Shoot, my bad. Thanks for the heads up!Quote:
Originally Posted by lat9
Printable View
Shoot, my bad. Thanks for the heads up!Quote:
Originally Posted by lat9
I installed Access Blocker and attempted to go to the ipdata dot co site, and my service provider is blocking it because they say it tracks data. I was able to get to the site by taking my phone off wi-fi and using cellular data. Just a heads up if any of you run into that.
Question--I added sectorid dot com to the host address list, and just got another attempted order from an email address on that host. I'd have thought sectorid by itself would have been enough but I entered the .com just in case. Is that the wrong place to put it?
Also, I enabled the log. Do I understand correctly that I will have to wait a month to see anything there?
If you want to block all accesses using an email address of [email protected], you'll just enter @sectorid.com as one of the restricted email addresses.Quote:
Originally Posted by HeleneWallis
Logs are written at the time an event is detected to a file whose name changes on a monthly basis.
Thanks, I missed needing to include the @ sign.
One other question--I'm still getting flooded with fraudulent attempted orders. They aren't even bothering to use real addresses (or even addresses that look genuine). I do not see how to determine the ip addresses these are coming from. I know a lot of them are coming from the same person, even though they're using different names and addresses, because most of the email addresses are redirecting to a single address. If I could get that person's ip address, I could hopefully stop them from creating new accounts every day. Is there any way in Zencart to find that or am I going to look at my host's logs?
I found the log for Access Blocker and some attempted orders were blocked. It said those orders came through guest checkout, though, and I don't even have that. So I'm not sure how anyone could be using it.
I can't remember when it was introduced, but zc210 for sure displays the IP address with which an order was placed when viewing an order's details in the admin.Quote:
Originally Posted by HeleneWallis
Yes, but these are orders that were declined by my credit card processor. So they don't show up in ZC at all.Quote:
Originally Posted by lat9
I looked through my configuration settings again and I see that I did install One Page Checkout at some point in the past. It is not enabled, but it does have a guest checkout option. How that is being utilized by these people I don't know, but I went into the Disallowed Pages section, where it says "Do not include the login, create_account, password_forgotten or logoff pages in this list!" and added the login and create_account pages anyway. I do not know whether that will do anything to stop these constant new accounts, since One Page Checkout is not enabled, but if they are somehow managing to access the guest checkout, perhaps that will stop them from creating new accounts. I've deleted some accounts over and over and they just keep coming back.