Jump to content

Error getting token: java.lang.SecurityException: Invalid IP address


Recommended Posts

We've just migrated hosting providers in a full cpanel to cpanel transfer.

Today cubecart is reporting the following error when someone attempts a purchase:

"Error getting token: java.lang.SecurityException: Invalid IP address _______"


Everything was mirrored from the old location to the new server.

I can see that cubecart is attempting to check against an allowed IP.

Where can I find the IP address allowlist and update it to my new server IP?

How to fix this?




Link to comment
Share on other sites

I've just taken over this project and the last developer had implemented cubecart so I wasnt sure where exactly this error was in the stack.

Ok I'll look into the payment gateway.

Couple of quick questions that would help me immensely.

1. Is there an easy way I can tell what the page is to admin login to cubecart, my cubecart is installed in this sort of location --  example.com/shop

2. So just to confirm CubeCart itself doesn't have any methods within it to block access based on an IP allowlist?

Edited by Deming
Added info
Link to comment
Share on other sites

Access the files and folders of your installation. Examine the contents of the file /includes/global.inc.php. Note the value of the $glob['adminFile'] variable. That is your entry to the admin of your installation.

CubeCart, as stock, has no blacklists. What it does have is a brute-force blocker. (Cpanel has blacklists, and an after-market security plugin for CubeCart has blacklists and whitelists.)

If a login attempt fails 5 times within 10 minutes (if I recall), then any further attempt from the same browser user-agent string, IP address, and location (not sure but probably means whether trying to login on the storefront or the admin backend) will be absolutely denied (even if finally used the correct user/pass) for 10 minutes.

The error references java. That's not CubeCart. CubeCart and all of its plugins are pure PHP. So, the error may have come while visiting the remote server that CubeCart sent the customer to.


Edited by bsmither
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Create New...