Jump to content

Chadduck

Members
  • Content count

    129
  • Joined

  • Last visited

4 Followers

Profile Information

  • Real Name
    BJ Chadduck

Recent Profile Visitors

14,679 profile views
  1. Chadduck

    HoneyPot Captcha

    Jack As previously discussed in Honeypot I had set Block IP Automatically to 4. After the following incident I put it back to the original setting - blank. Last evening I had a lady that was having difficulty creating an account. Ultimately got herself, or I should say her IP, banned. She emailed me and identified herself and asked IF I could help. Being late I told her to send me a phone number to contact her. She did. I will manually take her order over the phone. Anyway - this morning, I tried to create a generic account for her BUT was unable to do so. Prior to doing so, I manually removed her IP from the Honeypot log. HER IP from Honeypot (manually removed) XXX.YYY.ZZZ.209 01-07-2020: Denied due to captchaThis IP has 1 violations. XXX.YYY.ZZZ.209 01-07-2020: Denied due to being too soon by GENNA ______ .This IP has 2 violations. XXX.YYY.ZZZ.209 01-07-2020: Denied due to captchaThis IP has 3 violations. XXX.YYY.ZZZ.209 01-07-2020: Denied due to being too soon by genna ______ .This IP has 4 violations. XXX.YYY.ZZZ.209 01-07-2020: Permanently blocked from the site due to too many violations.This IP has 5 violations. XXX.YYY.ZZZ.209 01-07-2020: Permanently blocked from the site due to too many violations.This IP has 6 violations. XXX.YYY.ZZZ.209 01-07-2020: Permanently blocked from the site due to too many violations.This IP has 7 violations. XXX.YYY.ZZZ.209 01-07-2020: Permanently blocked from the site due to too many violations.This IP has 8 violations. After REMOVAL when I attempted to create the account I received the following MY IP XXX.YYY.ZZZ.15 01-08-2020: Denied due to count limit by Genna ______ .This IP has 3 violations. 2 of the violations were for the password being too short. DOH!!! HOW DO I REMOVE her name, IP from the Honeypot and/or View Counter ban? I have done the following 1. searched the database - her name does not exist 2. searched the Honeypot log and removed the IP that she used BJ
  2. Chadduck

    View Counter

    THANK YOU JACK! Added Hong Kong BJ
  3. Chadduck

    View Counter

    Jack Have done the above with the Block Country. It has eliminated much of the issues we have discussed (both publicly and privately) and for that I am thankful. However, the country Hong Kong is NOT in the "Choose the countries to be blocked" list. And while I am aware I can ban the individual IP - the IP is does not seem to be re-used nor the same on the report see graphic. Suggestions? BJ
  4. Chadduck

    HoneyPot Captcha

    THAT TOOK CARE OF IT... Again - I am indebted to you. THANK YOU BJ
  5. Chadduck

    HoneyPot Captcha

    This is such a wonderful contribution. It is an invaluable security tool for every store. Having said that - I decided after a week of having my new store operational to enable the captcha portion. Up to this point I have had this setting set to None Show Captcha Do you want to display a security challenge on the page? Numbers Image None FIRST I tried Numbers - No Joy. I then tried Image - No Joy. For some stupid reason I can NOT get the captcha question (numbers or image) to show. I do get the the line showing "Security Question" then a space where the captcha should be and finally the text entry for the answer. Reviewing the php_error.log there are these entries. the ....../ indicates the long directory on the server PHP Warning: imagettfbbox(): Could not find/open font in ....../captcha.php on line 44 PHP Warning: imagettftext(): Could not find/open font in ....../captcha.php on line 89 As pointed out earlier in this topic - GD Support is enabled. The verdana.ttf is located in the same directory as captcha.php What should I be looking at or looking for.
  6. Chadduck

    View Counter

    Thank you Jack
  7. Chadduck

    View Counter

    Jack suggested that if we do not cater / sell to a particular country that it should probably be banned to prevent spam and bandwidth usage. Since I am really just learning to use View Counter how is the best way to ban an entire country? BJ
  8. Chadduck

    HoneyPot Captcha

    Sorry about that - I missed it. Yes it is showing in BOTH I was so focused on getting the email - and when the emails happened - Well excitement took over. This upgrade process has been 6 months in the making and making sure things are working with emails, credit cards, etc. - I was excited when I started getting the HoneyPot emails since I thought I had coded something which immediately made me start questioning IF I had miscoded it had I done the same elsewhere. I have told you privately but I will do so here in public Thanks again for all that you give to the community as a whole and especially the help you have provided to me. BJ
  9. Chadduck

    HoneyPot Captcha

    Jack Thank you for the assist. A follow on question Since that solved the NO EMAIL issue what do I need to do to STOP emails that are for valid accounts? Since I have emails working now I have received two separate ones like this for VALID accounts WWW.XXX.YYY.Z 01-03-2020: A new account was created by by Jane Doe.This IP has 1 violations. WWW.XXX.YYY.Z 01-03-2020: A new account was created by Frank Smith.This IP has 1 violations I know they are valid accounts since orders were placed by the individuals creating the accounts. Also, can this code tep_mail('to me', STORE_OWNER_EMAIL_ADDRESS, 'honey pot failure', $text, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS); be changed in any manner to indicate what the violations were? Just asking because right now I am ecstatic to be getting the emails. THANKS AGAIN!?!?! BJ
  10. Chadduck

    HoneyPot Captcha

    THAT WORKED... Email arrived Subj: honey pot failure WWW.XXX.YY.ZZZ 01-03-2020: Denied due to numbers in a nameThis IP has 2 violations.
  11. Chadduck

    HoneyPot Captcha

    NO JOY - removed the code still no email
  12. Chadduck

    HoneyPot Captcha

    Jack as per your instructions I have tried the various combinations to no avail. error_log($text, 1, STORE_OWNER_EMAIL_ADDRESS); // error_log('hello', 1, STORE_OWNER_EMAIL_ADDRESS); // error_log($text, 1, 'webmaster@XXXXXXX.com'); // error_log($text, 1, 'XXXXXXXX@gmail.com'); WWW.XXX.YY.ZZZ 01-02-2020: Denied due to numbers in a nameThis IP has 2 violations. WWW.XXX.YY.ZZZ 01-02-2020: Denied due to letters in phone or fax fields.This IP has 3 violations. WWW.XXX.YY.ZZZ 01-02-2020: Denied due to numbers in a nameThis IP has 4 violations. WWW.XXX.YY.ZZZ 01-02-2020: Denied due to being too soon by testing testing.This IP has 5 violations. The interesting part is that the View Counter email works (see post here https://forums.oscommerce.com/topic/392949-view-counter/?page=21) With that working - it is obvious that the store's email is correctly configured. This is off the wall BUT it is possible that the code inserted in the create_account.php for View Counter could be conflicting somehow? I ask since the only difference between the OLD version store and the NEW version store - View Counter was NOT installed into the create_account.php file. I will attempt to restore the create_account.php WITHOUT the View Counter code and check.
  13. Chadduck

    View Counter

    @Mikepo Thanks - that is what I thought and the first thing I did was ban the IP before trying figure out the rest. BJ
  14. Chadduck

    View Counter

    Forgive me if this has been asked or explained elsewhere. I searched this topic for "Trap warning" and although several posts were flagged they all seem to deal with the installation and errors others were having with View Topic installs. When I arrived at my desk this morning I had this email waiting on me Subj: View counter IP Trap warning for IP 5.101.0.209 The IP 5.101.0.209 attempted to alter the url in a way that is consistent with hacking attempts. ******* This IP should be banned *******. Click this url, http://www.projecthoneypot.org/ip_5.101.0.209, to find out more information about this IP. My question is simple - while I assume that it is/was View Counter that wants "Projecthoneypot.org" to be visited and notified - WHO/WHAT is the "Projecthoneypot.org" organization? Yes I have read the "About" on the site but it also refers to this "To participate in Project Honey Pot, webmasters need only install the Project Honey Pot software somewhere on their website. " I KNOW that I did NOT install their software ANYWHERE on my server. What's going on?
×