Page 1 of 3 123 LastLast
Results 1 to 10 of 132

Hybrid View

  1. #1
    Join Date
    Jan 2004
    Location
    N of San Antonio TX
    Posts
    9,695
    Plugin Contributions
    11

    Default Re: AbuseIPDB Integration module

    Installed and did cleanup. 500 error with this debug

    Code:
    [17-May-2025 14:26:37 America/Chicago] PHP Fatal error:  Uncaught Error: Undefined constant "ABUSEIPDB_HIGH_SCORE_CACHE_ENABLED" in /home/MY_USER/public_html/zc_plugins/AbuseIPDB/v4.0.0/catalog/includes/classes/observers/abuseipdb_observer.php:222Stack trace:
    #0 /home/MY_USER/public_html/zc_plugins/AbuseIPDB/v4.0.0/catalog/includes/classes/observers/abuseipdb_observer.php(22): abuseipdb_observer->checkAbusiveIP()
    #1 /home/MY_USER/public_html/includes/classes/traits/NotifierManager.php(107): abuseipdb_observer->update(Object(notifier), 'NOTIFY_HTML_HEA...', 'index', 'MY_TEMPLATE', NULL, NULL, NULL, NULL, NULL, NULL, NULL)
    #2 /home/MY_USER/public_html/includes/templates/MY_TEMPLATE/common/html_header.php(19): base->notify('NOTIFY_HTML_HEA...', 'index', 'MY_TEMPLATE')
    #3 /home/MY_USER/public_html/index.php(48): require('/home/MY_USER/...')
    #4 {main}
      thrown in /home/MY_USER/public_html/zc_plugins/AbuseIPDB/v4.0.0/catalog/includes/classes/observers/abuseipdb_observer.php on line 222
    
    
    [17-May-2025 14:26:37 America/Chicago] Request URI: /, IP address: 123.234.134.255
    --> PHP Fatal error: Uncaught Error: Undefined constant "ABUSEIPDB_HIGH_SCORE_CACHE_ENABLED" in /home/MY_USER/public_html/zc_plugins/AbuseIPDB/v4.0.0/catalog/includes/classes/observers/abuseipdb_observer.php:222
    Stack trace:
    #0 /home/MY_USER/public_html/zc_plugins/AbuseIPDB/v4.0.0/catalog/includes/classes/observers/abuseipdb_observer.php(22): abuseipdb_observer->checkAbusiveIP()
    #1 /home/MY_USER/public_html/includes/classes/traits/NotifierManager.php(107): abuseipdb_observer->update(Object(notifier), 'NOTIFY_HTML_HEA...', 'index', 'MY_TEMPLATE', NULL, NULL, NULL, NULL, NULL, NULL, NULL)
    #2 /home/MY_USER/public_html/includes/templates/MY_TEMPLATE/common/html_header.php(19): base->notify('NOTIFY_HTML_HEA...', 'index', 'MY_TEMPLATE')
    #3 /home/MY_USER/public_html/index.php(48): require('/home/MY_USER/...')
    #4 {main}
      thrown in /home/MY_USER/public_html/zc_plugins/AbuseIPDB/v4.0.0/catalog/includes/classes/observers/abuseipdb_observer.php on line 222.
    
    
    [17-May-2025 14:26:37 America/Chicago] Request URI: /, IP address: 123.234.134.255
    --> PHP Fatal error: Uncaught Error: Undefined constant "ABUSEIPDB_HIGH_SCORE_CACHE_ENABLED" in /home/MY_USER/public_html/zc_plugins/AbuseIPDB/v4.0.0/catalog/includes/classes/observers/abuseipdb_observer.php:222
    Stack trace:
    #0 /home/MY_USER/public_html/zc_plugins/AbuseIPDB/v4.0.0/catalog/includes/classes/observers/abuseipdb_observer.php(22): abuseipdb_observer->checkAbusiveIP()
    #1 /home/MY_USER/public_html/includes/classes/traits/NotifierManager.php(107): abuseipdb_observer->update(Object(notifier), 'NOTIFY_HTML_HEA...', 'index', 'MY_TEMPLATE', NULL, NULL, NULL, NULL, NULL, NULL, NULL)
    #2 /home/MY_USER/public_html/includes/templates/MY_TEMPLATE/common/html_header.php(19): base->notify('NOTIFY_HTML_HEA...', 'index', 'MY_TEMPLATE')
    #3 /home/MY_USER/public_html/index.php(48): require('/home/MY_USER/...')
    #4 {main}
      thrown in /home/MY_USER/public_html/zc_plugins/AbuseIPDB/v4.0.0/catalog/includes/classes/observers/abuseipdb_observer.php on line 222.
    A little help with colors.
    myZenCartHost.com - Zen Cart Certified, PCI Compatible Hosting by JEANDRET
    Free SSL & Domain with semi-annual and longer hosting. Updating 1.5.2 and Up.

  2. #2
    Join Date
    May 2008
    Location
    United States
    Posts
    490
    Plugin Contributions
    1

    Default Re: AbuseIPDB Integration module

    Quote Originally Posted by dbltoe View Post
    Installed and did cleanup. 500 error with this debug

    Code:
    [17-May-2025 14:26:37 America/Chicago] PHP Fatal error:  Uncaught Error: Undefined constant "ABUSEIPDB_HIGH_SCORE_CACHE_ENABLED" in /home/MY_USER/public_html/zc_plugins/AbuseIPDB/v4.0.0/catalog/includes/classes/observers/abuseipdb_observer.php:222Stack trace:
    #0 /home/MY_USER/public_html/zc_plugins/AbuseIPDB/v4.0.0/catalog/includes/classes/observers/abuseipdb_observer.php(22): abuseipdb_observer->checkAbusiveIP()
    #1 /home/MY_USER/public_html/includes/classes/traits/NotifierManager.php(107): abuseipdb_observer->update(Object(notifier), 'NOTIFY_HTML_HEA...', 'index', 'MY_TEMPLATE', NULL, NULL, NULL, NULL, NULL, NULL, NULL)
    #2 /home/MY_USER/public_html/includes/templates/MY_TEMPLATE/common/html_header.php(19): base->notify('NOTIFY_HTML_HEA...', 'index', 'MY_TEMPLATE')
    #3 /home/MY_USER/public_html/index.php(48): require('/home/MY_USER/...')
    #4 {main}
      thrown in /home/MY_USER/public_html/zc_plugins/AbuseIPDB/v4.0.0/catalog/includes/classes/observers/abuseipdb_observer.php on line 222
    
    
    [17-May-2025 14:26:37 America/Chicago] Request URI: /, IP address: 123.234.134.255
    --> PHP Fatal error: Uncaught Error: Undefined constant "ABUSEIPDB_HIGH_SCORE_CACHE_ENABLED" in /home/MY_USER/public_html/zc_plugins/AbuseIPDB/v4.0.0/catalog/includes/classes/observers/abuseipdb_observer.php:222
    Stack trace:
    #0 /home/MY_USER/public_html/zc_plugins/AbuseIPDB/v4.0.0/catalog/includes/classes/observers/abuseipdb_observer.php(22): abuseipdb_observer->checkAbusiveIP()
    #1 /home/MY_USER/public_html/includes/classes/traits/NotifierManager.php(107): abuseipdb_observer->update(Object(notifier), 'NOTIFY_HTML_HEA...', 'index', 'MY_TEMPLATE', NULL, NULL, NULL, NULL, NULL, NULL, NULL)
    #2 /home/MY_USER/public_html/includes/templates/MY_TEMPLATE/common/html_header.php(19): base->notify('NOTIFY_HTML_HEA...', 'index', 'MY_TEMPLATE')
    #3 /home/MY_USER/public_html/index.php(48): require('/home/MY_USER/...')
    #4 {main}
      thrown in /home/MY_USER/public_html/zc_plugins/AbuseIPDB/v4.0.0/catalog/includes/classes/observers/abuseipdb_observer.php on line 222.
    
    
    [17-May-2025 14:26:37 America/Chicago] Request URI: /, IP address: 123.234.134.255
    --> PHP Fatal error: Uncaught Error: Undefined constant "ABUSEIPDB_HIGH_SCORE_CACHE_ENABLED" in /home/MY_USER/public_html/zc_plugins/AbuseIPDB/v4.0.0/catalog/includes/classes/observers/abuseipdb_observer.php:222
    Stack trace:
    #0 /home/MY_USER/public_html/zc_plugins/AbuseIPDB/v4.0.0/catalog/includes/classes/observers/abuseipdb_observer.php(22): abuseipdb_observer->checkAbusiveIP()
    #1 /home/MY_USER/public_html/includes/classes/traits/NotifierManager.php(107): abuseipdb_observer->update(Object(notifier), 'NOTIFY_HTML_HEA...', 'index', 'MY_TEMPLATE', NULL, NULL, NULL, NULL, NULL, NULL, NULL)
    #2 /home/MY_USER/public_html/includes/templates/MY_TEMPLATE/common/html_header.php(19): base->notify('NOTIFY_HTML_HEA...', 'index', 'MY_TEMPLATE')
    #3 /home/MY_USER/public_html/index.php(48): require('/home/MY_USER/...')
    #4 {main}
      thrown in /home/MY_USER/public_html/zc_plugins/AbuseIPDB/v4.0.0/catalog/includes/classes/observers/abuseipdb_observer.php on line 222.

    Can you confirm the following admin setting for the module that it says: (third one down)

    Total Settings 47

    Also confirm you see the admin setting: Enable High Score Cache Extension
    marcopolo
    Zen Cart 2.2.2 | PHP 8.5.4 | MariaDB 10.11.14

  3. #3
    Join Date
    Jan 2004
    Location
    N of San Antonio TX
    Posts
    9,695
    Plugin Contributions
    11

    Default Re: AbuseIPDB Integration module

    Can't access the admin settings with the mod disabled, but the database still shows 3.0.4 version and 27 for total settings.
    A little help with colors.
    myZenCartHost.com - Zen Cart Certified, PCI Compatible Hosting by JEANDRET
    Free SSL & Domain with semi-annual and longer hosting. Updating 1.5.2 and Up.

  4. #4
    Join Date
    Jan 2004
    Location
    N of San Antonio TX
    Posts
    9,695
    Plugin Contributions
    11

    Default Re: AbuseIPDB Integration module

    Plugin Manager was still showing 3.0.4, did an uninstall, zc_plugins directory showed only 4.0.0 as I had done the cleanup.

    Reinstalled using Plugin Manager and all is fine. Got the 47 and the Enable High Score...
    A little help with colors.
    myZenCartHost.com - Zen Cart Certified, PCI Compatible Hosting by JEANDRET
    Free SSL & Domain with semi-annual and longer hosting. Updating 1.5.2 and Up.

  5. #5
    Join Date
    May 2008
    Location
    United States
    Posts
    490
    Plugin Contributions
    1

    Default Re: AbuseIPDB Integration module

    Quote Originally Posted by dbltoe View Post
    Plugin Manager was still showing 3.0.4, did an uninstall, zc_plugins directory showed only 4.0.0 as I had done the cleanup.

    Reinstalled using Plugin Manager and all is fine. Got the 47 and the Enable High Score...
    Ok great glad it is working!

    So for others not to have this issue as noted in the readme:

    Major Update Notice: If you are upgrading from v3.0.4 or earlier, you must uninstall the previous module before installing v4.0.0.
    ⚡ Important: Be sure to screen-capture your existing settings before uninstalling AbuseIPDB v3.0.4 or lower to preserve your configuration.
    marcopolo
    Zen Cart 2.2.2 | PHP 8.5.4 | MariaDB 10.11.14

  6. #6
    Join Date
    Jan 2004
    Location
    N of San Antonio TX
    Posts
    9,695
    Plugin Contributions
    11

    Default Re: AbuseIPDB Integration module

    Please review your README.md and identify the steps from an encapsulated plugin to a newer plugin. Otherwise, others will lose their API data as we did.

    I would note that, normally, a plugin notifies the owner of an update, the update is done, and the option to clean old files follows the upgrade. https://docs.zen-cart.com/dev/plugin...ins/upgrading/
    A little help with colors.
    myZenCartHost.com - Zen Cart Certified, PCI Compatible Hosting by JEANDRET
    Free SSL & Domain with semi-annual and longer hosting. Updating 1.5.2 and Up.

  7. #7
    Join Date
    Jan 2004
    Location
    N of San Antonio TX
    Posts
    9,695
    Plugin Contributions
    11

    Default Re: AbuseIPDB Integration module

    You might want to move that message inside the INSTALLATTION AND UPGRADE section.
    A little help with colors.
    myZenCartHost.com - Zen Cart Certified, PCI Compatible Hosting by JEANDRET
    Free SSL & Domain with semi-annual and longer hosting. Updating 1.5.2 and Up.

  8. #8
    Join Date
    May 2008
    Location
    United States
    Posts
    490
    Plugin Contributions
    1

    Default Re: AbuseIPDB Integration module

    Quote Originally Posted by dbltoe View Post
    Please review your README.md and identify the steps from an encapsulated plugin to a newer plugin. Otherwise, others will lose their API data as we did.

    I would note that, normally, a plugin notifies the owner of an update, the update is done, and the option to clean old files follows the upgrade. https://docs.zen-cart.com/dev/plugin...ins/upgrading/
    As stated, the instructions are clear — you need to uninstall. I could’ve made it an upgrade, but that would’ve meant a lot more work for the installer. Unfortunately, this means you’ll lose your database data. It is possible to skip uninstalling certain tables, but that’s more of an advanced option. Since I’m offering this for free, I don’t have the time to troubleshoot those kinds of setups. This update adds a lot of new features, so it had to be done this way.
    marcopolo
    Zen Cart 2.2.2 | PHP 8.5.4 | MariaDB 10.11.14

  9. #9
    Join Date
    May 2008
    Location
    United States
    Posts
    490
    Plugin Contributions
    1

    Default Re: AbuseIPDB Integration module

    I’m exploring a possible new feature for the AbuseIPDB plugin to prevent bots from rapidly creating sessions in Zen Cart (e.g., 1000+ sessions in a short time), which can overload the server. I’ve seen this happen a few times—bots create thousands of sessions and cause major performance issues. Since Zen Cart’s session_start() in application_top.php runs before the plugin can intervene, we need to block these requests before session creation.

    Goal:
    Block session creation for IPs that exceed a rate threshold (e.g., 100 sessions in 1 minute), while allowing normal browsing patterns (e.g., 100 sessions over 30 minutes).

    Proposed Approach:

    Use an auto-loader or similar method to run a check before session_start() in application_top.php.

    Track session rates per IP in TABLE_ABUSEIPDB_CACHE (session count and window start time).

    Use a sliding window (e.g., 60 seconds): increment count per request, reset after window expires.

    If the count exceeds the threshold, return a 403 Forbidden response and exit.

    Alternative (Not Preferred):
    Dynamically write deny rules to .htaccess to block IPs at the Apache level before PHP runs. We’d prefer to avoid this for compatibility with non-Apache servers.

    This issue is rare but impactful, so we need to address it. I’d really appreciate input from anyone who’s tackled similar problems, or ideas on the cleanest and most portable way to intercept or throttle session creation before session_start() runs. Any advice on standard mechanisms, code examples, or pitfalls to watch out for would be greatly appreciated!

    If there isn’t a clean way to accomplish this in the current Zen Cart architecture, I’d suggest considering it for a future version. It would be ideal if Zen Cart provided a standard pre-session hook or filtering mechanism—either in the core or through a well-documented extension point—so modules like AbuseIPDB (or others) can intercept and block abusive requests before sessions are created. This would make handling rate-limiting and abuse much more robust and portable going forward.

    Thanks,
    marcopolo
    Zen Cart 2.2.2 | PHP 8.5.4 | MariaDB 10.11.14

  10. #10
    Join Date
    Sep 2009
    Location
    Stuart, FL
    Posts
    13,932
    Plugin Contributions
    96

    Default Re: AbuseIPDB Integration module

    Quote Originally Posted by marcopolo View Post
    I’m exploring a possible new feature for the AbuseIPDB plugin to prevent bots from rapidly creating sessions in Zen Cart (e.g., 1000+ sessions in a short time), which can overload the server. I’ve seen this happen a few times—bots create thousands of sessions and cause major performance issues. Since Zen Cart’s session_start() in application_top.php runs before the plugin can intervene, we need to block these requests before session creation.

    Goal:
    Block session creation for IPs that exceed a rate threshold (e.g., 100 sessions in 1 minute), while allowing normal browsing patterns (e.g., 100 sessions over 30 minutes).

    Proposed Approach:

    Use an auto-loader or similar method to run a check before session_start() in application_top.php.

    Track session rates per IP in TABLE_ABUSEIPDB_CACHE (session count and window start time).

    Use a sliding window (e.g., 60 seconds): increment count per request, reset after window expires.

    If the count exceeds the threshold, return a 403 Forbidden response and exit.

    Alternative (Not Preferred):
    Dynamically write deny rules to .htaccess to block IPs at the Apache level before PHP runs. We’d prefer to avoid this for compatibility with non-Apache servers.

    This issue is rare but impactful, so we need to address it. I’d really appreciate input from anyone who’s tackled similar problems, or ideas on the cleanest and most portable way to intercept or throttle session creation before session_start() runs. Any advice on standard mechanisms, code examples, or pitfalls to watch out for would be greatly appreciated!

    If there isn’t a clean way to accomplish this in the current Zen Cart architecture, I’d suggest considering it for a future version. It would be ideal if Zen Cart provided a standard pre-session hook or filtering mechanism—either in the core or through a well-documented extension point—so modules like AbuseIPDB (or others) can intercept and block abusive requests before sessions are created. This would make handling rate-limiting and abuse much more robust and portable going forward.

    Thanks,
    The problem, IMO, with the proposed approach is the requirement for the site's autoloading to occur as it requires database accesses to determine whether/not to shut down the request.

    I realize the non-Apache risk with the alternative solution, but it's probably the best choice to shut down the unwanted accesses before additional server resources (i.e. database and file-system) are required.

    For either approach, you could use an auto-loader and load your processing after breakpoint 50 (where the database connection is made and configuration settings read) and prior to breakpoint 70 (where the session is established).

 

 
Page 1 of 3 123 LastLast

Similar Threads

  1. AbuseIPDB integration?
    By marcopolo in forum General Questions
    Replies: 3
    Last Post: 4 May 2022, 06:31 PM
  2. v155 Full Ebay Integration Module
    By Wilkesy in forum All Other Contributions/Addons
    Replies: 9
    Last Post: 19 Jun 2020, 03:29 AM
  3. v156 PayCertify Payment Integration Module
    By PayCertify in forum Addon Payment Modules
    Replies: 1
    Last Post: 1 May 2019, 11:29 PM
  4. Mailchimp Module Integration
    By hamid380 in forum Addon Sideboxes
    Replies: 5
    Last Post: 7 Sep 2011, 01:11 PM
  5. Custom Shipping Module Integration
    By youderian in forum Built-in Shipping and Payment Modules
    Replies: 0
    Last Post: 22 Dec 2008, 05:59 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
disjunctive-egg