Post by LorenaUY » Sun Jul 25, 2021 8:39 am

Hi, I need help...
Fresh installation of OC 3.0.3.7 and the same happens to me with OC 2.3.0.2.

Error message:
<script> document.cookie = "humans_21909 = 1"; document.location.reload (true) </script>

Example .. a visitor enters the store, select and add a product to the cart, goes to checkout, the system tells him to log in or register ... When registering, the error appears.

(If you already registered and log in, everything is fine or if you use the link in the upper menu to register everything is correct.)

As a test ... https: //test-zone.ml/

I have looked everywhere, I contacted the hosting support and they could not solve it, many solved it from the hosting ... mine says that it can not ... and they suggest me to change the name of register.php by registration.php and its dependencies ... but I don't know where it is and what its dependencies are ...

How can I solve this??

PS: Some disable mod_security in .htaccess... but does not work for me..

<ifmodule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
</ifmodule>

Thanks!!

New member

Posts

Joined
Fri Jan 27, 2017 9:23 pm

Post by by mona » Sun Jul 25, 2021 11:07 am

Screen-Shot-2021-07-25-at-04.04.20.png

Screen-Shot-2021-07-25-at-04.04.20.png (78.32 KiB) Viewed 841 times


DISCLAIMER:
You should not modify core files .. if you would like to donate a cup of coffee I will write it in a modification for you.


https://www.youtube.com/watch?v=zXIxDoCRc84


User avatar
Expert Member

Posts

Joined
Mon Jun 10, 2019 9:31 am

Post by JNeuhoff » Sun Jul 25, 2021 9:29 pm

How can I solve this??
By giving us proper details of your problem description, such as OC version, extensions installed, web theme, site URL etc.

In a standard OpenCart 3.0.3.7 none of its files contain something like 'document.cookie', and I am unable to reproduce your error.

Export/Import Tool * SpamBot Buster * Unused Images Manager * Instant Option Price Calculator * Number Option * Google Tag Manager * Survey Plus * OpenTwig


User avatar
Guru Member

Posts

Joined
Wed Dec 05, 2007 3:38 am


Post by ADD Creative » Sun Jul 25, 2021 9:57 pm

LorenaUY wrote:
Sun Jul 25, 2021 8:39 am
I have looked everywhere, I contacted the hosting support and they could not solve it, many solved it from the hosting ... mine says that it can not ... and they suggest me to change the name of register.php by registration.php and its dependencies ... but I don't know where it is and what its dependencies are ...

How can I solve this??

PS: Some disable mod_security in .htaccess... but does not work for me..

<ifmodule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
</ifmodule>

Thanks!!
It's a hosting issue, if your host won't help and you can't manual switch off the WAF in your hosting. Your only option is probably to change host.

www.add-creative.co.uk


Expert Member

Posts

Joined
Sat Jan 14, 2012 1:02 am
Location - United Kingdom

Post by LorenaUY » Sun Jul 25, 2021 10:40 pm

ADD Creative wrote:
Sun Jul 25, 2021 9:57 pm
LorenaUY wrote:
Sun Jul 25, 2021 8:39 am
I have looked everywhere, I contacted the hosting support and they could not solve it, many solved it from the hosting ... mine says that it can not ... and they suggest me to change the name of register.php by registration.php and its dependencies ... but I don't know where it is and what its dependencies are ...

How can I solve this??

PS: Some disable mod_security in .htaccess... but does not work for me..

<ifmodule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
</ifmodule>

Thanks!!
It's a hosting issue, if your host won't help and you can't manual switch off the WAF in your hosting. Your only option is probably to change host.
Thanks!!!

New member

Posts

Joined
Fri Jan 27, 2017 9:23 pm

Post by LorenaUY » Sun Jul 25, 2021 10:48 pm

JNeuhoff wrote:
Sun Jul 25, 2021 9:29 pm
How can I solve this??
By giving us proper details of your problem description, such as OC version, extensions installed, web theme, site URL etc.

In a standard OpenCart 3.0.3.7 none of its files contain something like 'document.cookie', and I am unable to reproduce your error.
Really???

I do not agree.
In my post clearly experss..OC 3.0.3.7… clearly express fresh install obviously without any extensions.
As it is a clean installation, the theme is the one that comes by default.

The url is in the post.
And it has been reviewed from many computers and the error always appears if you follow the steps I mentioned, no more, no less.
In conclusion, you have not read the post and you went to answer without seeing everything.

New member

Posts

Joined
Fri Jan 27, 2017 9:23 pm

Post by straightlight » Sun Jul 25, 2021 11:47 pm

LorenaUY wrote:
Sun Jul 25, 2021 10:48 pm
JNeuhoff wrote:
Sun Jul 25, 2021 9:29 pm
How can I solve this??
By giving us proper details of your problem description, such as OC version, extensions installed, web theme, site URL etc.

In a standard OpenCart 3.0.3.7 none of its files contain something like 'document.cookie', and I am unable to reproduce your error.
Really???

I do not agree.
In my post clearly experss..OC 3.0.3.7… clearly express fresh install obviously without any extensions.
As it is a clean installation, the theme is the one that comes by default.

The url is in the post.
And it has been reviewed from many computers and the error always appears if you follow the steps I mentioned, no more, no less.
In conclusion, you have not read the post and you went to answer without seeing everything.
PS: Some disable mod_security in .htaccess... but does not work for me..

Code: Select all

<ifmodule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
</ifmodule>
While you are correct, regarding the OC version and no extensions installed that was mentioned on your first post, the part where no more, no less would need a little bit more is about Some disable mod_security ... and does not work . What happens between the two results whether you use these modifications in your .htaccess or not?

Dedication and passion goes to those who are able to push and merge a project.

Regards,
Straightlight
Programmer / Opencart Tester


Legendary Member

Posts

Joined
Mon Nov 14, 2011 11:38 pm
Location - Canada, ON

Post by LorenaUY » Mon Jul 26, 2021 12:10 am

straightlight wrote:
Sun Jul 25, 2021 11:47 pm
LorenaUY wrote:
Sun Jul 25, 2021 10:48 pm
JNeuhoff wrote:
Sun Jul 25, 2021 9:29 pm


By giving us proper details of your problem description, such as OC version, extensions installed, web theme, site URL etc.

In a standard OpenCart 3.0.3.7 none of its files contain something like 'document.cookie', and I am unable to reproduce your error.
Really???

I do not agree.
In my post clearly experss..OC 3.0.3.7… clearly express fresh install obviously without any extensions.
As it is a clean installation, the theme is the one that comes by default.

The url is in the post.
And it has been reviewed from many computers and the error always appears if you follow the steps I mentioned, no more, no less.
In conclusion, you have not read the post and you went to answer without seeing everything.
PS: Some disable mod_security in .htaccess... but does not work for me..

Code: Select all

<ifmodule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
</ifmodule>
While you are correct, regarding the OC version and no extensions installed that was mentioned on your first post, the part where no more, no less would need a little bit more is about Some disable mod_security ... and does not work . What happens between the two results whether you use these modifications in your .htaccess or not?
I have done it in .htaccess and it has not worked for me.Nothing changed..with or without this lines in htaccess

New member

Posts

Joined
Fri Jan 27, 2017 9:23 pm

Post by straightlight » Mon Jul 26, 2021 12:40 am

LorenaUY wrote:
Mon Jul 26, 2021 12:10 am
straightlight wrote:
Sun Jul 25, 2021 11:47 pm
LorenaUY wrote:
Sun Jul 25, 2021 10:48 pm


Really???

I do not agree.
In my post clearly experss..OC 3.0.3.7… clearly express fresh install obviously without any extensions.
As it is a clean installation, the theme is the one that comes by default.

The url is in the post.
And it has been reviewed from many computers and the error always appears if you follow the steps I mentioned, no more, no less.
In conclusion, you have not read the post and you went to answer without seeing everything.
PS: Some disable mod_security in .htaccess... but does not work for me..

Code: Select all

<ifmodule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
</ifmodule>
While you are correct, regarding the OC version and no extensions installed that was mentioned on your first post, the part where no more, no less would need a little bit more is about Some disable mod_security ... and does not work . What happens between the two results whether you use these modifications in your .htaccess or not?
I have done it in .htaccess and it has not worked for me.Nothing changed..with or without this lines in htaccess
Contact your host to disable MOD security and see if that solves the issue.

Dedication and passion goes to those who are able to push and merge a project.

Regards,
Straightlight
Programmer / Opencart Tester


Legendary Member

Posts

Joined
Mon Nov 14, 2011 11:38 pm
Location - Canada, ON

Post by by mona » Mon Jul 26, 2021 1:16 am

This is not an unknown issue. Since you have tried your host and disabling mod_security in your htaccess you probably did search and do understand the problem.

It wants to set a cookie named humans_21909
After you have that cookie, all is well.
That is either from your host or from CF.
Probably their way to determine whether you are a bot (as those do not set a cookie) triggered by terms like "register" etc.
My bet is on your host, if they say it is not their problem then they are the problem.
viewtopic.php?t=217547

Have you tried all the other suggestions?
https://stackoverflow.com/questions/559 ... dtrue-scri

otherwise you are left with changing hosts.

DISCLAIMER:
You should not modify core files .. if you would like to donate a cup of coffee I will write it in a modification for you.


https://www.youtube.com/watch?v=zXIxDoCRc84


User avatar
Expert Member

Posts

Joined
Mon Jun 10, 2019 9:31 am

Post by LorenaUY » Mon Jul 26, 2021 2:35 am

by mona wrote:
Mon Jul 26, 2021 1:16 am
This is not an unknown issue. Since you have tried your host and disabling mod_security in your htaccess you probably did search and do understand the problem.

It wants to set a cookie named humans_21909
After you have that cookie, all is well.
That is either from your host or from CF.
Probably their way to determine whether you are a bot (as those do not set a cookie) triggered by terms like "register" etc.
My bet is on your host, if they say it is not their problem then they are the problem.
viewtopic.php?t=217547

Have you tried all the other suggestions?
https://stackoverflow.com/questions/559 ... dtrue-scri

otherwise you are left with changing hosts.
I want to try the option of: viewtopic.php?t=208851#p787401
to change the name of register to registration and its dependencies.

I do not know if the way I will do it will be correct ...
I will launch the search in all the files and its content has the word register and I will change it to registration. Should I do it like this?
Or what files should I change (rename) to?

New member

Posts

Joined
Fri Jan 27, 2017 9:23 pm

Post by by mona » Mon Jul 26, 2021 3:00 am

Well it would be worth a try to use SEO urls ..

DISCLAIMER:
You should not modify core files .. if you would like to donate a cup of coffee I will write it in a modification for you.


https://www.youtube.com/watch?v=zXIxDoCRc84


User avatar
Expert Member

Posts

Joined
Mon Jun 10, 2019 9:31 am

Post by LorenaUY » Mon Jul 26, 2021 3:54 am

by mona wrote:
Mon Jul 26, 2021 3:00 am
Well it would be worth a try to use SEO urls ..
Enable the URL (SEO) but it was not fixed ...

I have found a solution that although it is not the best, it does its job without problems. At least until there is another solution ..

I removed from:
catalog \ view \ theme \ default \ template \ checkout \ login.twig

The Continue link .. to register a new account ..
Instead I put:

<a href="https://xxxxxxxxxx/index.php?route=account/register"" class="btn btn-primary"> New User Registration </a>

Then send the visitor back to the cart ... and by continuing you go to Step 2 ....

Anyone have another solution to improve this?

New member

Posts

Joined
Fri Jan 27, 2017 9:23 pm

Post by by mona » Mon Jul 26, 2021 4:49 am

“Enabling" SEO urls in standard OC does not effect the urls for the checkout section

DISCLAIMER:
You should not modify core files .. if you would like to donate a cup of coffee I will write it in a modification for you.


https://www.youtube.com/watch?v=zXIxDoCRc84


User avatar
Expert Member

Posts

Joined
Mon Jun 10, 2019 9:31 am

Post by LorenaUY » Mon Jul 26, 2021 4:58 am

by mona wrote:
Mon Jul 26, 2021 4:49 am
“Enabling" SEO urls in standard OC does not effect the urls for the checkout section
In your previous post I thought you told me to do that ... ups...

New member

Posts

Joined
Fri Jan 27, 2017 9:23 pm

Post by paulfeakins » Mon Jul 26, 2021 5:40 pm

So is Mod Security disabled or not? Just because you tried to disable it in .htaccess means nothing - check with the host to see if it's really disabled.

UK OpenCart Hosting | OpenCart Audits | OpenCart Support - please email info@antropy.co.uk


User avatar
Guru Member
Online

Posts

Joined
Mon Aug 22, 2011 11:01 pm
Location - London Gatwick, United Kingdom

Post by LorenaUY » Tue Jul 27, 2021 2:17 am

paulfeakins wrote:
Mon Jul 26, 2021 5:40 pm
So is Mod Security disabled or not? Just because you tried to disable it in .htaccess means nothing - check with the host to see if it's really disabled.
Hi Paul,
Without speaking out loud, the hosting provider acknowledges that it comes from their part and according to them ... "the qualified technical group is working hard on it" ... hahaahha.
Meanwhile what I did was the above mentioned so the site keeps working.

According to them they disabled the Firewall and it did not solve anything, before they add to .htaccess and obviously it did not solve anything either ...

New member

Posts

Joined
Fri Jan 27, 2017 9:23 pm

Post by straightlight » Tue Jul 27, 2021 2:25 am

If even your host cannot solve this issue and the issue is really related on their end, then switching host might be the best option at this point.

Dedication and passion goes to those who are able to push and merge a project.

Regards,
Straightlight
Programmer / Opencart Tester


Legendary Member

Posts

Joined
Mon Nov 14, 2011 11:38 pm
Location - Canada, ON
Who is online

Users browsing this forum: ravikumar22 and 79 guests