Security or hacking issues ?

[CJPinder]

>00:13:26 0 ¥Spider 66.249.67.106 11:35:10 11:36:43
>Time Since Clicked: 00:11:53 ago
>Session ID:
>Host: crawl-66-249-67-106.googlebot.com
>User Agent: Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) /fstore/index.php?main_page=advanced_search&keyword=interface&search_in_description=1&in c_subcat=0&sort=20a&alpha_filter_id=74

That is just Google's search engine spider indexing your site so that it will appear in Google's search results. This is a good thing. You can block it if you want but Google is a good source of traffic.

>00:05:50 0 ¥Spider 61.247.222.55 11:42:46 11:42:46
>Time Since Clicked:00:05:50 ago
>Session ID:
>Host: 61.247.222.55
>User Agent: Yeti/1.0 (NHN Corp.; http://help.naver.com/robots/)

Appears to be the search engine spider of a Chinese search and news site. Again you can block it if you really want, either by robots.txt of by .htaccess .

Regards,
Christian.

[teamzr1]

Well after 2 days of making the code changes the visitor counter is no less then before, where in fact the count is higher then the day before the code change was done

Counter History for last 10 recorded days Session - Total
09/13/2008 98 - 323
09/12/2008 123 - 216
09/11/2008 218 - 255
09/10/2008 139 - 159
09/09/2008 414 - 470

Also in just over 1 year total hits is with only 18 sales !

Statistics
Hit Counter Started: 06/20/2007
Hit Counter: 57900

There is something more then assuming it is search engines as the cause or there is a bug in preventing spiders to crawling through the frontstore
As it is clear spiders are still allowed to create sessions

00:29:540 ¥Spider 66.249.67.10609:51:0910:05:00 Time Since Clicked:
00:16:03 agoSession ID:
Host: crawl-66-249-67-106.googlebot.com
User Agent: Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
/fstore/index.php?main_page=product_info&products_id=3

[DrByte]

I don't know why you're concerned about spiders so much. Spiders are a good thing. (Yes, I know you're not fond of the idea of a spider from china visiting your site ... )

Just because a spider shows up in Whos Online doesn't indicate any reason for alarm. They have to visit your pages in order to index them. You'll also note that the case you cited above does NOT have a session ID associated with it .... it's blank ... because they don't have a session. All a session gives them is the ability to add-to-cart and attempt checkout ... which is why you normally don't want them to get sessions.

My suggestions:
1. Forget about the spiders. They're highly unlikely to be a cause for concern unless you have very specific intel to indicate otherwise.

2. Follow the suggestion I gave you last week about visiting the sites who are sending traffic to you from abroad ... find out where on their page the link to your site is located. Talk to those webmasters and find out why the link is there in the first place. That will likely lead you to a more reliable source to indicate the cause of your unexpected/undesired traffic.
Your hosting company *can* give you a list of visitors hitting your site including their referral addresses. It's in the server logs. It all comes down to whether they want to go to the trouble of the complicated hassle required to collect the files, grep for your URL, and zip the output and send it to you.

[teamzr1]

As I have stated before.

You cannot ASSUME high daily counts are from spiders UNLESS you turn off spiders ( flaw that function does not work correctly) and verifiy those high counts are in fact from seach routines.

It is a good excuses to think it is from spiders when in fact it could be someone has a back door into the frontstore and doing who knows what.

Considering there is Non Amercian spiders but we also see Non American users showing online and almost 6,000 ! hits in 14 months with less then 20 sales ( and those were from people we knew) says something is not right

Being there was those 6,000 hits, no sales says then if you do the math all that hit counts is doing nothing but sucking up CPU and WAN bandwidth to our domain
Fact is the function to prevent spiders from making a session fails and is not fixed in the lastest 1.3.8a when others have complained a year ago function failed and the fact my orginal post was written in another section on this forum and has been moved to the 3rd different forum section by admins does not make easy to just assume 6,000 hits are just a "Don't Care" when somethine worse is going on.

You cannot visit what you cannot see, I asked if there was some log in the frontstaore where those hit counts came from that have TCP/IP addresses to backtrack and visit, all we have is counts and there is no way we are going to sit in Admin mode and do refreshes to manual copy every visitor IP data to verify

It is not in the server log, that log is for combined for every domain on that server which is hundreds and not just from our domain so those errors as found have zero to even do with Zen Cart itself.

[DrByte]

Actually, the key to where your traffic is coming from *is* in your server's log. But, as you've made clear, your host doesn't want to help extract the information specific to your domain. And you're correct: that matter has nothing to do with Zen Cart itself.

If you wish to fixate on spiders etc, that's your prerogative. Spiders will always equate to hits. Ideally they do not equate to sessions. Applying code fix I and Christian eluded to earlier will stop your Zen Cart admin counts from including spiders in the numbers. You indicated that making the change didn't substantially change the stats. Thus, if I were you I'd stop focusing on spiders and go looking for the real cause ... the roots of which I've spoken and made suggestions in several posts. If you're concerned about the increased traffic, go digging into where it's coming from. Given that you've not given any feedback from my other constructive suggestions, I gather you think they're pointless or beneath you. Yet you throw back the idea of a "don't care" attitude ...

Nevertheless, my reply is not intended to start any flame war. I'm just saying it doesn't look like you've been looking in the right direction despite my telling you what I found when I looked at your issue the first time.

[Website Rob]

Although it is true that Zen Cart may not record everything one could want it is also true that most Hosters provide their Clients with access to Error logs and Access logs; along with a Statistics program for even more information. If your Hoster does not provide that type access you would need to install some software yourself that is specific to statistical tracking.

As to all the Hits for your site, many people wonder the same thing and do not realize how many Bots are out there searching sites. If someone is trying to do something they shouldn't they will not know nor care what your site is about; only what they can do with it for their own purposes. And that they will not find out till they check the site. This is why each Web site should have their statistics software.

If you happen to have a Hoster that is concerned about Security and ease-of-use for their Clients, they will have protocols setup at the Server level which is much more effective than any one script could provide. Not only does this stop Bad Bots from doing anything it also prevents superfluous entries in any Client software; such as an eCommerce or Statistics script. Makes it easier for people to