The best model would be to display publicly commenters IPs, never store readers', store error logs (like people bruteforcing a password).
You d have a triple virtuous effect: people would stop being such insuferable asses once they understand basically their name is on the comment, readers would be completely safe because why not and abusers would be logged still.
It's even probably what most websites do: it news to me to keep the IP of every visitor, I'd have pruned them.
And then my modem reconnects and I get a new IP that used to belong to some insufferable asshole, and suddenly I’m blocked / blackholed / shadowbanned everywhere and some vigilante is flood pinging me.
Bingo. IRC tried the strategy of banning users by IP and half the time you'd end up k-lining entire countries because their ISPs were too cheap to buy more endpoints.
You d have a triple virtuous effect: people would stop being such insuferable asses once they understand basically their name is on the comment, readers would be completely safe because why not and abusers would be logged still.
It's even probably what most websites do: it news to me to keep the IP of every visitor, I'd have pruned them.