Jump to content

Recommended Posts

@Philip79

Without knowing anything about this add-on, if there is a file in /includes/languages/english/xxxx.php, than it stands to reason that if your shop supports multiple languages, you would add a similar file in /includes/languages/<your other language>/xxxx.php

M


Get the latest Responsive osCommerce CE (community edition) here .

Share this post


Link to post
Share on other sites

Thank you for that message but that is not always true.  I'm already in the process of performing the translations for that file and the catalog\includes\languages\english\modules\header_tags\ht_honeypot.php file as well.

Share this post


Link to post
Share on other sites
4 hours ago, Philip79 said:

Are the text constants contained in the honeypot.php file displayed to the user or only to the administrator?

None of the defines with "violation" in them are shown to the customers. The others are. As @ArtcoIncmentioned, you need to create a copy of the english files for whatever language you have.

Share this post


Link to post
Share on other sites

Jack thanks for the information.  I appreciate your reply.  I have already created the companion language files for the spanish, french, and german folders.  Sometimes contributors do not include the code to support multiple languages, hence my question.  I'm working with hosting service on the cron job.  Until I get that working I will probably manually download the list using the pat in the code to update that file.  My site is under constant attack by Russian bot(s).  Discovered that they had created hundreds of dummy accounts since last July.  I have to check repeatedly during the day for new accounts and temporarily updating my blocked IP address ranges.  Mostly from Russia, Moldova, and Ukraine.

Share this post


Link to post
Share on other sites

@Philip79I think Honey Pot will stop all of those but if any get through, please post the detail here so I can see how they were missed.

Share this post


Link to post
Share on other sites

Quick question on where the two files:  captcha.php & verdana.ttf to be moved to which folder?  Are they at the catalog root level?  Thanks.

Share this post


Link to post
Share on other sites

Quick question about the iplist.txt file.  As I identified three weeks ago my site has been attacked by bots, mostly from Russia but also other eastern European hosting service providers, and I have collected their IP addresses from the osCommerce Who's Online functionality.  I have been checking the IP addresses against the site cleantalk.org.  It is easy when I find the bot creating a new account on my site and then adding the range of IP addresses to my blocked IP addressed list via CPanel.  When checking against the current iplist from the link to the file that it is provided in the \catalog\admin\honeypot.php file, I do not find many of the these spam IP addresses in the file.  My intent was to remove all of the blocked IP addresses and rely upon the iplist.txt file but I am concerned that there too many IP addresses that are not present in the iplist.txt file that I have identified.  I appreciate any suggestions or comments that you may offer.  Thank you.

Share this post


Link to post
Share on other sites

@Philip79The IP's in the iplist file are obtained from myip.ms. They have a free list of known bad IP's. But they only supply recent ones so you have to run the cron job in HP to keep the iplist updated. I've no way to judge how the list compares to cleantalk. It might be that their list of IP's is far more inclusive but theirs is a paid service so it is not included in HP. You can manually add the IP's to the iplist file if you want. The cron job adds to the list so entries in it won't be deleted.

But, to be clear, HP is meant to stop fake accounts from being created and to stop spam emails sent from the shop. When you say your site has been attacked, if you mean the IP's are doing something else, like scraping data, then I suggest you install View Counter since blocking attacks is its main purpose.

Share this post


Link to post
Share on other sites

Jack thank you for the information and the suggestion of your other contribution.  You are very helpful.

Share this post


Link to post
Share on other sites

Jack I installed all of the changed files that include:  catalog\contact_us.php, \create_account.php, \tell_a_friend.php, catalog\admin\includes\column_left.php, & catalog\admin\includes\functions\general.php, as well as all of the new files in the various folders, and all of the database changes to the configuration table.  However the catalog\admin\includes\column_left.php contained entries for four other programs that are not part of this contribution.  Once I deleted them I was able to at least display the Honeypot box.  However the heading is displayed as " BOX_HEADING_HONEYPOT" instead of a test string that may be coming from the catalog\admin\includes\languages\english\honetpot.php file.  There is  no entry in Administration, Modules, Header Tags.  This appears to be a separate contribution so there is no way to define the various parameters for the honeypot module.  The various folders & files that are contained within the various header tags folders did not exist in my implementation of osC previously so I added them.  I look forward to any suggestions you have as at this point this does not implement in osC 2.2. Thank you.

Share this post


Link to post
Share on other sites

The BOX_HEADING_HONEYPOT is defined in the admin's english.php file, or whichever language you are using. You don't mention changing that so I'm guessing that is the problem. As for the settings, they are in admin->Configuration->Honey Pot.

Share this post


Link to post
Share on other sites

Thanks Jack.  That instruction was not included in the contribution.  Any other entries in the \admin\includes\languages\english (espanol, or german)?  FYI the Usage.txt says to set the options in Administration, Modules, Header Tags.

Share this post


Link to post
Share on other sites

@Philip79I just checked and the instructions for an MS2 shop don't mention that location. I will change the text in the usage file in the next version to mention it there..

Share this post


Link to post
Share on other sites

Great!  However I found no indication of Honeypot under Admin->Configuration so there is still something missing for that configuration screen to display.

Share this post


Link to post
Share on other sites
Posted (edited)
3 hours ago, Philip79 said:

However I found no indication of Honeypot under Admin->Configuration so there is still something missing for that configuration screen to display.

Did you run the database install script? If you did, did you change the ID as mentioned in the instructions?

Edited by Jack_mcs

Share this post


Link to post
Share on other sites

I executed each insert command in phphMyAdmin and I changed the configuration_group_id to a value of 17 as 16 was alreday in use.  That should have caused the \admin\configuration.php to read the configuration table and display the new entries.

Share this post


Link to post
Share on other sites

If you are not seeing them in admin->Configuration, then you will need to look at the configuration_group and configuration tables in the database to see what went wrong.

Share this post


Link to post
Share on other sites

However should there not be an entry in the configuration_group table? 

Share this post


Link to post
Share on other sites

Yes, there should be.  I can see I never included that part. Run this command to add it after changing the group ID to whichever number you are using. I do apologize for the problems this caused you.

INSERT INTO `configuration_group` (`configuration_group_id`, `configuration_group_title`, `configuration_group_description`, `sort_order`, `visible`) VALUES ('16', 'Honey Pot', 'Settings for Honey Pot', '20', '1')

 

Share this post


Link to post
Share on other sites

Thanks Jack.  I used a different value for the sort order.  I will be re-publishing all of the changes later today.

Share this post


Link to post
Share on other sites

FYI I did not find a setting for the Exclude First Account that is documented in the Usage.txt file.  Was that option removed?  Thanks.

Share this post


Link to post
Share on other sites

In \admin\honeypot_maintenance.php there does not appear to be a way to enter an IP address as suggested by the text that is displayed:

Honey Pot Maintenance pixel_trans.gif

Enter an IP and click submit. If the IP is in the Honey Pot tracking table, it will be removed.

 

Please advise how this functionality is to be used?  Thanks.

 

Share this post


Link to post
Share on other sites
Posted (edited)
7 hours ago, Philip79 said:

FYI I did not find a setting for the Exclude First Account that is documented in the Usage.txt file.  Was that option removed?

It's in option in the Pro version not in the free one. See here.

Edited by Jack_mcs

Share this post


Link to post
Share on other sites
6 hours ago, Philip79 said:

In \admin\honeypot_maintenance.php there does not appear to be a way to enter an IP address

You should see a delete box and a submit button below that text.  If you don't, do you see the log entries below it? If you don't see anything after that text, then there is a fatal error on the page and you would need to look at the error log to see what it is.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×