Warning about Adaptive Spider Technology

[ps2k11]

I had a problem. I was getting a lot of products added to the shopping cart.

 

I found out that it has to do with Adaptive Spider Technology.

 

Not sure what they are trying do do.

 

You should block these range of IP addresses from accessing your site.

 

174.127.132.000 - 174.127.132.255

174.127.133.000 - 174.127.133.255

174.127.134.000 - 174.127.134.255

174.127.135.000 - 174.127.135.255

[phrasespot]

You should block these range of IP addresses from accessing your site.

Either you have no idea what you are talking about or ..... Here is an example website whose IP address is within the ranges you published: 174.127.132.14 => https://cpsregistration.org/ Here is another 174.127.132.19 => http://www.g2webservices.com/ (merchant portfolio management company). I am not affiliated with those but they are not happened to be competitors, do they?

 

For the uninitiated reading the above post, by blocking arbitrary IP ranges, you are blocking access to your shop by potential customers. All crawlers can create ghost carts, and the latest version of PrestaShop takes adequate measures for ghost carts created by crawlers, updating is a better idea than blocking an IP as IPs can change hands.

[ps2k11]

All[/u] crawlers can create ghost carts, and the latest version of PrestaShop takes adequate measures for ghost carts created by crawlers, updating is a better idea than blocking an IP as IPs can change hands.

 

I'm using version 1.4.4.0 and I haven't seen anything protecting from ghost carts.

 

The IP address that was creating the ghost carts was 174.127.132.2.

did I a search with http://www.ip-addres.../ip-locator.php and got this info : Organization:Adaptive Spider Technology

 

Did a search on the web and found out that other had similar problems with this one.

 

This organization is based in L.A. and I don't sell to the U.S., don't know if it's a static ip or a dynamic ip so I'm not going to take any chances and block one single IP opted in blocking the whole range.

 

I was just pointing it out in case some have a similar problem.

[gkontos]

We have noticed that many crawlers are creating ghost carts. Google does for example. Usually this is not something done on purpose.

 

The IPs mentioned above do not have a reverse resolution. This is ussually a bad aproach from system admins.

 

A simple whois can reveal a lot of imformation and it ussualy shows an email address contact for abuse purposes. You can always email them with your concerns.

 

Generally speaking though we have a black list of IPs that are associated with malicius probes. Port scans has showed that most of those are zombie hosts, therefore we block them at the nerwork level.

[phrasespot]

don't know if it's a static ip or a dynamic ip so I'm not going to take any chances and block one single IP opted in blocking the whole range.

...

I was just pointing it out in case some have a similar problem.

 

No, you were encouraging people to follow a faulty solution you came up with arbitrarily. If I was the owner of one of those IP addresses you published, you would be hearing from my lawyer next.

 

You should block these range of IP addresses from accessing your site.

[phrasespot]

Generally speaking though we have a black list of IPs that are associated with malicius probes. Port scans has showed that most of those are zombie hosts, therefore we block them at the nerwork level.

I understand that and agree with it but... do you see an IP scanning your box and then go on and block multiple arbitrary ranges you pulled out of a hat just in case (still, so far that is your problem), then go to a public forum whose members are mostly merchants and tell them they should block those IPs too, allegedly, to solve a problem that comes up pretty frequently in that forum (now you are causing harm)

[ps2k11]

That worked for me and it stopped the ghost carts.

Couldn't find any other solution. If anybody has a better solution good for them.

 

I think every site owner has the right to choose who access their site.

[gkontos]

I understand that and agree with it but... do you see an IP scanning your box and then go on and block multiple arbitrary ranges you pulled out of a hat just in case (still, so far that is your problem), then go to a public forum whose members are mostly merchants and tell them they should block those IPs too, allegedly, to solve a problem that comes up pretty frequently in that forum (now you are causing harm)

 

Agreed. Posting IPs on a public forum is not a good tactic unless it comes from official forum administrators regarding a known malicious network.

 

I just think that ps2k11 didn't do this for a personal benefit, he was trying to share a personal experience.

 

@ps2k11,

 

Most search engines unfortunately don't respect the HTTP RFC protocol. We, for example, had to create special rules in our web application firewalls to allow google to crawl our sites!

 

Also, if you see IPs that are not registered to major search engines crawling your site then my advice is to block them.

[indus]

I have blocked one IP here myself. Here is why. I have masked a bit of the url and just pasted the last bits. This is from my error log in cpanel.

 

e+=parseFloat(c.css(a,

jquery/.ui-disableSelection

 

The program is searching for a vulnerability in prestashop.

http://myip.ms/view/..._174.127.133.21

 

I had some suspicious user activity recently so i didnt want to take any chances.

Edited May 3, 2012 by indus (see edit history)