Jump to content

Spam/Fake Order Issues?


Recommended Posts

Hi all,

 

I am new to Prestashop, installed a few days ago and have been very impressed with how it looks and what it can do.

 

All was going well until I logged in this evening to find that several hundred thosuand pounds worth of fake orders had been made by malicious users ... probably bots.

 

I have not even got as far as setting up a payment gateway yet (still populating the site with products) but after seeing this 'attack' it has caused me to loose a lot of confidence.

 

Interestingly, many of the products ordered were default products which I had actually disabled, which makes me wonder how they were able to add them to a cart and try to buy them.

 

Could someone explain what is going on here and preferably give me some information to rectify it.

Public URL is http://www.streetmotion.co.uk/shop/

 

Thanks!

Edited by doja (see edit history)
Link to comment
Share on other sites

Hi, 

 

are they just in the shopping cart or true orders and if so what payment method does order use?

 

I would look at http access log which for most hosting can be accessed from their hosting control account. 

 

Here you will see the actual activity and by whom.

 

Also posting your front office url in original post (you can delete later or use scramble url).

Link to comment
Share on other sites

if not diff email address

 

back office-->customers-->click delete customer

 

ps will then ask you if you want to allow them to recreate account or not recreate account

 

click not allow recreate account

 

also, make sure to check http access to find out what 'bot' is doing this, then you can find more info and also possibly block bad bot.

  • Like 1
Link to comment
Share on other sites

Thanks, I'll do that, but deleting that one user will not stop other people/bots exploiting the same weakness again.

 

What am I looking for in the log file?

 

Also how can I delete all these fake orders so they don't spoil my metrics? I have cancelled them all but the graph in my admin dashboard is still showing all the fake orders and I cant see how to delete them totally from the order list.

Edited by doja (see edit history)
Link to comment
Share on other sites

So it seems that either by default or by accident 'Demo Mode' was enabled. This amazing feature </sarcasm> puts in a bunch of fake orders so you you can see what the stats will look like once you have a few orders.

 

This can be turned off in the bottom right column of the Admin Panel/Dashboard.

 

The Fake orders can be removed using the PrestaShop Cleaner Module

Edited by doja (see edit history)
Link to comment
Share on other sites

×
×
  • Create New...