Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

MASSIVE ORDER - is it real?


penge

Recommended Posts

Someone is in the process of placing a huge order, he/she/it has one of everything in the shopping basket and has been online for a couple of sessions.

 

The question is, should I be rubbing my hands waiting for the order to be placed

 

or

 

Could it be malicious bot or something to drain the contents of the shop?

 

Other users might find items out of stock because of the above.

 

Anyone else had this?

 

The IP is 131.107.163.46 - traceroute it times out and I can't resolve the host address

 

Penge

Link to comment
Share on other sites

Thanks for the whois link and indeed it it microsoft!

 

Could this be Bill buying a few (?) gifts fo his wife!

 

Can I start rubbing my hands now - please?

 

Penge

Link to comment
Share on other sites

Billy got a bad bot but the bad bot billy got got swat so Billy got another bad bot....

 

Say that really fast ten times...... :shock:

Link to comment
Share on other sites

They have put a name on the bot now

 

MicrosoftPrototypeCrawler:

131.107.163.47 ... "MicrosoftPrototypeCrawler (please report obnoxious behavior to [email protected])"

 

Anyone can get a hotmail address, but the ip-address is owned by Microsoft.

 

And I thought I could buy the kid's some new shoes today, never mind!

 

How do I kill the bot!

 

Penge

Link to comment
Share on other sites

Yeah the other day some "person" put $166 worth of merchandise in their cart, I was so happy, then *poof* they vanished. Kinda upset me.

 

My business has been online since April 17th yet no buyers. :(

Link to comment
Share on other sites

To combat this I've found that going to the local super/hypermarket and filling up a trolley, then just abandon the sadi trolley and walk out the store.

 

It will make you feel better...............

Link to comment
Share on other sites

There is a new one out there from Looksmart http://grub.org/.... anyone can download and run it....it claims to "Improve Web Search from Your Desktop!".... this is the speil:

 

Grub uses the power of distributed computing to build the best search on the Web. It automatically crawls the Web in the background, borrowing your computer's spare clock cycles, so you won't even notice it's there. The download is quick, you control how much you crawl, and the cool screensaver shows you the real-time progress your computer is making. You can even compare your stats to other Grubsters in the project!

 

Help perfect the search engine. Join the Grub project today!

 

Frightening..... and it is *NOT* responding to robots.txt....

 

So.. soon there will be *millions* of ordinary users sending out bots.... just read the webmaster posts thus far on the Grub site to see its effects....

 

My view is that the issue of 'bots' needs urgent review by international legislatures.......

Link to comment
Share on other sites

To combat this I've found that going to the local super/hypermarket and filling up a trolley, then just abandon the sadi trolley and walk out the store.

 

It will make you feel better...............

 

HAHAHA - Made me laugh so bad!!!

 

:lol: :lol: :lol: :lol:

Link to comment
Share on other sites

Well, it's still here and plodding along through the cart. The total so far is ?6000 and rising.

 

Go on, press checkout and put Bill's CC details in!

 

How do I make it go away?

 

Installed the SID killer last night but don't know how to test it.

 

There is a thread on spider traps for /includes/functions/html_output.php - should I be thinking about that?

Link to comment
Share on other sites

the html_output.php spider killer is very effective

 

you may also want to create a robots.txt file and top well behaved bots from going to certain pages (do a search for robots.txt in the forum)

Link to comment
Share on other sites

Frightening..... and it is *NOT* responding to robots.txt....

 

Add this at the very top of includes/application_top.php (after the first <?php ! )

 

$is_grub = strpos(strtolower($HTTP_USER_AGENT), "grub-client");

if ($is_grub == true) {

   echo "<h3>You are GRUB - you are NOT WELCOME!</h3>";

   exit;

}

 

Quickly coded, untested.

Link to comment
Share on other sites

My robot file:

 

User-agent : * # Matches any robot name

Disallow: /catalog/admin

 

I have tried JenRed's html_output.php spider killer today, it's not causing any problems with the cart but how ho I test it to see if it's working. Will it kill the bot?

 

The bugger is still there and shopping!

 

Penge

Link to comment
Share on other sites

same place

 

OrgName: Microsoft Corp

OrgID: MSFT

Address: One Microsoft Way

City: Redmond

StateProv: WA

PostalCode: 98052

Country: US

NetRange: 131.107.0.0 - 131.107.255.255

CIDR: 131.107.0.0/16

NetName: MICROSOFT

NetHandle: NET-131-107-0-0-1

Parent: NET-131-0-0-0-0

NetType: Direct Assignment

NameServer: DNS1.CP.MSFT.NET

NameServer: DNS2.CP.MSFT.NET

NameServer: DNS1.TK.MSFT.NET

NameServer: DNS1.DC.MSFT.NET

NameServer: DNS1.SJ.MSFT.NET

 

you may want to add that ip range as a disallow in robots.txt

Link to comment
Share on other sites

Some of my hosts have a place to block access from certain IP addresses, maybe your's does too.

In olden times the men were made of iron and the ships were made of wood; now it's the other way around. :wink:

Link to comment
Share on other sites

i need more coffee... actually i dont think you can do that (would be nice if you could) - i think that needs to be done in the .htaccess file

 

i am looking at another option :oops:

Link to comment
Share on other sites

Thanks for the code, I have updated the file, let's hope it goes away!

 

That wasn't for you, that was for Johnson (GRUB).

 

You can try this, after the first <?php in application_top:

 

$is_ms = strpos(strtolower($HTTP_USER_AGENT), "microsoftprototypecrawler");

if ($is_ms == true) {

   echo "<h3>You are Microsoft - you are NOT WELCOME!</h3>";

   exit;

}

 

I do not know if it will work. Try it and report back - remember that it will still show in whos_online!

 

To get rid off of your site, try this:

 

$is_ms = strpos(strtolower($HTTP_USER_AGENT), "microsoftprototypecrawler");

if ($is_ms == true) {

   header("Location: http://www.microsoft.com/"); 

   exit;

}

 

Give it a go...

Link to comment
Share on other sites

.htaccess

DirectoryIndex catalog/default.php

 

When I add:

 

Disallow: 131.107.0.0 - 131.107.255.255

 

I get server error 500. What's the right syntax

 

 

To Burt

 

I have tried the first code snippet and will let you know what happens

Link to comment
Share on other sites

from the php manual:

 

The Allow and Deny directives let you allow and deny access based on the host name, or host address, of the machine requesting a document. The directive goes hand-in-hand with these is the Order directive, which tells Apache in which order to apply the filters.

 

The usage of these directives is:

 

 

allow from address

 

 

where address is an IP address (or a partial IP address) or a fully qualified domain name (or a partial domain name); you may provide multiple addresses or domain names, if desired.

 

For example, if you have someone spamming your message board, and you want to keep them out, you could do the following:

 

 

deny from 11.22.33.44

 

 

Visitors coming from that address will not be able to see the content behind this directive. If, instead, you have a machine name, rather than an IP address, you can use that.

 

 

deny from hostname.example.com

 

 

And, if you'd like to block access from an entire domain, or even from an entire tld (top level domain, such as .com or .gov) you can specify just part of an address or domain name:

 

 

deny from 192.101.205

deny from exampleone.com exampletwo.com

deny from tld

 

 

Using Order will let you be sure that you are actually restricting things to the group that you want to let in, by combining a deny and an allow directive:

 

 

Order Deny,Allow

Deny from all

Allow from hostname.example.com

 

 

Listing just the allow directive would not do what you want, because it will let users from that host in, in addition to letting everyone in. What you want is to let in only users from that host.

Link to comment
Share on other sites

The problem though with denying IP addresses is that in the process you may deny thousands of users from accessing your site..... it is obvious the we have a new breed of bot that are becoming a serious performance issue..... just as DOS attacks are illegal, so simply should these bots...

 

I will state again that there needs to be a legislative remedy...

Link to comment
Share on other sites

To Burt  

 

I have tried the first code snippet and will let you know what happens

 

Checking back this morning one of the bot's has gone, the other was there for an hour or so, now it's gone as well.

 

Before I break open the champagne and send Bill the bill (?) for bandwidth and inconvenience factor, let's see what happens.

 

Penge

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...