my blog originating from my friend and the new commenter. My friend was hurt and vehemently denies my accusations. I actually believe her, but I have lost a friend.

    I thoroughly reviewed the support site and forums about this issue, and did not find any similar cases. The one thing I did note was information that gmail may not provide IP address information with emails from gmail accounts. For the record, the new party commenter did have a gmail address. If his comments to my blog came to WordPress without an IP address, is it possible a WordPress glitch assigned a default IP address from the nearest comment, which would have been my friend's?

    I sent an official inquiry to support with all the particular comments, email addresses and IP addresses included. I received the following response from support. "I'm sorry, but we are unable to dig any deeper into the IP addresses attached to comments. On the surface, I would say that the comments simply came from the same computer (which is how an IP address is assigned). If you feel otherwise, however, unfortunately, I am unable to provide any further information on the IP addresses associated with these particular comments."

    Sorry, in the interest of my friend's privacy, I am unable to provide the pertinent email addresses and IP addresses for this forum.

    Please, has anyone else experienced this issue, or is there anyone with the technical savvy to speak on how WordPress logs comment IP addresses and handles gmail comments with masked IP addresses. It is too late to save a friendship, but I would like to know for my own peace of mind. Thank you.

    The blog I need help with is

  2. There is another possibility. Some ISP's will assign the same IP address to multiple people. They do this so that they do not have to buy and register more IP addresses. The days of "unique" IP addresses are pretty much a thing of the past now that there are so many users on the internet.

    In other words, a mail server at an ISP may have only one IP address assigned to it and all email accounts will have that same IP address, however there will be another number assigned or added to the IP address to internally identify and route the mail to the proper user. This same thing happens with shared web servers. Everyone on a particular web server will have the same IP address but internally at the web host, they will look at the actual email address to know which account to route the email address to.

    Your friend might be, probably is, telling the truth.

  3. I concur. IPs are no longer unique, and are VERY FAR from being positive IDs. It could well be (I'm speculating as one long experienced in far too much internet drama) that a third party is trying to use IP spoofing to drive a wedge between you and your friend. Think: is there a vested-interest party who has been giving you advice about internet identification lately?

    Note, for instance, that all emails from Hotmail have (or had, i'm not using hotmail anymore) the same IP address. And everyone on AOL has the same IP address. And spoofing an IP is an intermediate internet skill that any high scorer in Club Penguin can master with ease.

  4. tsp and raincoaster have it covered. IP addresses refer to network interfaces, not people. There are several countries where the entire population shares a handful of IP addresses.

    We're careful to ensure comment IP addresses aren't messed up by bugs because that would affect spam filtering.

  5. Thanks you for the responses.

    I just want to point out that the second party commenter had posts that matched my friends work computer with the IP address assigned to only to her company rather than a large ISP. The second party commenter also had posts that matched my friends home computer as well, which was through a cable company ISP. I could buy the whole shared ISP shared IP address explanation if it was just her home computer, but a double coincidence was hard to swallow. I still suspect a problem with WorkPress processing of gmail commenters, but raincoasters theory of a malicious spoof makes sense too. Either way, my friend gets the benefit of the doubt and an apology from me.

  6. If the person in question spoofed both your friend's work and home computers, it's someone who has either gotten an email from your friend on both computers, or someone whose blog has received comments from both of those computers. Surely that narrows it down?

  7. I use Gmail and would happily leave a comment on your blog if you think it would help your analysis of the situation.

  8. I would appreciate a test comment as a little experiment. Thank you, raincoaster. And I understand what you say about a possible spoofer. I have no idea who might fit the bill, but I could always ask my friend if she knows of anyone, assuming she will even speak with me.

  9. May I suggest you leave comments on several posts with existing comments too? Thanks again.

  10. I left one on each. See what info you can get.

  11. Thanks raincoaster, I got both messages with consistent, apparently valid IP addresses from a small town in Canada, and no cloning of other IP addresses. Left with the malicious spoofer theory, my friend offers no insight on a possible suspect, but I'm still giving benefit of the doubt, not wasting any more time on this drama, and simply moving on. Thanks to all responders for their insight and guidance.

  12. Yep. Of course, that's not actually MY Ip. I am stealing someone's wireless. Yet another way things can get confusing.

  13. I don't want to promote anyone's paranoia here -- keep apologizing to your friend, bobbytoxic -- but IP addresses are just one tool to finding out about someone. On their own they're pretty useless, but toss in an email address, and the location of the ISP and it becomes possible to at least keep track of the people leaving comments on your blog. Site Meter, for example, also gives you their operating system, their browser type, the location of their ISP and a few other things. But a level of paranoia high enough where you're calling out your friends over some comments left on your blog is definitely unhealthy.

  14. No, that's not entirely correct. The IP gives the geolocation, and anybody can type in an email address; it only requires either access to the account of that person OR knowledge of the email that person uses. I've seen sitemeter spoofed; the browser type is easy to match, too.

  15. If I check my IP address, it will say one of a few things:

    I'm in Denver, CO
    I'm in Cheyenne, WY
    I'm in Salt Lake City, UT.

    I'm in none of those.

Topic Closed

This topic has been closed to new replies.

About this Topic