[pbannette]

I am assuming some type of automated process is creating many abandon carts.
Every day I get 20 (at least) abandoned carts. All contain two of the same product.

What's baffling is that these products are personalized products and three text fields must be completed to add to the cart. Not sure if its two separate additions to cart or one with a quantity of 2.
What also is puzzling is that the cost of the product is 8.95 each in the abandon cart. There is no product price combination that would give you 8.95. The prices range from 5.95 to 11.95, depending on the option. No way to get 8.95. There are no discounts or promotions.

I have never gone into the database (or know how), but is there a way to find out the IP addresses for the abandon carts and if the same, block them? It would be nice for the Abandon cart page to show the time and IP address of the entity creating the cart.

This has been going on for weeks and would like to stop it.

Thank you,
Bob

[StellarBytes]

Clips posted a great addon for order referral information - this will capture and display the Referring domain and search keywords if relevent. The cart should also be displaying the IP address as default in at least 2.2.2+ (perhaps before then too, but can't confirm).

[pbannette]

Thanks, I will look at the order referral addon. However, this is only useful, I believe, if an order is placed. I only have abandoned carts and not actual orders.
I deleted the abandon carts last night and now have 20 more this morning all from 6/5. My chat tracking program, which will pick up customers going to the product page, does not show anyone going to the product that is in all 20 carts. All the same. All 2 products at a price that is not real.
Bob

[StellarBytes]

I just noticed all links to my cart/checkout on 2 of my 2.2.4 sites have the "rel=nofollow" tag. Do yours? View the source code of the page and see if the links to your cart/checkout include this, ie. <a href="your-checkout-page-url" rel="nofollow">Checkout</a> - this prevents Googlebot (and many others, although not all) from crawling that particular URL. As for the 'wrong price'....I'm stumped.

[pbannette]

Hi, Not sure about no follow, but I would not want no follow on product pages especially for Google. I am checking statistics and see bots and people on line possibly during the time of all the abandon carts, but I don't see paths to the particular product that is being added to cart and don't actually see a path to the cart page, which I usually would see with a normal customer. I took screen captures and will send to my host to compare with server logs. Can't do until late this afternoon.
Bob

[StellarBytes]

Nofollow is applied to the links to check-out and cart, it does NOT have any detrimental effects on the product or any other page for that matter. It is simply a href tag on the checkout links to prevent search engines crawling into the checkout area.

See what your hosts say and if they can't do anything to help, I would advise opening a support ticket with CS-Cart as I haven't seen anything on this subject before nor have I experienced it.

[kogi]

I stop all that with a geoip ban on europe and south americas

order allow,deny
#RIPE
deny from 2.0.0.0/8
deny from 46.0.0.0/8
deny from 31.0.0.0/8
deny from 62.0.0.0/8
deny from 77.0.0.0/8
deny from 78.0.0.0/7
deny from 80.0.0.0/5
deny from 88.0.0.0/6
deny from 92.0.0.0/6
deny from 109.0.0.0/8
deny from 176.0.0.0/8
deny from 178.0.0.0/8
deny from 188.0.0.0/8
deny from 193.0.0.0/8
deny from 194.0.0.0/7
deny from 212.0.0.0/7
deny from 217.0.0.0/8
#lacnic
deny from 186.0.0.0/8
deny from 187.0.0.0/8
deny from 189.0.0.0/8
deny from 190.0.0.0/8
deny from 191.0.0.0/8
deny from 200.0.0.0/8
deny from 201.0.0.0/8
allow from all

[pbannette]

Thanks, I have my host looking at logs to pinpoint the culprit.

Does any one know if there is a way to modify the Abandon cart info to include Date/time and not just date. And, possibly, the product options and ip address of the abandon cart. Date/time would be very useful.
Thanks,
Bob

[pbannette]

How do I create a file to block IP address and where do I put it. I read I can use robot.txt, but that is only for "good" bots.
Thanks,
Bob

[The Tool]

Why not use the image verification?

[pbannette]

Hi, I do use image verification. I don't think they are going to the cart. Just add to cart. Can't track using statistics. I did look at the logs and find two iP addreses with the following pattern. Seems to coincide with the abandon carts. I disabled the product and they stopped. I turned back on the logs and see the below. What does this mean? Note: the product name starts with Anniversary.. Multiple Alternating Get and Post. 0700] "GET /anniversary 0700] "POST / HTTP/1.1" 302 0700] "GET /anniversary 0700] "GET /anniversary 0700] "POST / HTTP/1.1" 302 0700] "GET /anniversary 0700] "POST / HTTP/1.1" 302 0700] "GET /anniversary 0700] "GET /anniversary 0700] "POST / HTTP/1.1" 302 0700] "GET /anniversary 0700] "POST / HTTP/1.1" 302 0700] "GET /anniversary 0700] "GET /anniversary 0700] "POST / HTTP/1.1" 302 0700] "GET /anniversary 0700] "POST / HTTP/1.1" 302 0700] "GET /anniversary 0700] "GET /anniversary 0700] "POST / HTTP/1.1" 302 0700] "GET /anniversary 0700] "GET /anniversary 0700] "POST / HTTP/1.1" 302 0700] "GET /anniversary

[pbannette]

I analyzed the logs and determined that two IP address and possibly a third was causing the problem. I blocked them and the abandon carts stopped. Logs now show they attempt to go to the same product page about 20-40 times a day, but are now unsuccessful.
From the pattern I saw, the were using the "send to a friend" tab to initiate their process. I have always used Captcha for send to a friend and there are two required fields. Not sure how "they" get by this.
The IP addresss I blocked never showed up in statistics either as a robot or customer or in my chat program which logs users and paths.

Bob

[johnbol1]

I had a problem with similar a while back, I altered the captch box to be more difficult which stopped it. I did get afew calls from customers saying the captcha was too difficult and I changed it back. Not had any since then but low and behold had 1 yesterday.

[clips]

We were having a problem on one of our sites and we ended up making the captca harder and it deterred these bots. After a few days I made the captca easier and so far it has still been okay.

[pbannette]

I did change Captcha to add another letter and that did not work. Had to bock IP addresses. I don't want to make Captcha too hard. Many elderly customers have a hard time already.
What is interesting is that something can use Send to a Friend and bypass simple captcha to infiltrate a site. If this happens, isn't this a bigger issue than just 20-40 abandon carts? I think that since others also reported the problem, I should report this to cs-cart as a security issue.
Any others experienced similar issues?
Bob

[silverbestbuy]

you have definatelly a ghost or something like it on your server. (anniversary could be the clue?)

try changing the seo name for the product and see if it still happens.

[pbannette]

silverbestbuy,
Thank you for your suggestion. I am blocking a range of IP address associated with two consecutive IP address that I identified as the culprits. I have not had the abandon cart problem since I did this. I am monitoring closely to see if it happens again. I also changed the capcha for "send to a Friend"
I was thinking of changing the SEO name, but I think this product is indexed in may places and that changing this will affect Google and others, is this correct?
Thanks,
Bob