I have a site that allows guest users (not logged in) to post to the site. I’d like your opinions on creative ways to handle spam prevention and rate limiting. I already plan on using the reCAPTCHA package to make sure people are human, but I’d like to know a way to prevent a trolling user to post 100 times.
I found this DDPRateLimiter package on the Meteor Github page and I think it might be able to do the trick. I could possibly set the limit for this particular method to be something like 10 minutes or even an hour. Does this sound reasonable? Has anyone dealt with this before?