Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Hacker or bot or ?


Avec

Recommended Posts

I happened to be looking at Supertracker and Who's Online. I refreshed and Who's increased by 83 from literally 1 minute to the next. All 83 new had the same IP. The odd thing is that listed there as the last URL were various entries similar to this

 

00:08:16 0 Guest 85.10.140.177 11:16:10 11:16:10 /-c-27.html?products_id=http%3A%2F%2Fwww.meexia.com%2Fblog%2Fwp-content%2Fthemes%2Fsquares%2Forelura%2Fwageno%2F&action=buy_now&sort=2a&osCsid=509485cc448831dadadb44ef5ffd3674

 

The all have weird urls embeaded. (www.meexia.com shown) It does not look like any of them have the same url. Many of them have country extension, including France, CH, UK.

 

Any idea what this is all about?

Link to comment
Share on other sites

Hi Jeff,

 

I'm getting the same thing with weird URL's listed in the who's online, just not as many as you and I'm hoping someone out there has the answer.

 

What I get is about two or three times a day really weird things show up in my Who's Online under the Last URL section. Every time these appear, the beginning of the last url starts with index.php?cPath= and always ends with /images? or /images - but there's always something weird in between.

 

For example:

 

index.php?cPath=http://thepotparty.eclub.iv/images?

 

Or

 

index.php?cPath=http://luckygoldpot.chat.ru/images

 

 

When I track the IP address they are from all over, but mainly Canada, Poland and the US. And the same weird last url is usually listed/online more than once at the same time.

 

What is this and is there anyway to block them? Am I being hacked somehow?

 

Any insight and/or suggestions will be greatly appreciated.

 

Brightest Blessings,

 

Dawn

Owner, Azure Moon Jewelry And Gifts

www.azuremoonjewelry.com

Link to comment
Share on other sites

What is this and is there anyway to block them? Am I being hacked somehow?

 

you might try the ban ip addresses contribution:

http://addons.oscommerce.com/info/1561

 

this doesn't explain where these are coming from though. i think i've seen another contribution for a more advanced who's online feature that includes information about the user agent making the request. if you had that information you might be able to block these kinds of requests a little better.

 

i don't think it's a security risk, but it is using up your bandwidth which is still undesirable.

Link to comment
Share on other sites

you might try the ban ip addresses contribution:

http://addons.oscommerce.com/info/1561

 

this doesn't explain where these are coming from though. i think i've seen another contribution for a more advanced who's online feature that includes information about the user agent making the request. if you had that information you might be able to block these kinds of requests a little better.

 

i don't think it's a security risk, but it is using up your bandwidth which is still undesirable.

 

Hi Dave!

 

Thank you for getting back to me and also for the contribution tip...I'll check it out :-)

 

Brightest Blessings,

 

Dawn

Owner, Azure Moon Jewelry And Gifts

www.azuremoonjewelry.com

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...