Post by warisaha » Thu Feb 08, 2018 1:51 pm

Dear OC!

I'm using opencart 2.0.3.1. Recently a customer with James Kelvin is doing some fraudulent logins on our store with different email addresses with same name, contact, and address. I have banned some IPs and he is doing the same fraudulent logins with random IPs (still creating accounts using different IPs).

Can any one help me suggesting an idea by which i can permanently eradicate this type of fraudsters. Thanks in Advance

New member

Posts

Joined
Tue Sep 19, 2017 2:31 pm

Post by IP_CAM » Fri Feb 09, 2018 3:37 am

Well, you will not find anyone, ANYWHERE, to assist you on this, because
if a solution would exist, for anyone, the Internet would be a much safer place.
The only FREE way, to keep Intruders off, is the use of .htaccess, where
one can block individual IP-Numners as well as entire IP Ranges, to keep 'em off.
And this is an ongoing daily battle, it's not done once and then for good.
Ernie

Code: Select all

<Files *>
order allow,deny
allow from all
deny from 2.228.
deny from 5.101.
deny from 5.133.
deny from 5.189.
deny from 5.62.
deny from 5.77.34.
deny from 5.188.
deny from 14.
deny from 17.40.
deny from 31.
deny from 213.32.
deny from 213.145.
deny from 213.251.
deny from 216.
deny from 217.
</Files>

Ernie's OpenCart v.1.5.6.5 LIGHT + V-Pro + OpenShop Admin v.1.75 Test Sites
http://www.bigmax.ch - http://www.opencart.li/shop/ - http://www.velomech.ch/cart/
Image


User avatar
Guru Member

Posts

Joined
Tue Mar 04, 2014 1:37 am
Location - Switzerland

Post by uksitebuilder » Fri Feb 09, 2018 3:57 am

I would advise strongly against this as you may block good customers too with blocking ranges.

The bot or user will simply keep changing their IP Address anyway and you will be chasing your tail.

The person or bot you have mentioned seems to have been quite busy going for and attacking many OpenCart stores.

One thing that has been known to work is by adding a free extension to stop CSRF attacks.

Hope this helps: https://www.opencart.com/index.php?rout ... on_id=4773

ImageImageImageImageImage

For Friendly Professional Support - Click Here


User avatar
Guru Member

Posts

Joined
Thu Jun 09, 2011 11:37 pm
Location - United Kindgom

Post by paulfeakins » Fri Feb 09, 2018 6:52 pm

warisaha wrote:
Thu Feb 08, 2018 1:51 pm
he is doing the same fraudulent logins with random IPs (still creating accounts using different IPs)
What harm is being caused?

For quick, professional OpenCart support please email info@antropy.co.uk


User avatar
Active Member

Posts

Joined
Mon Aug 22, 2011 11:01 pm
Location - Reigate, Surrey, United Kingdom

Post by straightlight » Sun Feb 11, 2018 11:00 pm

I would advise strongly against this as you may block good customers too with blocking ranges.
I second this statement. The methodology on using banned IP addresses over .htaccess or from the host console can also affect the results of the search engine whenever results are appearing. The results may still be shown but the link where the search engine has tracked the URL may not be accessible which could become quite problematic for the website's reputation as it is not good practice.

I would suggest using this extension in order to separate all users sessions when using HTML forms: https://www.opencart.com/index.php?rout ... on_id=4773

This also allows webmasters to focus on users specifically rather than automated scripts whenever data is being posted on the store.

The most generated errors being found on Opencart forum originates from contributed programming.

Regards,
Straightlight


Legendary Member

Posts

Joined
Mon Nov 14, 2011 11:38 pm
Location - Canada, ON

Post by IP_CAM » Mon Feb 12, 2018 3:10 am

Well, if I run a Shop for i.E. Swiss Customers, I sure don't need anyone from China
or Russia to have access to the Site. And by Nature of things, one should always first
make sure, not to block ranges, before exactly checking, what and who will be blocked.
I am doing this for Years already, by FIRST blocking only a full numbered IP, but as soon
as multiple access attempts from the same Main Ranges exist, I lock 'em down, section
for section. It's the only working way, to keep the Fellows off for good, and without using
some external 'helpers', just slowing down loading time.
And as long as one does NOT block important seach engines, nothing will happen, that's
a proven fact too.
Ernie
---
PS. I never got the Mod, mentioned above, to work, like obviously many others too. It's to
complex, and potentially problemsome, if users have to modify Source, to make such work.

Ernie's OpenCart v.1.5.6.5 LIGHT + V-Pro + OpenShop Admin v.1.75 Test Sites
http://www.bigmax.ch - http://www.opencart.li/shop/ - http://www.velomech.ch/cart/
Image


User avatar
Guru Member

Posts

Joined
Tue Mar 04, 2014 1:37 am
Location - Switzerland

Post by zaidladha » Sat Mar 24, 2018 4:05 am

Just started for me today, same names and from new york. I have default to disabled for affiliates, should I worry or just leave them there? the commission is set to 0, so I don't think I have to worry. This doesn't provide them any access to the site does it?

New member

Posts

Joined
Wed Jun 05, 2013 3:07 pm

Post by IP_CAM » Sat Mar 24, 2018 12:03 pm

commission is set to 0, so I don't think I have to worry
Well, just compare it with a decision on either keep your Backdoor in your house,
or then replacing it by a solid wall. You should never allow anyone into your shop,
exept for those, allowed to by their 'status'. And if you do not use i.E. Affiliates,
Product-Returns, or Gift Vouchers, the 'Access' to those 'Programs' should not be
possible at all, and any attempt, to call such an URL, should result in either an Error
Message Page, or then the Front Start.
This way, one does not have to care about such any longer, and this leaves more
time for other matters. So it's up to you, and better don't listen to anyone, telling
you, better not to touch Source, because later Upgrades would create Problems,
because they always forget, that later Upgrades contain their own new Code and
Files, to so create their own! :laugh:

Removing Affiliates is not a big problem to solve, to keep a potential nasty problem
off! And depending on your Coder Talent, you can do it for free, by 'screening' freely
available info about.
Good Luck! ;)
Ernie
---
Mods:
https://www.opencart.com/index.php?rout ... +affiliate
---
Google:
https://www.google.com/search?q='remove ... n+Opencart
---
Last edited by IP_CAM on Mon Mar 26, 2018 12:21 pm, edited 1 time in total.

Ernie's OpenCart v.1.5.6.5 LIGHT + V-Pro + OpenShop Admin v.1.75 Test Sites
http://www.bigmax.ch - http://www.opencart.li/shop/ - http://www.velomech.ch/cart/
Image


User avatar
Guru Member

Posts

Joined
Tue Mar 04, 2014 1:37 am
Location - Switzerland

Post by paulfeakins » Sat Mar 24, 2018 6:31 pm

IP_CAM wrote:
Sat Mar 24, 2018 12:03 pm
Reoving Affiliates is not a big problem to solve, to keep a potential nasty problem
This should do it:
https://www.opencart.com/index.php?rout ... on_id=7305

For quick, professional OpenCart support please email info@antropy.co.uk


User avatar
Active Member

Posts

Joined
Mon Aug 22, 2011 11:01 pm
Location - Reigate, Surrey, United Kingdom

Post by straightlight » Sat Mar 24, 2018 7:29 pm

The provided extension above is for OC v1.5x releases. This inquiry has been posted for OC v2.x releases.

The most generated errors being found on Opencart forum originates from contributed programming.

Regards,
Straightlight


Legendary Member

Posts

Joined
Mon Nov 14, 2011 11:38 pm
Location - Canada, ON

Post by paulfeakins » Sat Mar 24, 2018 7:39 pm

straightlight wrote:
Sat Mar 24, 2018 7:29 pm
The provided extension above is for OC v1.5x releases. This inquiry has been posted for OC v2.x releases.
Fair point but our experience is lots of OpenCart users are experiencing this on 1, 2 and 3 so it might help someone else if not the OP.

For quick, professional OpenCart support please email info@antropy.co.uk


User avatar
Active Member

Posts

Joined
Mon Aug 22, 2011 11:01 pm
Location - Reigate, Surrey, United Kingdom

Post by straightlight » Sat Mar 24, 2018 8:13 pm

While this statement may be agreeable, the provided extension also state a considerable fee for that to happen and, in this case, for a different OC version that may not be compatible with the OP's OC version.

The most generated errors being found on Opencart forum originates from contributed programming.

Regards,
Straightlight


Legendary Member

Posts

Joined
Mon Nov 14, 2011 11:38 pm
Location - Canada, ON

Post by paulfeakins » Mon Mar 26, 2018 1:51 am

straightlight wrote:
Sat Mar 24, 2018 8:13 pm
considerable fee
It's the cheapest an extension can be.
straightlight wrote:
Sat Mar 24, 2018 8:13 pm
may not be compatible with the OP's OC version.
As above, it will fix the problem for others with the same issue.

I'm not sure what your point is, buying this extension is not mandatory :laugh:

For quick, professional OpenCart support please email info@antropy.co.uk


User avatar
Active Member

Posts

Joined
Mon Aug 22, 2011 11:01 pm
Location - Reigate, Surrey, United Kingdom
Who is online

Users browsing this forum: No registered users and 13 guests