Deming Posted November 17, 2020 Share Posted November 17, 2020 We've just migrated hosting providers in a full cpanel to cpanel transfer. Today cubecart is reporting the following error when someone attempts a purchase: "Error getting token: java.lang.SecurityException: Invalid IP address _______" Everything was mirrored from the old location to the new server. I can see that cubecart is attempting to check against an allowed IP. Where can I find the IP address allowlist and update it to my new server IP? How to fix this? Thanks Link to comment Share on other sites More sharing options...
Al Brookbanks Posted November 17, 2020 Share Posted November 17, 2020 Stripe? Link to comment Share on other sites More sharing options...
Deming Posted November 17, 2020 Author Share Posted November 17, 2020 I've just taken over this project and the last developer had implemented cubecart so I wasnt sure where exactly this error was in the stack. Ok I'll look into the payment gateway. Couple of quick questions that would help me immensely. 1. Is there an easy way I can tell what the page is to admin login to cubecart, my cubecart is installed in this sort of location -- example.com/shop 2. So just to confirm CubeCart itself doesn't have any methods within it to block access based on an IP allowlist? Link to comment Share on other sites More sharing options...
bsmither Posted November 17, 2020 Share Posted November 17, 2020 Access the files and folders of your installation. Examine the contents of the file /includes/global.inc.php. Note the value of the $glob['adminFile'] variable. That is your entry to the admin of your installation. CubeCart, as stock, has no blacklists. What it does have is a brute-force blocker. (Cpanel has blacklists, and an after-market security plugin for CubeCart has blacklists and whitelists.) If a login attempt fails 5 times within 10 minutes (if I recall), then any further attempt from the same browser user-agent string, IP address, and location (not sure but probably means whether trying to login on the storefront or the admin backend) will be absolutely denied (even if finally used the correct user/pass) for 10 minutes. The error references java. That's not CubeCart. CubeCart and all of its plugins are pure PHP. So, the error may have come while visiting the remote server that CubeCart sent the customer to. Link to comment Share on other sites More sharing options...
bsmither Posted November 17, 2020 Share Posted November 17, 2020 Oh, and Welcome Deming! Glad to see you made it to the forums. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.