Jump to content

Prestashop cart hack or bug?


dnt_stp

Recommended Posts

We develop custom theme for Prestashop 1.6. Yesterday, right after launching, we faced with the problem that some users periodically added 50 products to the cart, we see it in the admin area. 

We was forced to limit number of products in cart to 1. We used this tutorial https://www.prestashop.com/forums/topic/142879-module-limit-order-quantity-per-product-14-15-16/ to do it. We see error mesage in front office "Only one product per order is allowed" as expected. But ist is still no matter: someone continue filling a cart with 50 products every few hours. 

Please tell me what could cause this problem? Is this an attempt to hack or action of a search bot (if so, how he doing it).

Here is the link to our store: http://www.passionforpaintings.com.

 

We also see to many active visitors with same or simmilar IP (se attached file), sometimes it shows more than 100 visitors, and we cant see them in google analytics.

post-1310497-0-05826100-1476949531_thumb.png

Link to comment
Share on other sites

Just add this IP to blacklist or edit Your .htaccess file with add:

 

Order Deny,Allow Deny from 141.8.141.145

 

If any more IP will be suspicious add them too on line below ;)

Deny from 198.245.49.180
Deny from 54.208.131.226
Deny from 136.243.5.219
Deny from 198.245.51.90
Deny from 148.251.121.247
Deny from 198.27.66.194
Deny from 5.255.253.137
Deny from 178.154.206.251
Deny from 5.255.253.137
Deny from 95.108.158.244
Deny from 77.248.252.113
Link to comment
Share on other sites

Easy ;)

attachicon.gifeasy.png

 

im a bot ;) hehe

 

But the question is how to prevent it. Good point!

PrestaShark, you are right, checked solution to limit quantity, that i used:

 if ($this->context->cart->nbProducts() > 0 )

there was no check how much products i am adding only check for product exists

changed it to 

if ($this->context->cart->nbProducts() > 0 || $this->qty > 1)
  • Like 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...