Jump to content

Malicious shopping cart creation


Recommended Posts

Hi, since a short time hundreds of shopping carts are created by unregistered customers. Every few seconds a new cart is created so I think there is an automatic process behind. 

 

I can block the suspected ip address and the creation stops, but often it starts again from other ip addresses.

 

Is there a possibility to on allow cart creation for registered customer? Or does anyone know of another solution for this problem?

 

Thanks

Werner

 

Link to comment
Share on other sites

These are crawlers. Some are just badly programmed, some others try to find weaknesses in the systems.

 

You can retrieve the IP address from your logfiles and block them using entries in the .htaccess file in the root of your shopsystem.

 

Example:

<Limit GET HEAD POST>
order deny,allow
Deny from env=spam_ref
Deny from .ro
Deny from .ru
Deny from .cn
Deny from .gn
Deny from .hu
Deny from .lv
Deny from .pe
Deny from .kp
Deny from .pl
Deny from 163data.com.cn
Deny from serverprofi24.de
Deny from 136.243.0.0/16
Deny from 144.76.0.0/16
Deny from 46.4.100.
Deny from 46.4.68.
Deny from 5.9.6.
Deny from 5.9.85.24
Deny from 88.198.
</Limit>

Tipps:

Whenever an IP address is not complete with its four pairs of digits, it will result in blocking the whol ip range.

Deny from 88.198. will block vom 88.198.0.0. to 88.198.255.255.

 

Blocking an entire country can be done like this:

Deny from .ru

 

However, bots or crawlers not using a hostname ending on .ru wouln't be blocked. Blocking countries by IP address range is not an option.

Edited by Scully (see edit history)
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...