How to stop bots from creating abandoned carts?
Posted 04 June 2012 - 08:38 PM
Every day I get 20 (at least) abandoned carts. All contain two of the same product.
What's baffling is that these products are personalized products and three text fields must be completed to add to the cart. Not sure if its two separate additions to cart or one with a quantity of 2.
What also is puzzling is that the cost of the product is 8.95 each in the abandon cart. There is no product price combination that would give you 8.95. The prices range from 5.95 to 11.95, depending on the option. No way to get 8.95. There are no discounts or promotions.
I have never gone into the database (or know how), but is there a way to find out the IP addresses for the abandon carts and if the same, block them? It would be nice for the Abandon cart page to show the time and IP address of the entity creating the cart.
This has been going on for weeks and would like to stop it.
Posted 05 June 2012 - 02:24 AM
Posted 05 June 2012 - 09:50 AM
I deleted the abandon carts last night and now have 20 more this morning all from 6/5. My chat tracking program, which will pick up customers going to the product page, does not show anyone going to the product that is in all 20 carts. All the same. All 2 products at a price that is not real.
Posted 05 June 2012 - 09:58 AM
Posted 05 June 2012 - 10:10 AM
Posted 05 June 2012 - 10:39 AM
See what your hosts say and if they can't do anything to help, I would advise opening a support ticket with CS-Cart as I haven't seen anything on this subject before nor have I experienced it.
Posted 05 June 2012 - 11:26 AM
order allow,deny #RIPE deny from 18.104.22.168/8 deny from 22.214.171.124/8 deny from 126.96.36.199/8 deny from 188.8.131.52/8 deny from 184.108.40.206/8 deny from 220.127.116.11/7 deny from 18.104.22.168/5 deny from 22.214.171.124/6 deny from 126.96.36.199/6 deny from 188.8.131.52/8 deny from 184.108.40.206/8 deny from 220.127.116.11/8 deny from 18.104.22.168/8 deny from 22.214.171.124/8 deny from 126.96.36.199/7 deny from 188.8.131.52/7 deny from 184.108.40.206/8 #lacnic deny from 220.127.116.11/8 deny from 18.104.22.168/8 deny from 22.214.171.124/8 deny from 126.96.36.199/8 deny from 188.8.131.52/8 deny from 184.108.40.206/8 deny from 220.127.116.11/8 allow from all
Posted 05 June 2012 - 05:47 PM
Does any one know if there is a way to modify the Abandon cart info to include Date/time and not just date. And, possibly, the product options and ip address of the abandon cart. Date/time would be very useful.
Posted 05 June 2012 - 10:34 PM
Posted 06 June 2012 - 01:59 AM
Posted 06 June 2012 - 02:07 AM
Posted 08 June 2012 - 10:00 AM
From the pattern I saw, the were using the "send to a friend" tab to initiate their process. I have always used Captcha for send to a friend and there are two required fields. Not sure how "they" get by this.
The IP addresss I blocked never showed up in statistics either as a robot or customer or in my chat program which logs users and paths.
Posted 08 June 2012 - 11:25 AM
"Give me a man that tries and fails
than a man that never tries at all"
Posted 08 June 2012 - 03:56 PM
Currently using 2.2.5 Pro, hosted at FutureHosting.com on a dedicated server. For the time being, we have a few micro sites left using the Community Version of CS 2.2.5 that are hosted at Site5.com on a shared package.
Posted 08 June 2012 - 05:19 PM
What is interesting is that something can use Send to a Friend and bypass simple captcha to infiltrate a site. If this happens, isn't this a bigger issue than just 20-40 abandon carts? I think that since others also reported the problem, I should report this to cs-cart as a security issue.
Any others experienced similar issues?
Posted 09 June 2012 - 01:53 PM
try changing the seo name for the product and see if it still happens.
Posted 09 June 2012 - 02:03 PM
Thank you for your suggestion. I am blocking a range of IP address associated with two consecutive IP address that I identified as the culprits. I have not had the abandon cart problem since I did this. I am monitoring closely to see if it happens again. I also changed the capcha for "send to a Friend"
I was thinking of changing the SEO name, but I think this product is indexed in may places and that changing this will affect Google and others, is this correct?