Loaded Commerce Community

Banner

View unanswered posts | View active topics


Board index » CRE Loaded Support » CRE Loaded 6.3

All times are UTC - 5 hours




Post new topic Reply to topic  Page 1 of 1
  [ 4 posts ] 
  Previous topic | Next topic 
Author Message
mrbill
 Post subject: 6.3.3 Security Problem and /ssl_merch.php
PostPosted: Thu Jul 21, 2011 11:52 am 
Offline
CRE Newbie
User avatar

Joined: Mon Apr 27, 2009 2:25 pm
Posts: 20
Just today we started receiving orders for < $ .99. No orders are being logged in our CRELoaded admin but Authorize.net is recording the orders.

IP address of 213.175.218.178 is accessing /ssl_merch.php in our store to process these transactions.

It's apparent that whomever is doing this is trying to determine which credit cards he/she has are valid. Outside of blocking the users IP address, is there anything else I can do to prevent this from happening? I searched the boards and did not find anything related to this.

Thanks in advance for your help/advice/suggestions!

Edit:

The only entries in our log files originating from this IP are:

213.175.218.178 - - [21/Jul/2011:XX:12:XX -0400] "POST /ssl_merch.php HTTP/1.1" 200 207 "-" "-"
Top
 Profile  
 
soundzgood2
 Post subject: Re: 6.3.3 Security Problem and /ssl_merch.php
PostPosted: Thu Jul 21, 2011 7:48 pm 
Offline
CRE Legend
User avatar

Joined: Thu Jun 12, 2008 6:39 am
Posts: 2405
Location: New Zealand
Apart from - 1) don't use authorize.net 2) upgrade to 6.4.x ?

Simon

_________________
www.codemehappy.com
For Cre Loaded tips, how-to articles and more

Top
 Profile  
 
mrbill
 Post subject: Re: 6.3.3 Security Problem and /ssl_merch.php
PostPosted: Mon Jul 25, 2011 10:53 am 
Offline
CRE Newbie
User avatar

Joined: Mon Apr 27, 2009 2:25 pm
Posts: 20
where does somebody go to pay for someone to assess and address matters regarding security?
Top
 Profile  
 
soundzgood2
 Post subject: Re: 6.3.3 Security Problem and /ssl_merch.php
PostPosted: Mon Jul 25, 2011 5:03 pm 
Offline
CRE Legend
User avatar

Joined: Thu Jun 12, 2008 6:39 am
Posts: 2405
Location: New Zealand
Your hosting company (hopefully.)
I need to put my sig in block capitals it seems.

Simon

_________________
www.codemehappy.com
For Cre Loaded tips, how-to articles and more

Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  Page 1 of 1
  [ 4 posts ] 

Board index » CRE Loaded Support » CRE Loaded 6.3

All times are UTC - 5 hours


Who is online

Users browsing this forum: No registered users and 2 guests

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
It is currently Thu May 24, 2012 1:51 pm
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group

Main Menu

Login

Forums Latest Activity

Top Listing

1. Cart2Cart - Shopping...
    Category: Shopping Cart Database Conversion Scripts
    
2. Points & Rewards PLUS!...
    Category: Add-Ons
    
3. Configuration Server...
    Category: Fixes
    
4. Credit Card with CCV
    Category: Payment Modules
    
5. CC7333_ATS
    Category: Templates
    
Show more...

© CRE Loaded is a product of Chain Reaction Ecommerce, Inc. Usage & Privacy Policy