I am assuming this is down to a bot but I may be wrong and am looking for advice to stop this.
Approximately 10 times a day we are getting a new customer create an account. Always with the same name (James Kelvin) with the same address, but always a different location. Again I am assuming this is down to a VPN as its all over the world from New York, Mali, Japan, Phillipines, etc. Every account created is logged in several times from another different location. I keep blacklisting the ip addresses, but it just comes back with another. As soon as I delete one account, it seems within 30 minutes another is created.
So, is there anything I can do about this, and what is the purpose? My host (TSO Host) have said there is not really anything they can do as the ip address keeps changing. Any ideas welcome.
Approximately 10 times a day we are getting a new customer create an account. Always with the same name (James Kelvin) with the same address, but always a different location. Again I am assuming this is down to a VPN as its all over the world from New York, Mali, Japan, Phillipines, etc. Every account created is logged in several times from another different location. I keep blacklisting the ip addresses, but it just comes back with another. As soon as I delete one account, it seems within 30 minutes another is created.
So, is there anything I can do about this, and what is the purpose? My host (TSO Host) have said there is not really anything they can do as the ip address keeps changing. Any ideas welcome.
Well, this OC v.1.5.6.x Extension at least keeps some from coming back,
because one needs to add a valid eMail, to receive the confirmation Mail,
and then 'unlock' the account, by clicking a link.
The Mod and it's Creator is no longer listed, but I recall, that it worked well,
at least, if one uses a default 1.5.6.x Theme.
It requires an additional Database-Table, usually to be added automatically,
when installing the Extension.
Just an Idea, good Luck !
Ernie
---
OC v.1.5.6.x Download:
http://www.ipc.li/os/verification_email-1_0.zip
---
More info and modified default code here:
Adding Customer Verification e-mail feature to an OpenCart solution
http://marrriva.blogspot.ch/2013/08/add ... -mail.html
---
In the extension section, all the free stuff is gone on this...
https://www.opencart.com/index.php?rout ... activation
because one needs to add a valid eMail, to receive the confirmation Mail,
and then 'unlock' the account, by clicking a link.
The Mod and it's Creator is no longer listed, but I recall, that it worked well,
at least, if one uses a default 1.5.6.x Theme.
It requires an additional Database-Table, usually to be added automatically,
when installing the Extension.
Just an Idea, good Luck !
Ernie
---
OC v.1.5.6.x Download:
http://www.ipc.li/os/verification_email-1_0.zip
---
More info and modified default code here:
Adding Customer Verification e-mail feature to an OpenCart solution
http://marrriva.blogspot.ch/2013/08/add ... -mail.html
---
In the extension section, all the free stuff is gone on this...
https://www.opencart.com/index.php?rout ... activation
My Github OC Site: https://github.com/IP-CAM
5'200 + FREE OC Extensions, on the World's largest private Github OC Repository Archive Site.
Hi,
Thanks for the above. Its something to look at, but I'd rather avoid if possible as it might have negative effects towards genuine customers (not that it should, but we all know how inconvenienced they are by having to wait a minute for something).
I just wish I knew what the end game with this was.
Thanks for the above. Its something to look at, but I'd rather avoid if possible as it might have negative effects towards genuine customers (not that it should, but we all know how inconvenienced they are by having to wait a minute for something).
I just wish I knew what the end game with this was.
Definitely not isolated, have seen it too a few times now.
Try this to prevent CSRF attacks
https://www.opencart.com/index.php?rout ... on_id=4773
Try this to prevent CSRF attacks
https://www.opencart.com/index.php?rout ... on_id=4773
If you are having problems with the extension, please drop a question on the extension page.
Straightlight, who created the extension will be able to set you straight.
Straightlight, who created the extension will be able to set you straight.
the Kelvin clan, along with others too...
Kely Klein
John Farengeit
Tim Kelvin
Dave McClaren
July Doe
Alex Klein
Dave Kastro
Jane Kastro
July Kelvin
Dave Kelvin
Kim Kastro
John Kastro
...etc....
At least I know I'm not alone and being targetted... I'm trying to get a captcha for new account registration setup, but not having good luck....
I've setup that new accounts have to be approved by an admin before they can login, but that doesn't stop the creation of the accounts... and I don't think that sending an email to a bogus email address to approve a new account will help either...
I'm really hoping the captcha requirement will stop the creation of these accounts once and for all.
Please let me know how you make out, and I'll do the same so we can all learn the best method to rid ourselves of this pest..
Kely Klein
John Farengeit
Tim Kelvin
Dave McClaren
July Doe
Alex Klein
Dave Kastro
Jane Kastro
July Kelvin
Dave Kelvin
Kim Kastro
John Kastro
...etc....
At least I know I'm not alone and being targetted... I'm trying to get a captcha for new account registration setup, but not having good luck....
I've setup that new accounts have to be approved by an admin before they can login, but that doesn't stop the creation of the accounts... and I don't think that sending an email to a bogus email address to approve a new account will help either...
I'm really hoping the captcha requirement will stop the creation of these accounts once and for all.
Please let me know how you make out, and I'll do the same so we can all learn the best method to rid ourselves of this pest..
Attached is vQmod : Captcha for Account register and Affiliate register.
Made and tested for OC 1.5.6.*
Installed last week and stopped creation of new 'James Kelvin' accounts as customer and affiliate.
Made and tested for OC 1.5.6.*
Installed last week and stopped creation of new 'James Kelvin' accounts as customer and affiliate.
How does this work without installing a separate Captcha script to work alongside it?
I also have a commercial Account Registration Captcha extension that affects both the customer and affiliate registrations. There are versions for all OpenCart 1.5.x and 2.x versions. I've seen a large increase in sales of it lately, likely because someone has created bot scripts targeting OpenCart stores.
No need to install separate Captcha script. This uses default Captcha function in controller/information/contact.php ( information/contact/captcha ).davidbfranks wrote: ↑Thu Feb 15, 2018 10:28 pmHow does this work without installing a separate Captcha script to work alongside it?
I downloaded a captcha vQmod from the ocart extentions pages for ocart 1.5.6. It didnt' work so I modified it and now it works like a champ, no more bot registrations!
just copy it to your vQmod XML directory like normal and it will do the trick. Even though the code has provisions for other languages, it's English only.
Mike B
just copy it to your vQmod XML directory like normal and it will do the trick. Even though the code has provisions for other languages, it's English only.
Mike B
Just purchased this extension from you, can confirm it works great and spam is eliminated!Johnathan wrote: ↑Thu Feb 15, 2018 11:33 pmI also have a commercial Account Registration Captcha extension that affects both the customer and affiliate registrations. There are versions for all OpenCart 1.5.x and 2.x versions. I've seen a large increase in sales of it lately, likely because someone has created bot scripts targeting OpenCart stores.
Thanks for that, I've got it up and running, just have to wait and see if it works now. If not, I'll try the other extension.exibar wrote: ↑Fri Feb 16, 2018 12:41 amI downloaded a captcha vQmod from the ocart extentions pages for ocart 1.5.6. It didnt' work so I modified it and now it works like a champ, no more bot registrations!
just copy it to your vQmod XML directory like normal and it will do the trick. Even though the code has provisions for other languages, it's English only.
Mike B
Does anyone know the point of this? I can't see how they could access anything in the admin section of the database by creating a customer account.
it certainly did the trick for me... stopped the bot registrations cold dead in their tracks.... hopefully this will last :-)
I too was wondering the significance of them creating these bogus accounts... they can't log in until I approve the new user, so they only create the account.. nothing more.. I fail to see the benefit other than being annoying to us admins....
I too was wondering the significance of them creating these bogus accounts... they can't log in until I approve the new user, so they only create the account.. nothing more.. I fail to see the benefit other than being annoying to us admins....
Tried installing the vqmod but it is not taking. 1.5.6.4exibar wrote: ↑Fri Feb 16, 2018 10:09 pmit certainly did the trick for me... stopped the bot registrations cold dead in their tracks.... hopefully this will last :-)
I too was wondering the significance of them creating these bogus accounts... they can't log in until I approve the new user, so they only create the account.. nothing more.. I fail to see the benefit other than being annoying to us admins....
I don't see anything added to the registration page. Tried deleting system and vqmod cache. Tried opening using a different browser.
any ideas?
Vorticy, Inc.
Opencart 1.5.6.4, MySQL 5.1.73-5, PHP 5.3.3-46, Plesk v12.0.18, OS CentOS 6
Well, the problem is probably in <file name="catalog/controller/account/register.php">
Can't find: $data['button_upload'] = $this->language->get('button_upload');
Probably needs to be changed to: $this->data['button_continue'] = $this->language->get('button_continue');
There appears to be other changes needed as well. beyond my capabilities at this time.
Can't find: $data['button_upload'] = $this->language->get('button_upload');
Probably needs to be changed to: $this->data['button_continue'] = $this->language->get('button_continue');
There appears to be other changes needed as well. beyond my capabilities at this time.
Vorticy, Inc.
Opencart 1.5.6.4, MySQL 5.1.73-5, PHP 5.3.3-46, Plesk v12.0.18, OS CentOS 6
Who is online
Users browsing this forum: No registered users and 315 guests