Jump to content

sumsel

Members
  • Posts

    62
  • Joined

  • Last visited

  • Days Won

    1

sumsel last won the day on November 15 2018

sumsel had the most liked content!

Profile Information

  • First Name
    Thomas
  • Last Name
    F

Recent Profile Visitors

652 profile views

sumsel's Achievements

Newbie

Newbie (1/14)

10

Reputation

2

Community Answers

  1. Yes! Had I found the free and easy solution I found now, I probably would and should have done it right from the start. I think I had experimented with this on the contact form and had no success a few years back. At the time whatever bot was working on my shop, didn't need the form in my shop to submit it and the captcha had not been configured correctly to prevent the bot from operating. This time it seems to have worked. So thanks for all the contributions 🙂
  2. Apparently I have no new fake customer registrations since adding the recaptcha to the form.
  3. I copied the log display from my plesk user interface in my previous post. Is checking the meaning of the http 1.0 result still related to the original topic? But I found the raw log also, hoping this will be more helpful. I can't see (let alone configure) the log format setting, only the results. It is set by my hosting provider. I'm happy with that because I'm no expert here. Raw log file entry from above example: 117.241.96.43 - - [08/May/2020:14:50:01 +0200] "GET / HTTP/1.0" 301 208 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 117.241.96.43 - - [08/May/2020:14:50:05 +0200] "GET / HTTP/1.0" 301 717 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 117.241.96.43 - - [08/May/2020:14:50:07 +0200] "GET / HTTP/1.0" 301 396 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 117.241.96.43 - - [08/May/2020:14:50:07 +0200] "GET /en/ HTTP/1.0" 200 8295 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 117.241.96.43 - - [08/May/2020:14:50:08 +0200] "GET /en/my-account HTTP/1.0" 302 392 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 117.241.96.43 - - [08/May/2020:14:50:09 +0200] "GET /en/login?back=my-account HTTP/1.0" 200 10571 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 117.241.96.43 - - [08/May/2020:14:50:10 +0200] "POST /en/login?back=my-account HTTP/1.0" 200 9868 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 117.241.96.43 - - [08/May/2020:14:50:10 +0200] "POST /en/login?back=my-account HTTP/1.0" 200 9868 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 117.241.96.43 - - [08/May/2020:14:50:11 +0200] "GET /de/anmeldung?back=my-account HTTP/1.0" 200 10577 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 117.241.96.43 - - [08/May/2020:14:50:12 +0200] "POST /de/anmeldung?back=my-account HTTP/1.0" 200 10077 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 117.241.96.43 - - [08/May/2020:14:50:12 +0200] "POST /de/anmeldung?back=my-account HTTP/1.0" 200 10077 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 117.241.96.43 - - [08/May/2020:14:50:13 +0200] "GET /fr/connexion?back=my-account HTTP/1.0" 200 10647 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 117.241.96.43 - - [08/May/2020:14:50:14 +0200] "POST /fr/connexion?back=my-account HTTP/1.0" 200 10134 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 117.241.96.43 - - [08/May/2020:14:50:15 +0200] "POST /fr/connexion?back=my-account HTTP/1.0" 200 10133 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 117.241.96.43 - - [08/May/2020:14:50:15 +0200] "GET /it/login?back=my-account HTTP/1.0" 200 10595 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 117.241.96.43 - - [08/May/2020:14:50:16 +0200] "POST /it/login?back=my-account HTTP/1.0" 200 10094 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 117.241.96.43 - - [08/May/2020:14:50:17 +0200] "POST /it/login?back=my-account HTTP/1.0" 200 10093 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 117.241.96.43 - - [08/May/2020:14:50:18 +0200] "GET /es/iniciar-sesion?back=my-account HTTP/1.0" 200 10668 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 117.241.96.43 - - [08/May/2020:14:50:19 +0200] "POST /es/iniciar-sesion?back=my-account HTTP/1.0" 200 10156 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 117.241.96.43 - - [08/May/2020:14:50:19 +0200] "POST /es/iniciar-sesion?back=my-account HTTP/1.0" 200 10156 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 117.241.96.43 - - [08/May/2020:14:50:20 +0200] "GET /en/password-recovery HTTP/1.0" 200 7037 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 117.241.96.43 - - [08/May/2020:14:50:21 +0200] "POST /en/password-recovery HTTP/1.0" 200 6345 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 117.241.96.43 - - [08/May/2020:14:50:22 +0200] "POST /en/password-recovery HTTP/1.0" 200 6344 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 117.241.96.43 - - [08/May/2020:14:50:22 +0200] "GET /en/login?create_account=1 HTTP/1.0" 200 10027 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 117.241.96.43 - - [08/May/2020:14:50:23 +0200] "POST /en/login?create_account=1 HTTP/1.0" 302 1600 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 117.241.96.43 - - [08/May/2020:14:50:24 +0200] "GET /en/ HTTP/1.0" 301 237 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 117.241.96.43 - - [08/May/2020:14:50:25 +0200] "GET /en/ HTTP/1.0" 200 7258 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 117.241.96.43 - - [08/May/2020:14:50:26 +0200] "POST /en/login?create_account=1 HTTP/1.0" 302 381 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 117.241.96.43 - - [08/May/2020:14:50:26 +0200] "GET /en/my-account HTTP/1.0" 200 6449 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36"
  4. To my knowledge this is just the info with which version of HTTP the Apache server responds. The detailed workings are beyond the depth of my knowledge about Apache Servers. I left the Apache configuration on default as set by my hosting provider.
  5. I have found and installed a free captcha module now. Hope this will protect the existing customer accounts against being spied upon by the attacker. https://github.com/nenes25/eicaptcha/releases/tag/2.0.4 Seems to work, at least it didn't break the account creation process for humans - hope I can follow the advice and just forget about this issue. Cheers
  6. Thank you for your comments guys! From the log I checked the last 4 account creations and found the same pattern for those. Within like 25 seconds they check the login pages in all 5 language versions, and in the end they create an account. As if they had a stolen email address database and attempt try to find out if this email has a registered account in the shop, and then if not, create one. Guess if they can create a customer they know it hasn't been registered before. Posting one of the results here. 2020-05-08 14:50:01Access117.241.96.43 301 GET / HTTP/1.0208Apache access 2020-05-08 14:50:05Access117.241.96.43 301 GET / HTTP/1.0717Apache access 2020-05-08 14:50:07Access117.241.96.43 301 GET / HTTP/1.0396Apache access 2020-05-08 14:50:07Access117.241.96.43 200 GET /en/ HTTP/1.08.10 KApache access 2020-05-08 14:50:08Access117.241.96.43 302 GET /en/my-account HTTP/1.0392Apache access 2020-05-08 14:50:09Access117.241.96.43 200 GET /en/login?back=my-account HTTP/1.010.3 KApache access 2020-05-08 14:50:10Access117.241.96.43 200 POST /en/login?back=my-account HTTP/1.09.6 KApache access 2020-05-08 14:50:10Access117.241.96.43 200 POST /en/login?back=my-account HTTP/1.09.6 KApache access 2020-05-08 14:50:11Access117.241.96.43 200 GET /de/anmeldung?back=my-account HTTP/1.010.3 KApache access 2020-05-08 14:50:12Access117.241.96.43 200 POST /de/anmeldung?back=my-account HTTP/1.09.8 KApache access 2020-05-08 14:50:12Access117.241.96.43 200 POST /de/anmeldung?back=my-account HTTP/1.09.8 KApache access 2020-05-08 14:50:13Access117.241.96.43 200 GET /fr/connexion?back=my-account HTTP/1.010.4 KApache access 2020-05-08 14:50:14Access117.241.96.43 200 POST /fr/connexion?back=my-account HTTP/1.09.9 KApache access 2020-05-08 14:50:15Access117.241.96.43 200 POST /fr/connexion?back=my-account HTTP/1.09.9 KApache access 2020-05-08 14:50:15Access117.241.96.43 200 GET /it/login?back=my-account HTTP/1.010.3 KApache access 2020-05-08 14:50:16Access117.241.96.43 200 POST /it/login?back=my-account HTTP/1.09.9 KApache access 2020-05-08 14:50:17Access117.241.96.43 200 POST /it/login?back=my-account HTTP/1.09.9 KApache access 2020-05-08 14:50:18Access117.241.96.43 200 GET /es/iniciar-sesion?back=my-account HTTP/1.010.4 KApache access 2020-05-08 14:50:19Access117.241.96.43 200 POST /es/iniciar-sesion?back=my-account HTTP/1.09.9 KApache access 2020-05-08 14:50:19Access117.241.96.43 200 POST /es/iniciar-sesion?back=my-account HTTP/1.09.9 KApache access 2020-05-08 14:50:20Access117.241.96.43 200 GET /en/password-recovery HTTP/1.06.87 KApache access 2020-05-08 14:50:21Access117.241.96.43 200 POST /en/password-recovery HTTP/1.06.20 KApache access 2020-05-08 14:50:22Access117.241.96.43 200 POST /en/password-recovery HTTP/1.06.20 KApache access 2020-05-08 14:50:22Access117.241.96.43 200 GET /en/login?create_account=1 HTTP/1.09.8 KApache access 2020-05-08 14:50:23Access117.241.96.43 302 POST /en/login?create_account=1 HTTP/1.01.56 KApache access 2020-05-08 14:50:24Access117.241.96.43 301 GET /en/ HTTP/1.0237Apache access 2020-05-08 14:50:25Access117.241.96.43 200 GET /en/ HTTP/1.07.09 KApache access 2020-05-08 14:50:26Access117.241.96.43 302 POST /en/login?create_account=1 HTTP/1.0381Apache access 2020-05-08 14:50:26Access117.241.96.43 200 GET /en/my-account HTTP/1.06.30 KApache access
  7. I did notice now that some of the fake accounts also seem to create carts which then appear as abandoned carts but with no products inside. Still no idea what benefit they might have from doing so. If they were looking for weaknesses in the shop, then I would assume they try, succeed or fail, and move on. But not try again every day. If they were trying to spam the email addresses which they register, there is exactly one mail from the shop upon registration, as I don't even have newsletters.
  8. The only information I can see associated with the new customer account is Gender, First name, Last name and Email address. No phone or address etc. - also no referrer, seems to have directly opened the shop URL and opened a fake account. I checked the addresses folder in backend, this customer has no associated addresses. The "last email" is the automatic welcome message for account creation. I really don't see any purpose. Newsletters can't be registered (I removed that option from registration), and birthdate can't be entered (removed the fields from registration). So really just the bare minimum to register an email address in the shop's database was entered. I'm puzzled. Can't even see an IP address. For real accounts, I usually see the IP address for last connection.
  9. Thank you @joseantgv and @doekia. How can they send spam from my shop? The only email they would be able to generate should be the welcome message upon registration, or do I overlook something? The previously linked post from doekia looks good https://www.prestashop.com/forums/topic/981159-securite-spam-customer-account-solution-13-15/ @doekia which details would you like to know? I don't really plan on spending much time in solving this, also I don't want to make customer registration more difficult (I strongly dislike captchas) i'm mainly curious what people would want to get out of this.
  10. Hi community, I see a lot of new fake customer registrations in my shop. They are obviously fake, easily detectable due to random letter combinations instead of names. e.g. First Name: gHnfJCZoaIQ Last Name: ANKFDgUmTHJ and then some real-looking email address, like somebody stole an email address book and registered every email in my shop. So far I believe nothing negative has come about for me or my shop, and this has been going on for a while now. I just manually clean my customer database every now and then and go about my business. It's not something I have been worried about, and it's easier to keep things clean by hand than trying to find a module which takes care of this I think. But it makes me wonder: Why would anyone bother? Why is there somebody, or someone's bot, who populates my shop with fake customer accounts? What can they possibly get out of this? I just can't think of anything sensible right now. Thanks for opinions on this 🙂 Cheers
  11. Thanks for the reply! Got it. My main takeaway is: It isn't easy, needs coding. I'll leave it as is for now.
  12. Hi there, is there a way to create a link which sets the quantity of the product to something >1 ? The idea is this, putting it as an example, hope it generates some clarity about what I want to achieve. Misunderstanding is so easy so I try my best. I set a custom image on my frontoffice, which shows 3 items of the same type. This image receives a link. This link shall take the customer to the article detail page, AND set the quantity to 3 at the same time. This way, the customer will see the same number of items (as quantity) as they have previously seen on the image. I know that there is the concept of "sets of products" in prestashop, allowing a set to contain several products. Downside to this: You actually have to maintain every set individually, with images and text and price etc. - so you change something on the base product, you will go through all "sets". Given that I would only like to use sets which consist of muliples of the same product, and I already have the product page configured with discounts per quantity, it would be easier to just help the customer set the quantity with a minimum number of clicks. Currently I just make the discount schedule transparent to customers, and let them play with quantity. My request aims towards ease of use, and the option to create more fancy pictures for customers to click on, without having to create lots of sets (been there, discarded it.) So back to the question - is there a simple way of creating a link which carries the quantity of the item? Thanks!
  13. If anyone would have a hint on this, it would be appreciated. Without hints, I think I might replace the tables with manual tables. That would not be geolocation based any more but only language based, and of course wouldn't adjust if I ever change the prices. Not so nice but will do if this doesn't function. Right now it just has a tendency to be all wrong. Cheers
  14. Took me a while to figure out what this profiler is. Then I was glad to see I have a unicorn instead of a toaster! Load Time 173 ms - Unicorn powered webserver! Querying Time 22 ms Queries 119 Memory Peak Usage 11.3 Mb Included Files 469 files - 7.04 Mb PrestaShop Cache - Mb Global vars 0.29 Mb PrestaShop Version 1.7.4.4 PHP Version 7.2.12 (OK) MySQL Version 5.5.60-MariaDB (Consider upgrading) Memory Limit 128M Max Execution Time 30s Smarty Cache enabled Smarty Compilation force compile Fairly small shop and just setting it up new, running on bitpalace.com / bitpalast.net, german Hoster, I am not affiliated in any way with the hoster but out of the two I tried, they were faster. Maybe there is a better place to post individual experiences with hosters?
  15. Go to your initial post, click "edit", go to the subject line, and type SOLVED: in front of the subject line , then save. It should work.
×
×
  • Create New...