I've recently transitioned from an Android device to an iPhone and I'm struggling to find a suitable alternative to the Zen Cart Mobile Assistant app. ...
Type: Posts; User: marcopolo
I've recently transitioned from an Android device to an iPhone and I'm struggling to find a suitable alternative to the Zen Cart Mobile Assistant app. ...
Recap and Solution I Implemented in v2.0.7 for the Meantime:
Problem:
During testing, I faced difficulties with the spider detection feature in Zen Cart. Specifically, the utilization of the...
I checked that I think it's good from the program flow I referenced:
https://docs.zen-cart.com/dev/code/program_flow/
Set up and start session if valid session is above where this module comes in...
I have been testing the spider detection functionality in Zen Cart to recognize my user agent string as a spider. However, I'm experiencing unexpected behavior and the spider detection does not seem...
I stumbled on that during my debugging and my settings are inline with that:
Based on my settings (SESSION_FORCE_COOKIE_USE = false and SESSION_BLOCK_SPIDERS = true), the spider detection code...
This may be an alternative way detect spiders:
// Skip API call for known spiders if enabled
$user_agent = $_SERVER['HTTP_USER_AGENT'];
$spiders_file = DIR_WS_INCLUDES ....
For testing purposes, I've hardcoded my IP address ('xxx.xxx.xxx.xxx') and manually set $spider_flag to true. The intention is to simulate a scenario where a known spider accesses the website.
...
Yes that is the intent, if you allow spiders then this will allow you to avoid an api call check for them, if you do not allow them then the module checks their ip like any other users ip for an...
That is not the issue, the module creates a few different logs which are all working fine. It is just this spider detection one not being created. The log file setting is set within the admin setting...
I'm facing an issue with the spider detection code. The purpose of this code is to detect spiders/crawlers, if enabled will bypass the api call and creates a log log if enabled as well. However, I've...
The latest v2.0.4 release of the AbuseIPDB module is now live on GitHub. This update introduces a new feature that allows you to enable or disable known spiders from bypassing IP checks....
Are you on v2.0? Switched from session caching to database caching for improved performance and reliability.
Here is the GitHub link: https://github.com/CcMarc/AbuseIPDB.git
Great solution this modification in the code introduces an additional check to prevent unnecessary IP abuse checks.
If the current page is a 'page_not_found', the IP abuse check will be skipped....
Yes, the plugin caches both clean and abusive IPs. It only makes an API call if the abuse score is not in the cache or if it has expired.
Your perfectly fine then, apologies for the oversight regarding the index page. I wasn't aware that it loaded on every page. I use one of those SEO page optimizers that rename all my pages to .html...
That is fine for the index page however if one enters on a different page your not protected, that is why it is added to the tpl_header.php page since that will load on every page no matter the entry...
Thank you glad you like it!
In regards to the redirect page I guess I thought giving it no information was better but maybe 410 option is better since it would indicate that the content is...
That file jscript_framework.php is part of zencart, I have the same file and it works on my store so I do not think it is that. Check the two files I outlined the previous post. If those are modified...
I would check your tpl_header.php and tpl_main_page.php files against their originals and see if any modification made to them is causing the issue.
The issue is that you're encountering a...
I'm not sure why your receiving that error, try this file in place of the one your using now and see if it resolves the issue, see attached AbuseIPDBO_custom_file.zip
Let me know what module is using the file: jscript_framework.php as it is not part of this modules files, if you can upload the file here so I can take a look at the code and see what it is doing.
This is a common PHP error that usually happens when you attempt to send a HTTP header after some output has already been sent to the browser.
In this case, the output has been started at file...
It did a good job I think, it is working great. It was done with ChatGPT-4
Here is the module: AbuseIPDBO v1.0.0
I've developed a new module that integrates AbuseIPDB with Zen Cart, and I'm making it available for everyone to use.
What is AbuseIPDB? It's a community-based project that collects and shares...
Two more feature ideas I had for this module.
1: Allow customer to set a default card to be auto selected at checkout if they have multiple cards saved.
2: If an ADMIN is placing the order give...
In my particular case we do not access user accounts or admin control panel outside a set of ips so the ip restriction would be great for us. I will look at the two-factor authentication however...
It's not an option from what I see but would be a nice feature. It would give an extra layer of security to restrict master password use to certain ips only. As it is now if someone were to find out...
1: Real world use in my companies case is sometimes customers will state that they selected a shipping address and that we sent it to the wrong address and this is just another way to confirm what...
Can login as admin for this mode be restricted to a set of ip address only? So for example if trying to login using the master password from an IP address not listed in a setting config then it will...
Ok no problem I submitted the code changes on there and added the remaining billing address update issue there as well.
I did not see anyplace to add the three feature recommendations let me know...
The following are just recommendations for a future update to this module:
1: The billing address address book id is not being saved so when you go to update a credit card you do not know which...
Great thank you. Below fixes the one issue where the company name is not being populated when adding a new address from the update_card page.
Around line 603 added the line that is in green below:...
Another Bug:
If you try to update the billing address from the card_update page it does not change it on Authorize.net CIM online profile. You can update the credit card expiration date from...
Found a bug:
If a credit card that was previously used to make an order and customer choose NOT to save it then looking at the table customers_cc the enable field is N which hides the card from...
For the setting Validation Mode (liveMode validates cardInfo) what should it be set to? None or Livemode
I set it to Livemode initially but that generates two transitions per sale one the actual...
Just saw the following notice from Amazon which will affect both these modules so I would not use them since they are not going to work after Dec. 2023:
...
I tried it and it works however I would not use it as it is right now. There is no check in place to see if a customers email is used already within zencart. Testing it out it would just create...
The Access Blocker module seems to be working great my spam on the contact us page is almost zero. I would suggest adding an option to check all incoming traffic and if the ip is a know spammer or...
Bot is gone so had to test on myself and it worked perfect! Thank you for your help!
This bot is still on my site using a different IP address every so many seconds but the session id is the same so I'm thinking that we should have a way to block by session id. I'm trying to modify...
Tried this too and it does not work, can anyone help on this have active bot that I need to block.
if zen_session_id() == xxxxxxxxxxxxxxxxxxx{
@header("HTTP/1.1 410 Gone");
exit();
}
Ok forget the above the ip is changing it's the session id that I need to block. Trying the below but it is not working:
<?php
if ($_SESSION['SSL_SESSION_ID'] == 'XXXXXXXXXXXXXXXXXXXXX) {
...
The below code should work but it is not. I believe the issue is it is not able to fetch the customers host address. Is there a statement that needs to go before the if statement to make this work?
...
Trying to block a bot that is changing it's ip address but the host name is staying the same. The Block Bad Bot module BBB.zip can it be modified to instead of blocking based on the user agent block...
Has anyone integrated AbuseIPDB to auto block abusive ip addresses?
That worked! Thank you!
I would like to have a set of minimum values for USA and a different set of minimum values of all other countries. I would like to set USA postal code minimum value to 5 and state to 2 but doing this...
It works :) Thank you!