Jump to content

Archived

This topic is now archived and is closed to further replies.

zefeena

False customers ? what are they up to?

Recommended Posts

Hi,

 

I've had a huge amount of 'customers' creating an account.  They are not genuine, unless they live in a very very big house, as they generally use the same addresses,

 

They usually put 'apple' or 'Microsoft' as their company and use the surnames:  Vigorda, Ken, Olivier, Holland.  I have literally deleted around 100 in the last few days.  Sometimes they have logged onto their account 400-500 times!

 

I think they are probably Russian as they often use .ru as their email.

 

What on earth are they up to, and how do I stop these people creating an account.  I'm not happy about them being on my site, as they are obviously up to no good!

 

Kellie


Running a botched up version of  osCommerce Online Merchant v2.3.4 bootstrap with the dresscode theme installed, numerous add-ons, terrible coding, terrible website, but will have to make do until I have made up for my losses and can risk shutting down for a couple of weeks while I start all over again. - I did not install my program but am endeavouring to fix it with your help.

Share this post


Link to post
Share on other sites

can you block all IPs from Russia?

Do you know the IP in question, if so use addon 'View counter' to block them.

there may be other addon which could help, but I use view counter and blocking users like these is easy to set up.

Hope this helps


osC BS gold live - osC CE in development (awesome)

Share this post


Link to post
Share on other sites

Hi,

 

I don't know how to see the ip's, or block russia. 

I will try the 'view counter' and see if i can install that.

 

thanks 

kellie


Running a botched up version of  osCommerce Online Merchant v2.3.4 bootstrap with the dresscode theme installed, numerous add-ons, terrible coding, terrible website, but will have to make do until I have made up for my losses and can risk shutting down for a couple of weeks while I start all over again. - I did not install my program but am endeavouring to fix it with your help.

Share this post


Link to post
Share on other sites

You can install this contribution : http://addons.oscommerce.com/info/824

also when a customer create an account you can take this IP and also when it create an order.

Al the end, you can also insert a button in relation with google map.

 

With this element, you can identify "good" customer or not and after you take the decision to increase the functionnalities inside your store.



Regards
-----------------------------------------
Loïc

Contact me by skype for business
Contact me @gyakutsuki for an answer on the forum

 

Share this post


Link to post
Share on other sites

I think they are probably Russian as they often use .ru as their email.

 

What on earth are they up to, and how do I stop these people creating an account.  I'm not happy about them being on my site, as they are obviously up to no good!

 

They are probably doing it because creating an account allows a hacker a little more room to play around in. If you will never sell to anyone from Russia, then you should block the whole country. You can do that with View Counter, as mentioned. If you just want to stop them from creating accounts, then you can delete those countries from your database (in admin). But since they are most likely hackers trying to get in, that won't prevent them from trying so stopping them completely is the better way. 

Share this post


Link to post
Share on other sites

Is there a way to block 'Russia' through my control panel - i.e a super quick way without adding any code.  Rather worried something might go wrong in the interim!


Running a botched up version of  osCommerce Online Merchant v2.3.4 bootstrap with the dresscode theme installed, numerous add-ons, terrible coding, terrible website, but will have to make do until I have made up for my losses and can risk shutting down for a couple of weeks while I start all over again. - I did not install my program but am endeavouring to fix it with your help.

Share this post


Link to post
Share on other sites

@@zefeena

 

If you don't have an add-on installed that can do it for you, you can put this in your root .htaccess file to block Russia.

 

<IfModule mod_geoip.c>
  GeoIPEnable ON
  # add one line for each country you wish to block
  #Russia
  SetEnvIF GEOIP_COUNTRY_CODE RU BlockThese
  Deny from env=BlockThese
</IfModule>

 

 

There's more countries below.

 

<IfModule mod_geoip.c>
  GeoIPEnable ON
  # add one line for each country you wish to block
  #AFGHANISTAN
  SetEnvIF GEOIP_COUNTRY_CODE AF BlockThese
  #China
  SetEnvIF GEOIP_COUNTRY_CODE CN BlockThese
  #Germany
  SetEnvIF GEOIP_COUNTRY_CODE DE BlockThese
  #Iran
  SetEnvIF GEOIP_COUNTRY_CODE IR BlockThese
  #LIBYA
  SetEnvIF GEOIP_COUNTRY_CODE LY BlockThese
  #Nigeria
  SetEnvIF GEOIP_COUNTRY_CODE NG BlockThese
  #North Korea
  SetEnvIF GEOIP_COUNTRY_CODE KP BlockThese
  #Romania
  SetEnvIF GEOIP_COUNTRY_CODE RO BlockThese
  #Russia
  SetEnvIF GEOIP_COUNTRY_CODE RU BlockThese
  #SOMALIA
  SetEnvIF GEOIP_COUNTRY_CODE SO BlockThese
  #SYRIA
  SetEnvIF GEOIP_COUNTRY_CODE SY BlockThese
  #Turkey
  SetEnvIF GEOIP_COUNTRY_CODE TR BlockThese
  #UKRAINE
  SetEnvIF GEOIP_COUNTRY_CODE UA BlockThese
  #Venezuela
  SetEnvIF GEOIP_COUNTRY_CODE VE BlockThese
  #Vietanm
  SetEnvIF GEOIP_COUNTRY_CODE VN BlockThese
  Deny from env=BlockThese
</IfModule>

 

This is for Yandex it's a Russian search engine

 

# Yandex from Russia
deny from .yandex.com
deny from 5.255.192.0/18
deny from 37.140.128.0/18
deny from 100.43.64.0/19
deny from 141.8.128.0/18
deny from 199.21.96.0/22

 

Take care

Bill

Share this post


Link to post
Share on other sites

To be clear, you can only use the SetEnvIF GEOIP_COUNTRY_CODE statements if the GEO IP mod is installed on the server, which it isn't for many hosts.

Share this post


Link to post
Share on other sites

That would be because your server has that package installed. It is the better choice, if available, since it is more efficient than code added in the shop. But it is not available on all servers.

Share this post


Link to post
Share on other sites

@@zefeena

 

I've had thousand of those over the years with the same surnames and company names as you mentioned. I believe it's just some script which runs, it's not an actual hacker sitting in a bedroom registering new customers on osCommerce sites! They never did anything on my site, just created accounts which are laborious to remove.

 

For some reason I haven't had any of those since late 2015. I don't think I did anything to get rid of them. There is a reCaptcha module available for the Contact Us, Login and Create Account pages which forces people to enter a code before they can register, contact you or login which would stop bots. Not sure if it will work with 2.3.4BS, try it and if it doesn't work I'll try and knock up a module for you. You won't need it for the contact_us page, it's protected by action_recorder; you probably wouldn't need it for the login either, so no need to install those bits of code.


Let's make things easier for new osCommerce users http://forums.oscommerce.com/topic/402638-discussion-about-hard-coded-database-tables/?p=1718900  Getting there with osCommerce 2.4! :thumbsup:

Share this post


Link to post
Share on other sites

So Jack,  I'm presuming I don't have the GEO IP installed on my server then, seen as you are the host?

 

And thank you frankl, that's actually reassuring.  I did wonder what sadsack had logged on over 400 times!  it does seem more likely that it s robot or scritp rather than a person, though it makes one wonder what the scritpt is for.  Maybe just likes to use up bandwidth and just be generally annoying and worrysome!!

 

thank you


Running a botched up version of  osCommerce Online Merchant v2.3.4 bootstrap with the dresscode theme installed, numerous add-ons, terrible coding, terrible website, but will have to make do until I have made up for my losses and can risk shutting down for a couple of weeks while I start all over again. - I did not install my program but am endeavouring to fix it with your help.

Share this post


Link to post
Share on other sites

@@zefeena I'm sorry but I don't have a way to identify forum members as hosting members so I didn't realize you host with us. Yes, we have that package installed. See the Blocking Countries announcement in the members area for the details or contact me via email.

 

It doesn't matter whether the accounts are being created by a person or a script - they are not legitimate accounts. When an account is created, the database is accessed. If a hacker is able to tack his code onto that request then he gains access to your database. That's usually the reason they create the accounts. But whatever the reason, you can be sure that they are not doing just because they can. 

Share this post


Link to post
Share on other sites

×