Jump to content

Recommended Posts

5 hours ago, Smoky Barnable said:

Undefined constant "VIEW_COUNTER_GOOD_IP_LIST"

That's a setting added by the view_counter_db_handler.php file. You have to run that file in a browser. And then click on the rest button to apply new configuration fields.


Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

Need Help? See this thread and provide the information requested.

How to Upgrade to the latest version

Recommended SEO Addons

Share this post


Link to post
Share on other sites
3 hours ago, wetzel said:

he html_output change caused an error

That change is to add the missing bootstrap button to older shops. But your version probably already has it. Unfortunately, there's no way to provide exact instructions for all versions, especially Phoenix, because there are so many of them. But other than that and the application_top changes, there aren't any other changes so you should be all set.

There are other files in the change directory but the php files are just for adding the auto-complete code for create account and checkout so they are not required. You should make the change to the roots .htaccess file, if you haven;'t. And you should use the robots file in the extra directory, just be sure to change the two lines with my domain name in them.


Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

Need Help? See this thread and provide the information requested.

How to Upgrade to the latest version

Recommended SEO Addons

Share this post


Link to post
Share on other sites

A new version has been updated with these changes:

  • Added countries to the country blocking list to account for differences in names.
  • Added many entries to the hacker checking code. See notes below.
  • Added cross-scripting to the extras .htaccess file.
  • Changed the trap code since it could give false results under rare conditions.
  • Changed the Good IP list setting to a textarea.
  • Changed code to prevent some php notices.
  • Changed code for the IP Details dialog. Should always return the details now.
  • Changed the javascript popup code for checking if an IP is in a cidr to use the messagestack.
  • Changed the .htaccess writing code to properly handle the deny surrounding statements.
  • Changed the .htaccess writing code to use the servers setenv mod for blocking domain names.
  • Changed the IP count on the Monitor page to also show counts for bots and admin.
  • Changed the IP In CIDR button to Check Status. It now checks more places for blocked IP's, though not as many as in the Pro version.
  • Corrected code that prevented hacker code checking in some cases.
  • Corrected code to return correct responses for all bans.
  • Fixed the code for syncing the .htaccess file and database to prevent duplicate entries.
  • Made a number of minor changes for speed improvement.
  • Moved the hacker checking code that was in two files to one file.

PRO VERSION ONLY:

  • Added a Security Test in Tools.
  • Added a Similar IP's report. Allows moving single blocked IP's into CIDR's.
  • Added a table of Amazon IP's and an option to allow blocking them.
  • Added a table of good bot IP's (currently only googles) and an option to skip them so they are not accidentally blocked.
  • Added a cron script to backup the banned and ignored IP's.
  • Added cross-checking of blocked IP's between Honey Pot and View Counter.
  • Added a search by IP to the banned log page.
  • Changed the Banned log to record the count of attempts by an IP.
  • Changed the IP In CIDR button to Check Status. It now checks if the entered IP is blocked or ignored in any way.
  • Corrected typos in the database only blocking code.
  • Improved the email tracking code.
  • Improved the Hosts blocking code.

NOTES:

1 - The Pro version contains many more features and security checks than the free version. It now also communicates with Honey Pot to increase protection. Contact me for a package price for the Pro versions or if you have any questions about what is available.

2 - The Extra directory has an .htaccess that has code to help prevent attacks. It needs to be merged with the existing one. It is not a direct replacement. This is not part of View Counter and is useful for any site.

3 - The Extra directory has a large robots.txt file. If used, be sure to change the two places where the domain is mentioned. If you do not have an XML sitemap for your shop, which is a mistake, be sure to delete the second line mentioning the domain name.

4 - I strongly suggest you install the Custom Server Error Pages addon. Besides adding error pages which many sites don't have, View Counter shows the failures and uses the failed attempts to block hackers. You will be surprised, at least I was, of the number of attempts the hackers make.

5 - If you use any of the following in the shop, the includes/modules/view_counter_hacker_defines.php file will need to be edited to remove it.

ads.txt
assetlinks.json used to check apps may give false positives
Fortinet
humans.txt
leafhacker an app. Not used but may cause false positives.
phpmyadmin
webfig
Wordpress within the shop (unlikely).


Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

Need Help? See this thread and provide the information requested.

How to Upgrade to the latest version

Recommended SEO Addons

Share this post


Link to post
Share on other sites

I was asked about adding to the hacker defines so I thought I would mention it here. The defines are in view_counter_hacker_defines.php. You can add whatever you want there as long as you follow the pattern of enclosing it in quotes and followed by a comma.

If you have installed the custom server error pages as recommended, then to View Counter->Monitor and click on the file name column. Then go through the pages until the server_error.php file is shown. If there are any entries for it, the Parameters column will show what was not found. Some entries may be normal, like missing images, but if there are any that does not apply to your shop then it is probably a hacker looking for a way in. In those cases, copy the parameter and enter it into the above file.

If you post such words here I will add to the next version.


Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

Need Help? See this thread and provide the information requested.

How to Upgrade to the latest version

Recommended SEO Addons

Share this post


Link to post
Share on other sites

Does view counter work when using CloudFlare CDN? For example, I can only get customers ip using this code:

$customers_ip = $_SERVER["HTTP_CF_CONNECTING_IP"];

 


The water in a vessel is sparkling; the water in the sea is dark. The small truth has words which are clear; the great truth has great silence.

- Rabindranath Tagore

Share this post


Link to post
Share on other sites

CloudFlare replaces the IP that View Counter sees so it won't work properly. The code works fine but the displayed IP's belong to CloudFlare and so they are useless. There used to be a module CF offered to show the real IP but that no longer works. They have a different way of doing it now but I could never get it to work. CF wanted to run tests to see why but it was a live shop so that wasn't possible.

They never mentioned that SERVER variable. If that is always available and valid, then you change the following in includes/modules/view_counter.php

$thisIP = $_SERVER['REMOTE_ADDR']; //increase scope
 
 switch (true) {  

to

 $thisIP = $_SERVER['HTTP_CF_CONNECTING_IP']; //increase scope
 
 switch (false) {  
 

 


Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

Need Help? See this thread and provide the information requested.

How to Upgrade to the latest version

Recommended SEO Addons

Share this post


Link to post
Share on other sites
7 hours ago, Jack_mcs said:

CloudFlare replaces the IP that View Counter sees so it won't work properly. The code works fine but the displayed IP's belong to CloudFlare and so they are useless. There used to be a module CF offered to show the real IP but that no longer works. They have a different way of doing it now but I could never get it to work. CF wanted to run tests to see why but it was a live shop so that wasn't possible.

They never mentioned that SERVER variable. If that is always available and valid, then you change the following in includes/modules/view_counter.php


$thisIP = $_SERVER['REMOTE_ADDR']; //increase scope
 
 switch (true) {  

to


 $thisIP = $_SERVER['HTTP_CF_CONNECTING_IP']; //increase scope
 
 switch (false) {  
 

 

It actually was getting most IPv4's ok but for IPv6 this code seems to get both when using CloudFlare.

if(isset($_SERVER['HTTP_CF_CONNECTING_IP'])){
$thisIP = $_SERVER['HTTP_CF_CONNECTING_IP'];
}else{
$thisIP = $_SERVER['REMOTE_ADDR'];
}

 


The water in a vessel is sparkling; the water in the sea is dark. The small truth has words which are clear; the great truth has great silence.

- Rabindranath Tagore

Share this post


Link to post
Share on other sites
5 hours ago, Smoky Barnable said:

It actually was getting most IPv4's ok but for IPv6 this code seems to get both when using CloudFlare.

Were the IPV4's those of customers or of CF? IPV6 isn't fully supported in VC so you should return out of the module for those.


Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

Need Help? See this thread and provide the information requested.

How to Upgrade to the latest version

Recommended SEO Addons

Share this post


Link to post
Share on other sites

Hello @Jack_mcs
I have view-counter v1.8 installed on Frozen today I get error on the admin side 
 

1213 - Deadlock found when trying to get lock; try restarting transaction

 update view_counter set view_count = 5, ip_active=1, last_date = now() where file_name = 'edit_orders_add_product.php' and arg = 'oID=24126&action=add_product' and language_id = 4 and ip_number = INET_ATON('XX.XX.XXX.XXX' ) and session_id = '6f18e74135e1d2eef63e03c199ea109f'

INET_ATON('XX.XX.XXX.XXX' ) was admin IP address I just change it before I post here

and this one 
 

1213 - Deadlock found when trying to get lock; try restarting transaction

delete from view_counter where last_date < '2022-03-11 23:59:59'

 I am not sure why I get this errors,
 I appreciate your help
Omar


Get the latest Responsive osCommerce CE (community edition) here .

Share this post


Link to post
Share on other sites

@Omar_oneI've never seen that happen before so I don't have a quick answer for you. But the current version is 1.12 and there have been a very large number of changes in it compared to version 1.8 that have to do with handling the database so I suggest you upgrade first to see if that fixes it. 


Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

Need Help? See this thread and provide the information requested.

How to Upgrade to the latest version

Recommended SEO Addons

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×