Post by by mona » Thu Mar 30, 2023 12:30 am

Not smart to put an unconditional rewriterule in your htaccess, especially when it is a redirect.

Code: Select all

RewriteRule .* https://www.websitehere.com/ [R=302,L]
These are posts to account login pages with no email or password fields, as OC expects those fields, an error message is logged, harmless really, just annoying.
ADD CREATIVE has posted both discussions about what to do if it is more than annoying.

There is no need to block these ips, all that is needed is the suppression of the error logging by having OC check if the fields are present before using them.
In the validation functions like:

Code: Select all

protected function validate() {
if (!empty($this->request->post['email']) && !empty($this->request->post['password'])) {
..........the current validation code .....
} else {
$this->error['warning'] = $this->language->get('error_login');
}
}
These posts will come from many different ip addresses, thousands of them, good luck if you want to manage those, i.e. don't waste your time blocking ips, block (make futile) what they attempt to do.

DISCLAIMER:
You should not modify core files .. if you would like to donate a cup of coffee I will write it in a modification for you.


https://www.youtube.com/watch?v=zXIxDoCRc84


User avatar
Expert Member

Posts

Joined
Mon Jun 10, 2019 9:31 am
Who is online

Users browsing this forum: Bing [Bot] and 102 guests