View Counter

[Jack_mcs]

5 hours ago, Smoky Barnable said:

Undefined constant "VIEW_COUNTER_GOOD_IP_LIST"

That's a setting added by the view_counter_db_handler.php file. You have to run that file in a browser. And then click on the rest button to apply new configuration fields.

[Jack_mcs]

3 hours ago, wetzel said:

he html_output change caused an error

That change is to add the missing bootstrap button to older shops. But your version probably already has it. Unfortunately, there's no way to provide exact instructions for all versions, especially Phoenix, because there are so many of them. But other than that and the application_top changes, there aren't any other changes so you should be all set.

There are other files in the change directory but the php files are just for adding the auto-complete code for create account and checkout so they are not required. You should make the change to the roots .htaccess file, if you haven;'t. And you should use the robots file in the extra directory, just be sure to change the two lines with my domain name in them.

[Jack_mcs]

A new version has been updated with these changes:

• Added countries to the country blocking list to account for differences in names.
• Added many entries to the hacker checking code. See notes below.
• Added cross-scripting to the extras .htaccess file.
• Changed the trap code since it could give false results under rare conditions.
• Changed the Good IP list setting to a textarea.
• Changed code to prevent some php notices.
• Changed code for the IP Details dialog. Should always return the details now.
• Changed the javascript popup code for checking if an IP is in a cidr to use the messagestack.
• Changed the .htaccess writing code to properly handle the deny surrounding statements.
• Changed the .htaccess writing code to use the servers setenv mod for blocking domain names.
• Changed the IP count on the Monitor page to also show counts for bots and admin.
• Changed the IP In CIDR button to Check Status. It now checks more places for blocked IP's, though not as many as in the Pro version.
• Corrected code that prevented hacker code checking in some cases.
• Corrected code to return correct responses for all bans.
• Fixed the code for syncing the .htaccess file and database to prevent duplicate entries.
• Made a number of minor changes for speed improvement.
• Moved the hacker checking code that was in two files to one file.

PRO VERSION ONLY:

• Added a Security Test in Tools.
• Added a Similar IP's report. Allows moving single blocked IP's into CIDR's.
• Added a table of Amazon IP's and an option to allow blocking them.
• Added a table of good bot IP's (currently only googles) and an option to skip them so they are not accidentally blocked.
• Added a cron script to backup the banned and ignored IP's.
• Added cross-checking of blocked IP's between Honey Pot and View Counter.
• Added a search by IP to the banned log page.
• Changed the Banned log to record the count of attempts by an IP.
• Changed the IP In CIDR button to Check Status. It now checks if the entered IP is blocked or ignored in any way.
• Corrected typos in the database only blocking code.
• Improved the email tracking code.
• Improved the Hosts blocking code.

NOTES:

1 - The Pro version contains many more features and security checks than the free version. It now also communicates with Honey Pot to increase protection. Contact me for a package price for the Pro versions or if you have any questions about what is available.

2 - The Extra directory has an .htaccess that has code to help prevent attacks. It needs to be merged with the existing one. It is not a direct replacement. This is not part of View Counter and is useful for any site.

3 - The Extra directory has a large robots.txt file. If used, be sure to change the two places where the domain is mentioned. If you do not have an XML sitemap for your shop, which is a mistake, be sure to delete the second line mentioning the domain name.

4 - I strongly suggest you install the Custom Server Error Pages addon. Besides adding error pages which many sites don't have, View Counter shows the failures and uses the failed attempts to block hackers. You will be surprised, at least I was, of the number of attempts the hackers make.

5 - If you use any of the following in the shop, the includes/modules/view_counter_hacker_defines.php file will need to be edited to remove it.

ads.txt
assetlinks.json used to check apps may give false positives
Fortinet
humans.txt
leafhacker an app. Not used but may cause false positives.
phpmyadmin
webfig
Wordpress within the shop (unlikely).

[Jack_mcs]

I was asked about adding to the hacker defines so I thought I would mention it here. The defines are in view_counter_hacker_defines.php. You can add whatever you want there as long as you follow the pattern of enclosing it in quotes and followed by a comma.

If you have installed the custom server error pages as recommended, then to View Counter->Monitor and click on the file name column. Then go through the pages until the server_error.php file is shown. If there are any entries for it, the Parameters column will show what was not found. Some entries may be normal, like missing images, but if there are any that does not apply to your shop then it is probably a hacker looking for a way in. In those cases, copy the parameter and enter it into the above file.

If you post such words here I will add to the next version.

[♥Smoky Barnable]

Does view counter work when using CloudFlare CDN? For example, I can only get customers ip using this code:

$customers_ip = $_SERVER["HTTP_CF_CONNECTING_IP"];

 

[Jack_mcs]

CloudFlare replaces the IP that View Counter sees so it won't work properly. The code works fine but the displayed IP's belong to CloudFlare and so they are useless. There used to be a module CF offered to show the real IP but that no longer works. They have a different way of doing it now but I could never get it to work. CF wanted to run tests to see why but it was a live shop so that wasn't possible.

They never mentioned that SERVER variable. If that is always available and valid, then you change the following in includes/modules/view_counter.php

$thisIP = $_SERVER['REMOTE_ADDR']; //increase scope
 
 switch (true) {  

to

 $thisIP = $_SERVER['HTTP_CF_CONNECTING_IP']; //increase scope
 
 switch (false) {  
 

 

[♥Smoky Barnable]

7 hours ago, Jack_mcs said:

CloudFlare replaces the IP that View Counter sees so it won't work properly. The code works fine but the displayed IP's belong to CloudFlare and so they are useless. There used to be a module CF offered to show the real IP but that no longer works. They have a different way of doing it now but I could never get it to work. CF wanted to run tests to see why but it was a live shop so that wasn't possible.

They never mentioned that SERVER variable. If that is always available and valid, then you change the following in includes/modules/view_counter.php

$thisIP = $_SERVER['REMOTE_ADDR']; //increase scope
 
 switch (true) {  

to

 $thisIP = $_SERVER['HTTP_CF_CONNECTING_IP']; //increase scope
 
 switch (false) {  
 

 

It actually was getting most IPv4's ok but for IPv6 this code seems to get both when using CloudFlare.

if(isset($_SERVER['HTTP_CF_CONNECTING_IP'])){
$thisIP = $_SERVER['HTTP_CF_CONNECTING_IP'];
}else{
$thisIP = $_SERVER['REMOTE_ADDR'];
}

 

[Jack_mcs]

5 hours ago, Smoky Barnable said:

It actually was getting most IPv4's ok but for IPv6 this code seems to get both when using CloudFlare.

Were the IPV4's those of customers or of CF? IPV6 isn't fully supported in VC so you should return out of the module for those.

[Omar_one]

Hello @Jack_mcs
I have view-counter v1.8 installed on Frozen today I get error on the admin side 
 

1213 - Deadlock found when trying to get lock; try restarting transaction

 update view_counter set view_count = 5, ip_active=1, last_date = now() where file_name = 'edit_orders_add_product.php' and arg = 'oID=24126&action=add_product' and language_id = 4 and ip_number = INET_ATON('XX.XX.XXX.XXX' ) and session_id = '6f18e74135e1d2eef63e03c199ea109f'

INET_ATON('XX.XX.XXX.XXX' ) was admin IP address I just change it before I post here

and this one 
 

1213 - Deadlock found when trying to get lock; try restarting transaction

delete from view_counter where last_date < '2022-03-11 23:59:59'

 I am not sure why I get this errors,
 I appreciate your help
Omar

[Jack_mcs]

@Omar_oneI've never seen that happen before so I don't have a quick answer for you. But the current version is 1.12 and there have been a very large number of changes in it compared to version 1.8 that have to do with handling the database so I suggest you upgrade first to see if that fixes it. 

[♥Smoky Barnable]

I've got view counter working on my local xampp server with PHP 8 and MySQL 5.5 however when I uploaded to my host I see the database query in view_counter.php returning an empty result set. This query returns data on my xampp server but is empty on my production site:

select *, TIME_TO_SEC( UNIX_TIMESTAMP( now( ) ) - UNIX_TIMESTAMP( last_date ) ) as time, DATE_FORMAT(last_date, '%a, %D %T') as date_time from view_counter where ip_active=1 and language_id = 1 and isbot = 0 and ( (isadmin <> '/admin/')) order by last_date desc limit 20 offset 0

I should note that on my test server there is also some warnings "#1292 Incorrect time value". I'm wondering if this might be because my live site is using MySQL 5.7?

Edited June 13, 2022 by Smoky Barnable

[Jack_mcs]

I don't have a shop set up with View Counter that will run with php 8 so I can't test this.

6 hours ago, Smoky Barnable said:

#1292 Incorrect time value

 But that error is due to an invalid timestamp value so my first guess is that you have changed the time format entry in the View Counter settings. 

But since it is only failing on the server I think it more likely that the servers mysql version has strict mode set. The code should work even with that set but until I am able to test it that might be a quick fix. 

[Jack_mcs]

A new version has been uploaded with these changes:

Free Version

• Added the clear_ip_manually sql file (in Extras) to allow clearing of an IP that blocks you from admin.
• Added visitor count to the header.
• Added tool to whitelist an IP.
• Changed the blocking code when the bad bot trap is tripped to only store the IP once - it was storing it twice.
• Changed the status function to return violations if Honey Pot is used.
• Corrected a database query in admin that caused intermittent errors.
• Fixed problem that could occur in multi-language shops.
• Fixed the prolem in Tools that prevented the selected tool from staying open.
• Moved some code out of a loop to improve speed in admin.
• Moved some code to common functions.

Pro Version:

• Added more hacker defines.
• Added a function to check if a customer exists to prevent accidental blocking. Requires Honey Pot.   
• Added code to identify an IP that was banned by Honey Pot in the Banned Log. Requires Honey Pot.
• Added code to allow checking IP's on abusepdb.com.
• Added a tool to check for blocked customers.
• Added a search option to the Monitor page.
• Fixed the banned log code to set the initial sort method correctly.
• Changed how the blocking code works when a block is done in Honey Pot's Maintenance section. Requires honey Pot.
• Changed the code to track errors to use SCRIPT_NAME instead of REFERER for better results.
• Changed the wording of the report text to better identify where the error occurred.
• Removed the timeout value in CURL for downloading the database to allow for larger databases.
•  

[Jack_mcs]

A new version has been uploaded with these changes:

Free Version:

• Added missing countries and other variations to the countries list.
• Added the unique IP counts to the visitor count line in Monitor.
• Added a line to the header of Monitor to display the counts of banned logs.
• Added a clean tool in the Maintenance section to remove duplicate IP's;
• Added code to prevent an IP from being blocked if it is in the country blocking list.
• Changed delete customers code to also delete from View Counters customer table.
• Changed code in the shops .htaccess file to prevent looping on traps.
• Changed the code for blocking CIDR's to catch invalid entries.
• Changed the four input boxes on Monitor to clear when clicked into.
• Changed some tep_ calls to generic ones for better compatibility.
• Changed the size of the countries field in the block table to hold longer country names.
• Changed the code so a hacker check checks both bots and non-bots in admin.
• Changed the spoofing checker code to improve speed and accuracy.
• Changed the Clean Database tool to remove blocked IP's that are being blocked by country.
• Converted the admin to use a class instead of function.
• Corrected code mistake when checking existing customers.
• Made many changes to the Monitor GUI for easier use.
• Moved the code to clear the database tables to a cron job.Moved the Warning code to the hidden area, renamed it and populated with ajax to improve speed.

PRO Version:

• Added a setting to control the rating returned from abuseipdb.
• Added a setting to block IP's that are spoofing.
• Added a link to add an IP to the abuseipdb table from the popup checker.
• Added a cron job to clean the database of duplicates.
• Added many entries to the hacker definition file
• Added tables to store known good google and Bing Ip's and the code to ignore them.
• Changed the log recording code to account for the source IP if Cloudflare is used.
• Changed the Danger warning to a link so the hacker IP can be seen with a click.
• Removed ads.txt from the hacker defines since google needs it for their scripts.
• Rewrote some of the IP checking code. Saved 15 seconds on a site with 12,000 daily visits.

Notes:

• This version has moved the code that updates the database to a cron job. For busier sites, this greatly increases the speed of the code. So be sure to remove the code previously added to both application_top files or the hook for that if your shop uses hooks.
• This version now uses a class for most of the work in admin. The function file is now used to provide compatibility between the various versions of oscommerce. Just upload all of the new files to apply these changes.
• I discovered that the names for countries that IP2location uses in its database does not always match the actual country name. I have edited the country list used by View Counter to account for this.  So of the names are longer than the field the database uses. The database script will adjust this but you will need to check the selected blocked countries to make sure the ones you want to block are checked.
• For the Pro version, I haven't added a limit to the abuseipdb entries yet. I am still testing how it affects a sites speed. So far, we have over 115,000 entries in that table and it has not made any noticeable difference in speed. And it has resulted in over 1,400 blocked hits.
• In the last six months, or so, more than one person downloaded a list of all of the old addons and created a script to check for any of them on a site. Some old addons had serious security holes so if you have one installed, it could provide a way for hackers to get in. The pro version provides a way to check for this. For the free version, be sure to double check your isntallations.
• I have also noticed that hackers are, more and more, using multiple IP's for checking a site. This is meant to prevent shop owners from noticing an IP that is skimming data.  Some single IP's can hit a site several thousand times in a matter of hours. By using multiple IP's, the hits are spread out making it appear that the site is just busier but in a normal way. You can change the Skimmer setting in View Counter to catch such hits.
• Whether you use View Counter or not, you should use the changes that are in the extra directory for the .htaccess and robots file since they will help your shop. For the .htaccess file, copy its contents into yours (don't replace yours with it). for the robots file, be sure to change the first and last lines to reference your site.
• Works with all oscommerce versions through Phoenix 1.0.8.21.

Edited April 14 by Jack_mcs