Post by James » Fri Jul 11, 2014 4:21 pm

Over the last few weeks we have been receiving multiple DDOS attacks on the http://www.opencart.com website. It has been causing the extensions page and other sections of the site to run painfully slow - we apologise for this!

We've now taken steps to try and mitigate these attacks as they occur by using CloudFlare and routing all traffic through them. At times you may see a browser page check, this is ensure you are playing by the rules - if any suspicious traffic is detected then it will not be allowed through.

Thanks for your continued patience!

James


**** UPDATE ****

Due to an issue with the CloudFlare IPs some orders are being marked as potential fraud and some are not showing as confirmed by the payment gateways, we are working to try and resolve this issue as quickly as possible.

If your order is missing from your account area or stays pending for more than 12 hours please create a support ticket and ensure you include the following information to help resolve the issue quicker:

ORDER ID
EMAIL ADDRESS (your PayPal email and your account email address)
PAYMENT METHOD (PayPal or MoneyBookers)
PAYMENT TRANSACTION ID
Last edited by James on Mon Aug 04, 2014 9:22 pm, edited 2 times in total.

User avatar
Administrator

Posts

Joined
Wed May 27, 2009 6:07 am
Location - Leeds, UK

Post by i2Paq » Fri Jul 11, 2014 4:30 pm

I've seen it and I know other sites use it to.

Good/great move!

Norman in 't Veldt
Moderator OpenCart Forums

_________________ READ and Search BEFORE POSTING _________________

UPGRADE to 2.x: Contemplate before thou begins!

Our FREE search: Find your answer FAST!.

BUGs?: Known BUGS for All OC Versions.

[How to] BTW + Verzend + betaal setup.


User avatar
Global Moderator

Posts

Joined
Mon Nov 09, 2009 7:00 pm
Location - Winkel - The Netherlands

Post by OpDev » Fri Jul 11, 2014 5:01 pm

Hope this will be enough!


Posts

Joined
Sun Jul 21, 2013 2:32 pm

Post by mikeltn » Fri Jul 11, 2014 5:23 pm

has anyone had trouble with uploading extensions?
ajaxupload.js throws script error then 403 exception

happened when I tried to add new download to an existing extension

WeDoWeb: OpenCart Development partner and Solutions provider
Our Extensions:
- Custom Product Builder NEW
- Product Image Layers - Product Customiser NEW
- Product Series
and many more
available on OpenCart Store and WeDoWeb Store


User avatar

Posts

Joined
Fri May 04, 2012 8:47 pm
Location - Melbourne, AU

Post by James » Fri Jul 11, 2014 5:37 pm

@mikeltn - try again, I have added a custom rule for this section. It seems that the post action with the javascript was triggering some rules in CF.

User avatar
Administrator

Posts

Joined
Wed May 27, 2009 6:07 am
Location - Leeds, UK

Post by mikeltn » Fri Jul 11, 2014 6:00 pm

seems to work OK now, thanks James
James wrote:@mikeltn - try again, I have added a custom rule for this section. It seems that the post action with the javascript was triggering some rules in CF.

WeDoWeb: OpenCart Development partner and Solutions provider
Our Extensions:
- Custom Product Builder NEW
- Product Image Layers - Product Customiser NEW
- Product Series
and many more
available on OpenCart Store and WeDoWeb Store


User avatar

Posts

Joined
Fri May 04, 2012 8:47 pm
Location - Melbourne, AU

Post by James » Fri Jul 11, 2014 7:42 pm

Great. The attack is ongoing so panic mode has been left enabled for now - it seems that there is some loss in usability like this across the site. If anyone spots something that isn't working I'll do my best to patch it asap.

But even if there is some things that won't work - it's better than a slow or even unavailable website :)

User avatar
Administrator

Posts

Joined
Wed May 27, 2009 6:07 am
Location - Leeds, UK

Post by JAY6390 » Sat Jul 12, 2014 12:04 am

Just noticed a bug - Tried to send a PM on the forums to another user, and it went to the cloudcache browser check before sending. When the browser check was complete, it actually just went back to the pm page with the original quote and all of my reply got lost. Probably not much that can be done about it, but thought you would want to be aware

ImageImageImage

SEO MEGA KIT PLUS - Get your site ranking higher in the search engines
Better Product SEO URL's - Perfectly structured product links
SEO URL's Route Editor PRO - Make ANY url on your site have clean keywords - even third party extensions (remove index.php)


Image


User avatar

Posts

Joined
Wed May 26, 2010 11:47 pm
Location - United Kingdom

Post by Dhaupin » Sat Jul 12, 2014 1:12 am

JAY6390 wrote:Just noticed a bug - Tried to send a PM on the forums to another user, and it went to the cloudcache browser check before sending. When the browser check was complete, it actually just went back to the pm page with the original quote and all of my reply got lost. Probably not much that can be done about it, but thought you would want to be aware
That keeps happening to me as well with page requests in general. Doesnt remember is state going into the check, just dumps back to last spot before request.

Vultr 768MB ($5!!) | LiquidWeb | DigitalOcean


User avatar

Posts

Joined
Tue May 13, 2014 3:45 am
Location - PA

Post by James » Sat Jul 12, 2014 2:40 am

JAY6390 wrote:Just noticed a bug - Tried to send a PM on the forums to another user, and it went to the cloudcache browser check before sending. When the browser check was complete, it actually just went back to the pm page with the original quote and all of my reply got lost. Probably not much that can be done about it, but thought you would want to be aware
Yeah I've been getting that today pretty much all over the sites - its because CF checks every 15 mins. I've changed it to 7 days (so you might see it once more) but that should be it. I've also disabled that check on the forums as there is a firewall module specifically for phpbb anyway - should resolve these issues.

J

User avatar
Administrator

Posts

Joined
Wed May 27, 2009 6:07 am
Location - Leeds, UK

Post by JAY6390 » Sat Jul 12, 2014 3:11 am

Ah great cheers, yeah the browser check did seem to be pretty frequent. once a week sounds much better :)

ImageImageImage

SEO MEGA KIT PLUS - Get your site ranking higher in the search engines
Better Product SEO URL's - Perfectly structured product links
SEO URL's Route Editor PRO - Make ANY url on your site have clean keywords - even third party extensions (remove index.php)


Image


User avatar

Posts

Joined
Wed May 26, 2010 11:47 pm
Location - United Kingdom

Post by testje » Sun Jul 13, 2014 8:00 am

I made and payed an order (via worthless skrill) and it is not in my downloads or even order history. Looks like it is completly lost somewhere.
Hope it is fixed soon, because -ofcourse- I need it asap ;D


Posts

Joined
Fri Aug 26, 2011 12:15 am

Post by James » Sun Jul 13, 2014 6:29 pm

Daniel is resolving the outstanding orders, the overall issue with moneybookers payment is resolved now.

Testje your order should be marked as complete very soon but if not please created a support ticket and the team will help out.

User avatar
Administrator

Posts

Joined
Wed May 27, 2009 6:07 am
Location - Leeds, UK

Post by scanreg » Sun Jul 13, 2014 10:45 pm

thanks for explaining cloudflare

btw, does anyone know if google accounts for cloudflare when calculating pagespeed?

thanks


Posts

Joined
Thu May 06, 2010 12:15 am

Post by James » Sun Jul 13, 2014 11:24 pm

Scanreg not sure what you mean accounts for cloudflare? Pretty sure if anything though it will take into account the speed is improvd d due to caching but if you have any concerns just send them an email - they have been great with us for support.

J

User avatar
Administrator

Posts

Joined
Wed May 27, 2009 6:07 am
Location - Leeds, UK

Post by JAY6390 » Mon Jul 14, 2014 11:44 pm

Google will still class the speed as being your website, not cloudflare due to the domain being yours

ImageImageImage

SEO MEGA KIT PLUS - Get your site ranking higher in the search engines
Better Product SEO URL's - Perfectly structured product links
SEO URL's Route Editor PRO - Make ANY url on your site have clean keywords - even third party extensions (remove index.php)


Image


User avatar

Posts

Joined
Wed May 26, 2010 11:47 pm
Location - United Kingdom

Post by melbagnato » Mon Jul 21, 2014 1:32 pm

I got blocked replying to a question sent to me via a PM. I had attached a zip file with a spreadsheet inside it (since we can't attach spreadsheets).

My reference code was this:
CloudFlare Ray ID: 14d4ea8f10d70b26 • Your IP: 202.177.218.91
Is there something I did that I shouldn't be doing ?

- Mel

http://online.enterpriseconsulting.com.au

Site with OpenCart extensions & code downloads, many new extensions coming soon!
Follow us on twitter for more updates

Image


User avatar

Posts

Joined
Wed Jan 13, 2010 1:39 pm
Location - Melbourne

Post by James » Mon Jul 21, 2014 4:42 pm

How big was the file? Try using far instead see if that works

Anyone else see this issue?

User avatar
Administrator

Posts

Joined
Wed May 27, 2009 6:07 am
Location - Leeds, UK

Post by sml » Thu Jul 24, 2014 9:15 pm

I don't think I have ever visited a website with this weird security check delay thing.

Why is OpenCart one of the very few (or only) websites in the world to do this?

Why is OpenCart different to say Amazon or ebay or google who dont have this weird & unprofessional check.

sml

Posts

Joined
Sat Apr 02, 2011 6:56 am

Post by i2Paq » Thu Jul 24, 2014 10:31 pm

sml wrote:I don't think I have ever visited a website with this weird security check delay thing.

Why is OpenCart one of the very few (or only) websites in the world to do this?

Why is OpenCart different to say Amazon or ebay or google who dont have this weird & unprofessional check.
Ik know of a few, even in The Netherlands, who are using this.

Norman in 't Veldt
Moderator OpenCart Forums

_________________ READ and Search BEFORE POSTING _________________

UPGRADE to 2.x: Contemplate before thou begins!

Our FREE search: Find your answer FAST!.

BUGs?: Known BUGS for All OC Versions.

[How to] BTW + Verzend + betaal setup.


User avatar
Global Moderator

Posts

Joined
Mon Nov 09, 2009 7:00 pm
Location - Winkel - The Netherlands
Who is online

Users browsing this forum: No registered users and 5 guests