Robots attacks on my shop

[chti56]

Hello,

On an 'old' site that I had created some long times ago, the client reports a robot attack (?). See attached file.

Baskets are filled but no order is made as shown in the attached screenshot.

How to detect and block this robot to avoid this unbearable occupation?

Thanks for your help.

[GRXinside]

Do a follow-up in the server logs and review the same purchase pattern, there you can identify the attacking IP or server.

Talk to your host if necessary. Maybe you have a product that attracts some machine and try to buy.

[chti56]

Thanks GRXinside for your answer.

I'll try your suggestion to isolate the attacking IP.

[chti56]

I've ben able to identify the robots names accessing the site. Here is what i see (see attached file). Which of these could seem suspect ?

[Nickz]

1 hour ago, chti56 said:

How to detect and block this robot to avoid this unbearable occupation?

Geoblock over htaccess.

 

[GRXinside]

These bots are common to your visit as they crawl your site to get your content indexed. Maybe we could try another technique. Let me think and see how I can help you.

Give me specifications of your server, if it is shared, dedicated, vps... so I can know something more about it.

Maybe we could use CloudFlare on your domain dns.

 

I am quite specialized in this, although this cloudflare is not 100% protection, although it can stop many attacks, in this case, this one.

Your attack follows a pattern, you would simply have to track that tracking and see if it changes the IP or it is a bot, from here restrict and add rules to block this.

Although doing this, I like to make an in-depth analysis of what this attack is due to and what is the reason to avoid more related problems in the future.

 

[chti56]

Which informations could help about the server ? It's a shared server and PHP 7.4 is used.

This site has been online for several years and this is the first time that the owner of the site has reported this problem to me. 

I would like to know how to get the name of the robot which attacks the site...

[GRXinside]

hace 26 minutos, chti56 dijo:

Which informations could help about the server ? It's a shared server and PHP 7.4 is used.

This site has been online for several years and this is the first time that the owner of the site has reported this problem to me. 

I would like to know how to get the name of the robot which attacks the site...

Being shared, I can't help you much, since some of the other hosted web pages may be under attack or contain a vulnerability.

Now being able to filter and stop the attack is more complex since you have to close stages.

Try to change the dns of the domain to cloudflare and manage the dns from cloudflare to be able to filter the attack. This is the only help you can get from being a shared host.

Either cloudflare or talk to the hosting provider to mitigate the attack.

[chti56]

Many thanks for your help.