Jump to content


  • Posts

  • Joined

  • Last visited

  • Days Won


Everything posted by keat

  1. Hi Brian. Could you explain how your script works please. Could this cause problems for legitimate customers. Also, any ideas how this bot has circumvented Re-Capture ? As an experiment, I deleted and recreated my recapture key yesterday.
  2. These things still keep coming. Any ideas how or how to stop them. https://www.cabletiefan.co.uk/images/spoofed.jpg
  3. Got another one yesterday. There's a class B subnet pattern emerging 212.92.x.x Since monitoring, I've seen 114, 116 and 117 class C's. We have no customers in any of these subnets, so I blocked the subnets in my firewall for now.
  4. Unless they are doing this manually, i'd like to know how the circumvented captur. Here's another one.
  5. I wrote to Daren on the 7th of March regarding one of his mods. I received a reply the same day.
  6. Instead of just deleting these, I'm now blacklisting the IP's, see if there's a pattern in there also.
  7. Looking for newsletter sign up and it doesn't appear on my home page, but the link (if I type it in manually) is still live. index.php?_a=newsletter. However, this appears to only contain an email address, so it's not this. If I log in to the cart back end, choose 'customer list', it will be in there. Sticks out like a sore thumb due to the pattern. I alredy deleted the recent entry, so there would be nothing to see. I'm using Recapture V2, maybe I should consider V3, is there any code for this ?
  8. Where is this ? I don't recall seeing it, maybe I removed it at some point in the past. Mican skin by the way
  9. Recapture is switch on, so I'm guessing they circumvented it.
  10. New accounts are created daily, but about once per week I see a pattern, which I'm guessing is some form of malicous attack, but I've no idea what. A new account will be created where the surname is identical to the christian name. In the most recent example LydiaTrucTSO LydiaTrucTSO. There's never an address in the account, no order is ever placed, it usually has a russian TLD in the email, and the IP generally points to the Netherlands, although I've seen Russia, Belarus and Ukrane, which are now blocked on my server. I've no idea what it is they are trying to do when creating an account, and as the pattern is always the same, I'm assuming it's a BOT of some sort. any thoughts as to what might be going on ? [04/Mar/2019:19:20:05 +0000] "GET /index.php?seo_path=lubrication-cleaning%2Fgrease%2Fcopper-thread-compound-500g HTTP/1.0" 200 27391 "https://www.mydomain.com/index.php?seo_path=lubrication-cleaning%2Fgrease%2Fcopper-thread-compound-500g" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.170 Safari/537.36 OPR/53.0.2907.99" [04/Mar/2019:19:20:06 +0000] "GET /register.html?agreed=true HTTP/1.0" 200 21478 "https://www.mydomain.com/register.html?agreed=true" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.170 Safari/537.36 OPR/53.0.2907.99" [04/Mar/2019:19:22:40 +0000] "POST /register.html?agreed=true HTTP/1.0" 302 - "https://www.mydomain.com/register.html?agreed=true" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.170 Safari/537.36 OPR/53.0.2907.99" [04/Mar/2019:19:22:41 +0000] "GET /?_a=account HTTP/1.0" 200 20048 "https://www.mydomain.com/?_a=account" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.170 Safari/537.36 OPR/53.0.2907.99" [04/Mar/2019:19:22:41 +0000] "GET /register.html?agreed=true HTTP/1.0" 302 - "https://www.mydomain.com/register.html?agreed=true" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.170 Safari/537.36 OPR/53.0.2907.99" [04/Mar/2019:19:22:42 +0000] "GET /index.php?seo_path=lubrication-cleaning%2Fgrease%2Fcopper-thread-compound-500g HTTP/1.0" 200 27462 "https://www.mydomain.com/index.php?seo_path=lubrication-cleaning%2Fgrease%2Fcopper-thread-compound-500g" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.170 Safari/537.36 OPR/53.0.2907.99" [04/Mar/2019:19:22:43 +0000] "GET /index.php HTTP/1.0" 200 30029 "https://www.mydomain.com/index.php" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.170 Safari/537.36 OPR/53.0.2907.99"
  11. I believe I may have done this before, but only on one site. Thanks again.
  12. Customers are lazy and won't do that They kick off when we send the goods to the incorrect delivery address (quite rightly), then blame thier lazyness on us. Can you find the image name using developer tools or page source ?
  13. Can I ask if Braintree works the same way as PayPal Express. Express will over write the delivery address in the cart to what it has on file at PayPal. Does Braintree do the same, as this cuses problems for us.
  14. I removed the prices from the table Cubecart_pricing_group and removed the customer group. Considering it used to be £3.75, I doubt it was hacked, and as for the clone product, this is definately feasible, as I quite often clone products when they are similar. I recall about 2 years ago when Orange closed a number of tld's, using PHP admin, and identified all the Orange customers adding them to a group. The intention being, that we could later identify the ones who had not updated thier email address or returned. I would have also done this en mass as an export, modify, import to save time. I wouldn't have given these customers any special prices though. Every year, we have a major pricing restructure and a number of new lines added. The boss having OCD wants all this to happen on New Years day, so I get around this by working on an exact mirror image of the site for about 10 weeks prior. Then on New Years Day, I copy over the inventory and options tables of the database. Still none the wiser how these cutomers got the old prices though. (there were about 1800 entries in the Datbase table)
  15. On one of my sites I can see sales statistics, but in another I can't. The graph appears, but shows no sales, unless I edit the database and change all the orders from processing to completed. Is there a setting somewhere which switches this feature on, or did I maybe do a code edit on the site which works. The only difference I can see, the site which works has email notify at processing, the one which dosn't has email notify at pending.
  16. Interesting. Logging in as the customer, the prices do show as £3.75 and not £4.15. It seems that he's a member of an old experimental customer group, however, I'm not aware that this group had any discounts. To be honest, I'd forgotten that the group even existed. I recall that the group was set up about 2 years ago when orange closed a number of email domains. Any ideas how these prices might have come about ? I'm also surprised that it's taken this long to come to light.
  17. No customer groups. one price fits all unless we run a promo.
  18. We had an order on the cart where a product has the wrong price. It should be £4.15, but the customer has been charged £3.75, and I can't quite figure out why or how. There are no discounts applied, the price is correct in the cart, taxes are correct etc. If I place an order, it comes out at £4.15. I can sort of explain where the £3.75 came from, but not why this product was accepted by the cart at £3.75. This is a newish product. When the product was created it was cloned from it's sister part. We used to sell it in red at £3.75, then earlier this year we introduced it in yellow but also increased the price to £4.15. This introduction and price change happened in January. It is a part in it own right and not a product option. Any thought's................. I don't mind how wild an idea it is.
  19. The store can be set to send the email when the order changes to one of two states. Pending: This is where the customer commits to buying, but doesn't then follow through to the gateway, (paypal etc). Maybe he didn't click the gateway, he backed out, maybe the gateway couldn't connect, or even the customer got to the gateway and decided not to pay or couldn't pay. Until a successful payment is made, the order will remain pending. Processing: (which is what I suspect you have set) This is where the customer completed the sale and made a successful payment. The store won't email you for both steps though, its one or the other. (Email sent at the pending stage or processing stage) With notify at processing , you run the risk of losing a sale if you don't keep an eye on the cart. (customer never paid, order still pending, no emails sent) However, with notify at pending, you run the risk that the customer could go back and change his order after you recieved the email. (the store will email one time only) In both instances, you can't fully rely on the email notification, you do need to keep an eye on the cart.
  20. inside documents section, find your home page and edit it. Inside the search engine tab should be where this is being pulled from unless you did any manual code edits somewhere.
  21. I can't see it. did you clear your browser cache ? take that back, yes I can. in the browser title, not the actual web page. Check the SEO tabs sections of your homepage.
  22. After many hours of trial and error, I wrote a hook which has worked well for two years or more. Just modify the PHP code to the minimum order value (in my case £15.00) Go to manage hooks/code snippets and then choose add a code snippet. Insert the data below in to the appropriate fields, ensure the snippet is enabled. Unique ID: [email protected] Execution Order: 1 Description: Disable checkout until Min-Max order Value is reached Trigger: class.cubecart.display_basket PHP Code: <?php $upper_val=15.00; $lower_val=0; $value = number_format($upper_val, 2); if($GLOBALS['cart']->basket['subtotal'] > $lower_val && $GLOBALS['cart']->basket['subtotal'] < $value) { $GLOBALS['gui']->setError ('Our minimum net order value is '.$value.'.'); $GLOBALS['smarty']->assign('DISABLE_CHECKOUT_BUTTON', true); } ?> Version: 2.0 Author: Keat
  23. keat


    In the case of the closed down comments site, I would have just deleted the email addresses and IP's (if gathered). A user name isn't particluarly identifiable, some may argue that it is, however, i'd struggle to work out who, dirty butter is. If a user is foolish enough to put his full name and address online, in a comments field in full view, then that's his own fault, you can't be expected to proactively audit this. With so much confusion about consent, some believing it's required, others believing not so, we are not seeking any consent. Microsoft, Google, Spotify, ITV, BBC even ACAS haven't specifically asked for consent to contact me, they've just sent me links to thier updated privacy policy. We don't purchase mailing lists, we learnt a long time ago that they are just harvested rubbish with little return. For this reason, we are also not seeking consent, instead choosing 'legitimate reasons' as our basis to contact our customers. We have created a new privacy policy, which is clearly linked on our web site, it's linked in all email communications from all staff, and linked on the bottom of each customer invoice. When we run our seasonal mailing campaign, there will be reference to it in there, and I guess when we send our next years catalogue, GDPR will be mentioned. It seems, more emphasis has been more about consent, than actual data protection. In fact we received an email this morning from a customer or supplier stating that they inadvertantly divulged email addresses on a recent correspondance. Without me delving too deeply, I wouldn't be surprised if the CC'd thier own privacy policy to a huge list rather than BCC. I wonder how many customers or suppliers may think that it's now illegal to call us to order something because they didn't seek our consent.
  24. keat


    email today from ACAS, with no reference to me consenting or opting in. Hopefully, everything will be back to normal on Monday. Hello In line with GDPR, we have updated our privacy policy which can be viewed on our website We look forward to contacting you in the future, however if at any time you would like to stop receiving communications please unsubscribe using the links provided within our emails.
  • Create New...