Jump to content

Jack_mcs

Members
  • Content count

    29,704
  • Joined

  • Last visited

  • Days Won

    128

Reputation Activity

  1. Like
    Jack_mcs got a reaction from fantomen in Regarding the contribution: Edit pages via Admin   
    It is possible but not the best way to do it. The idea is to replace those files with a dynamic page. See the Information box in the footer of my site. Almost all of the links in it have been created with the Information Pages addon. If you want to keep the hard-files, or have others you want to use, there is a one-line change you can make to those files to control the text in admin. So, technically, if you used that method it would be the same as it is with the addon you mentioned, though that would be extra work for no good reason,.
  2. Like
    Jack_mcs got a reaction from fantomen in Regarding the contribution: Edit pages via Admin   
    @fantomenIt won't work in your shop because it needs the filenames file which does not exist. I suggest you try Information Pages instead. It is CE compatible and an easier install.
  3. Like
    Jack_mcs got a reaction from altoid in Fake accounts   
    If you are comfortable changing the code, find this in the includes/functions/honeypot.php file
    tep_db_query("insert into " . $db_table . " set " . $insert_sql_data); and add this above it
    if (MODULE_HEADER_TAGS_HONEYPOT_CREATE_ACCOUNT_NOTIFICATION == 'True') { HoneypotNotify($cust); } You can add // before the two lines farther above that read
    HoneypotNotify($cust); That will give you an email for all accounts that are created.
  4. Like
    Jack_mcs got a reaction from fiodh in Fake accounts   
    It uses a database table.
  5. Like
    Jack_mcs reacted to burt in Addon Feedback   
    Would it be of interest to the shopowner community if public feedback was given on addon support threads? 
    Feedback could be from other shopowners and from coders.
    I'm thinking things like:
    This addon uses incorrect HTML This addon is not multilingual This addon should use addBlock not addContent This addon is excellent in all regards etcetc
  6. Like
    Jack_mcs got a reaction from altoid in Site Meta Tags not applying when tested.   
    The reason you add what you displayed is for, mostly, SEO purposes and having just one entry, or the same entry for each page, s a mistake.
    If you are using the CE version, it has modules built-in to handle the titles and descriptions. Otherwise, you should install HeaderTags SEO.
  7. Like
    Jack_mcs got a reaction from JcMagpie in File permissionsI   
    When an update is done to the Paypal App if the admin name has been changed, the paypal,php file is added to the directory named admin. I've never seen it change from the one present in the actual admin directory so it can be ignored, I think.
  8. Like
    Jack_mcs got a reaction from valquiria23 in HoneyPot Captcha   
    You're welcome.
  9. Like
    Jack_mcs got a reaction from valquiria23 in HoneyPot Captcha   
    Thanks for that. I tried it here and it got through as you said. I'll change the code to fix that in the next version.
  10. Like
    Jack_mcs got a reaction from altoid in HoneyPot Captcha   
    A new version has been uploaded with these changes:
    Added option to block account creation based on thr number of accounts and/or time accounts added.                   Added back some of the url checking removed in the last update to catch stragglers. Removed the PWA code in the create account page for pre-2.3 shops since it did not apply to this addon. This version aims to prevent the account creation of many accounts by scripts. There are two ways it does that.
    First, you can set a count for how many accounts may be created. So if it is set to 2, each customer can only create 2 accounts. If your site has legitimate customers that need more accounts, then don't use this setting or set it higher.
    Second, the code records the IP of the account creator as well as the time the account was created. If another create account is attempted by that IP in the time entered in the settings, the account won't be created.
    Both of the above can be used together or alone.
  11. Like
    Jack_mcs got a reaction from mhsuffolk in HoneyPot Captcha   
    All of the wamp packages come with IPV6 set to on, at least the newer ones do. As far as I know, no host enables that as the default (we don't, at least). To turn it off, open the http.conf file and search for Listen. The lines should look like this to turn IPV6 off:
    Listen 0.0.0.0:80 #Listen [::0]:80  
  12. Like
    Jack_mcs got a reaction from mhsuffolk in HoneyPot Captcha   
    It's failing because you have the option to use the IPV6 format enabled. I may put a check in for what type of IP it is but I don't know that I will be changing the code to accept them. IPV6 IP's are still not used much so I don't find it worthwhile, time-wise, to code for them.
  13. Like
    Jack_mcs got a reaction from freakystreak in Product Quantity Box   
    @freakystreakJust so you know,, if you want to address a specific person, you should include an @ before their user name. That will cause them to be notified of your post. The way you mentioned the user means the only way he will see it is if he happens to look into this thread.
  14. Like
    Jack_mcs got a reaction from altoid in HoneyPot Captcha   
    A new version has been uploaded with these changes:
    Added option to block account creation based on thr number of accounts and/or time accounts added.                   Added back some of the url checking removed in the last update to catch stragglers. Removed the PWA code in the create account page for pre-2.3 shops since it did not apply to this addon. This version aims to prevent the account creation of many accounts by scripts. There are two ways it does that.
    First, you can set a count for how many accounts may be created. So if it is set to 2, each customer can only create 2 accounts. If your site has legitimate customers that need more accounts, then don't use this setting or set it higher.
    Second, the code records the IP of the account creator as well as the time the account was created. If another create account is attempted by that IP in the time entered in the settings, the account won't be created.
    Both of the above can be used together or alone.
  15. Like
    Jack_mcs got a reaction from JcMagpie in A new danger?   
    It never has been included that I can recall. You need to add it if you want to use it.
    Reasons I think a robots file should be used:
    It will block some bots that don't help the site. It should be used to list the sitemap file if it is not named sitemap.idx. Search engines look for a file by that name and will assume one is not present if it is named something else and there isn't a link to it. It is useful for scripts like View Counter and the IP Blocker to set up traps. Hackers see a directory or file marked as blocked and they simply can't help themselves to check them. Some sites don't want their images listed so the images directory can be blocked. Some pages should not be listed on the search engine pages, like advanced_search_result.php , or any page that may be linked to but requires a password. You can use the robots noindex module to do this. One thing that should never be in the robots file is the actual admin name. I see this over and over again and it is an open challenge to hackers to try it.
    Take a look at google.com/robots.txt and amazon.com/robots.txt. I don't think sites like those would use them if they were not useful.
  16. Like
    Jack_mcs got a reaction from Portman in No 'Boxes' in Fresh install of BS 2341   
    Try changing these lines
    define('HTTP_COOKIE_DOMAIN', 'creativeabundance.com.au'); define('HTTPS_COOKIE_DOMAIN', 'creativeabundance.com.au'); define('HTTP_COOKIE_PATH', '/sales/admin/'); define('HTTPS_COOKIE_PATH', '/sales/admin/'); define('DIR_FS_DOCUMENT_ROOT', '/home/creativ3/public_html/sales/'); to
    define('HTTP_COOKIE_DOMAIN', ''); define('HTTPS_COOKIE_DOMAIN', ''); define('HTTP_COOKIE_PATH', ''); define('HTTPS_COOKIE_PATH', ''); define('DIR_FS_DOCUMENT_ROOT', '/home/creativ3/public_html');  
  17. Like
    Jack_mcs got a reaction from JcMagpie in Removing fake customers   
    You may want to look at my Database Optimizer.
  18. Like
    Jack_mcs got a reaction from JcMagpie in Removing fake customers   
    See the Honey Pot addon. There are only a few changes needed. It stops 100% of spam by bots on the contact us page and is completely transparent to the customer.
  19. Like
    Jack_mcs got a reaction from altoid in Removing fake customers   
    There are several threads regarding this on this subject. There's no simple way to remove them in a stock shop. You can do one of the following:
    If there are not too many, you can manually delete them in admin->Customers. If there are too many to delete manually, you can delete them by editing the database. How easy this is depends on when the accounts were created and if there is something in common with them, like the same in each. To prevent it from happening again,
    If you can determine the country that the accounts are being added from and if you won't sell to that country, then remove the country from the countries list in admin or install an addon or package that blocks countries if your host doesn't provide that option. If you can determine the IP of those that created the account, you could block those IP's. There are addons meant to store the IP if you don't have one installed.
  20. Like
    Jack_mcs got a reaction from JcMagpie in Removing fake customers   
    See the Honey Pot addon. There are only a few changes needed. It stops 100% of spam by bots on the contact us page and is completely transparent to the customer.
  21. Like
    Jack_mcs got a reaction from JcMagpie in Removing fake customers   
    You may want to look at my Database Optimizer.
  22. Like
    Jack_mcs got a reaction from altoid in Removing fake customers   
    There are several threads regarding this on this subject. There's no simple way to remove them in a stock shop. You can do one of the following:
    If there are not too many, you can manually delete them in admin->Customers. If there are too many to delete manually, you can delete them by editing the database. How easy this is depends on when the accounts were created and if there is something in common with them, like the same in each. To prevent it from happening again,
    If you can determine the country that the accounts are being added from and if you won't sell to that country, then remove the country from the countries list in admin or install an addon or package that blocks countries if your host doesn't provide that option. If you can determine the IP of those that created the account, you could block those IP's. There are addons meant to store the IP if you don't have one installed.
  23. Like
    Jack_mcs got a reaction from puggybelle in Hack attempt - is there a way to prevent this?   
    The jb.gy is a link to the hacker site. The gy is the TLD for Guyana. Once the full code is in your database, the hacker could access and load whatever from his site.
    If your host offers country blocking, or if you have View Counter installed, then you should block Guyana, assuming you would not sell to anyone from there, along with any other country you won't sell to.
  24. Like
    Jack_mcs got a reaction from ArtcoInc in Hack attempt - is there a way to prevent this?   
    When the form is submitted, the commands are stripped from it. That is why you see the __script instead of <script. That renders the code useless as far as the hacker is concerned. At least it should. I never assume anything when they are involved.
    If you have an addon that records the IP, like View Counter or IP Blocker, then you should block the IP. That won't prevent others from using the same method but it might stop that guy.
  25. Like
    Jack_mcs got a reaction from ArtcoInc in Hack attempt - is there a way to prevent this?   
    When the form is submitted, the commands are stripped from it. That is why you see the __script instead of <script. That renders the code useless as far as the hacker is concerned. At least it should. I never assume anything when they are involved.
    If you have an addon that records the IP, like View Counter or IP Blocker, then you should block the IP. That won't prevent others from using the same method but it might stop that guy.
×