deanotune Posted October 14, 2017 Share Posted October 14, 2017 Hi folks. When I log in now (latest version) it shows 2 logins (See attached pic) , both admin (I am the only admin) but it also shows 2 different IP's. Also was checking the search logs and found this search term {search_term} ..... there were other for productsthat folks searched for but this one is a head scratcher. Any ideas ? Quote Link to comment Share on other sites More sharing options...
bsmither Posted October 15, 2017 Share Posted October 15, 2017 Are the Session Start times close together? Could it be that you first tried to access your admin using admin.php or /admin/index.php? Recent versions of CubeCart will cause a 404 response for that. But I have no answer for the different IP addresses. On the other hand, I have seen some weird stuff in error_logs I have examined. Quote Link to comment Share on other sites More sharing options...
deanotune Posted October 15, 2017 Author Share Posted October 15, 2017 10 minutes ago, bsmither said: Are the Session Start times close together? No one is for today and the other is for the 27th Sept 10 minutes ago, bsmither said: Could it be that you first tried to access your admin using admin.php or /admin/index.php? Recent versions of CubeCart will cause a 404 response for that. No log in through the admin control panel login in thing which uses http://www.outbackherbsandspices.com.au/admin_m***7.php (Stars used to block actual address) 10 minutes ago, bsmither said: But I have no answer for the different IP addresses. On the other hand, I have seen some weird stuff in error_logs I have examined. Yea got me baffled. Thanks for the reply. I will fiddle some more and see what I find Dean Quote Link to comment Share on other sites More sharing options...
bsmither Posted October 15, 2017 Share Posted October 15, 2017 Some of the weird things involved mobiles in some fashion. (I don't do this, so I cannot say for sure) It may be the case that the browser on the mobile device had logged in, did some stuff, etc, while using the data plan. Then, later, the browser, still having the logged in cookie, but now using Wi-Fi, accessed your site. The IP would be different, but use the same cookie. (Again, just a wild guess.) Quote Link to comment Share on other sites More sharing options...
deanotune Posted October 15, 2017 Author Share Posted October 15, 2017 Cheers. I dont use a mobile (hate the dam things - yea I am old fella) Is there a way to close this old session manually? Dean Quote Link to comment Share on other sites More sharing options...
bsmither Posted October 15, 2017 Share Posted October 15, 2017 It's easy but the process requires direct access to the database. In CubeCart_sessions, find the record that has the IP address you want gone. Delete the row(s). Unless someone with that cookie value (session_id) is making page requests, it should disappear eventually anyway - maybe a week? Quote Link to comment Share on other sites More sharing options...
Al Brookbanks Posted October 16, 2017 Share Posted October 16, 2017 Hopefully it's not related to this: https://forums.cubecart.com/topic/52932-cubecart-6112-released-critical-security-update/ Please; make sure this store is patched. change the name of the admin_xxxxxx.php file and reflect the change in the includes/global.inc.php file. check for any administrator accounts that you don't recognise them and delete them if there are any. change your administrator password. Quote Link to comment Share on other sites More sharing options...
keat Posted October 17, 2017 Share Posted October 17, 2017 I had this previously on a V3 site, it took me weeks to figure out that the host was running cloudflare. Might be worth checking. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.