Post by jrunique » Sat Apr 04, 2020 3:48 pm

Version 3.0.3.2

Today I am seeing a message "DDoS protection by Cloudflare" in admin extensions, and the page is automatically refreshing every 5-10 seconds. This is happening on both of my websites that are hosted on the same account.
I'm not using cloudfare so I'm confused why I am seeing this message today. I'm concerned about hacking.

Attachments

Screenshot 2020-04-04 at 14.39.04.png

Screenshot 2020-04-04 at 14.39.04.png (118.72 KiB) Viewed 1579 times


New member

Posts

Joined
Mon Aug 15, 2016 1:47 pm

Post by letxobnav » Sat Apr 04, 2020 3:53 pm

I am assuming that is where normally the OC advertisement goes.

Crystal Light Centrum Taiwan
Extensions: MailQueue | SUKHR | VBoces

“Data security is paramount at [...], and we are committed to protecting the privacy of anyone who is associated with our [...]. We’ve made a lot of improvements and will continue to make them.”
When you know your life savings are gone.


User avatar
Expert Member

Posts

Joined
Fri Aug 18, 2017 4:35 pm
Location - Taiwan

Post by jrunique » Sat Apr 04, 2020 4:16 pm

Thanks for the fast reply. Yes, I remember the OC banner was in that location. I guess it's just a temporary glitch so I will ignore it for now. :)

New member

Posts

Joined
Mon Aug 15, 2016 1:47 pm

Post by jonathanbb » Sat Apr 04, 2020 7:45 pm

I am having the same issue. Bit of a pain as there isnt enough time to open the module I want to edit.

Newbie

Posts

Joined
Sat Apr 04, 2020 7:43 pm

Post by OSWorX » Sat Apr 04, 2020 8:10 pm

jonathanbb wrote:
Sat Apr 04, 2020 7:45 pm
I am having the same issue. Bit of a pain as there isnt enough time to open the module I want to edit.
Options you have:
1. tell that CloudFlare
2. tell that OpenCart Dev Team (to move away from them)
3. disable this check (do it by yourself)

Full Stack Web Developer :: Dedicated OpenCart Development & Support DACH Region
Contact for Custom Work / Fast Support.


User avatar
Guru Member

Posts

Joined
Mon Jan 11, 2010 10:52 pm
Location - Austria

Post by mr.who » Sat Apr 04, 2020 10:39 pm

i have same issue ! i never use cloudflare, or any module have a relation to it !! so how can we stop it !????

Newbie

Posts

Joined
Sat Apr 04, 2020 10:38 pm

Post by OSWorX » Sat Apr 04, 2020 11:07 pm

mr.who wrote:
Sat Apr 04, 2020 10:39 pm
i have same issue ! i never use cloudflare, or any module have a relation to it !! so how can we stop it !????
Everyone who is using OpenCart 3.x and opened the Extensions page in the backend exactly in that timeframe, had (and maybe will have) this problem.
So, this has nothing todo with you, me our my dog.
And the solution is already posted above.

Full Stack Web Developer :: Dedicated OpenCart Development & Support DACH Region
Contact for Custom Work / Fast Support.


User avatar
Guru Member

Posts

Joined
Mon Jan 11, 2010 10:52 pm
Location - Austria

Post by letxobnav » Sat Apr 04, 2020 11:20 pm

just add

Code: Select all

return;
after

Code: Select all

public function index() {
in admin/controller/extension/extension/promotion.php

Crystal Light Centrum Taiwan
Extensions: MailQueue | SUKHR | VBoces

“Data security is paramount at [...], and we are committed to protecting the privacy of anyone who is associated with our [...]. We’ve made a lot of improvements and will continue to make them.”
When you know your life savings are gone.


User avatar
Expert Member

Posts

Joined
Fri Aug 18, 2017 4:35 pm
Location - Taiwan

Post by mr.who » Sat Apr 04, 2020 11:34 pm

:-\ what a solution ....
simple permenant fix :
go to : public_html/admin/controller/extension/extension/promotion.php
replace line 18 with :

Code: Select all

return '';
that's it
Last edited by straightlight on Sat Apr 04, 2020 11:35 pm, edited 1 time in total.
Reason: Added code tags.

Newbie

Posts

Joined
Sat Apr 04, 2020 10:38 pm

Post by JNeuhoff » Sun Apr 05, 2020 5:27 pm

OSWorX wrote:
Sat Apr 04, 2020 8:10 pm
jonathanbb wrote:
Sat Apr 04, 2020 7:45 pm
I am having the same issue. Bit of a pain as there isnt enough time to open the module I want to edit.
Options you have:
1. tell that CloudFlare
2. tell that OpenCart Dev Team (to move away from them)
3. disable this check (do it by yourself)
4. Or don't use CloudFlare

In our experience CloudFlare tends to slow things down anyway, despite its claim of being a performance-boosting CDN.

Override Engine * Integrated VQMod * Unused Images Manager * Instant Option Price Calculator * Number Option * Google Rich Snippets * Google Tag Manager * Export/Import Tool * SpamBot Buster * Survey Plus


User avatar
Expert Member

Posts

Joined
Wed Dec 05, 2007 3:38 am


Post by OSWorX » Sun Apr 05, 2020 6:43 pm

JNeuhoff wrote:
Sun Apr 05, 2020 5:27 pm
4. Or don't use CloudFlare

In our experience CloudFlare tends to slow things down anyway, despite its claim of being a performance-boosting CDN.
True (forgot that ..) - thx Juergen.
But finally, we have to talk with Daniel - OpenCart use CF and make troubles sometimes in the backend!

Full Stack Web Developer :: Dedicated OpenCart Development & Support DACH Region
Contact for Custom Work / Fast Support.


User avatar
Guru Member

Posts

Joined
Mon Jan 11, 2010 10:52 pm
Location - Austria

Post by haxcop » Fri Apr 10, 2020 5:21 am

Simpler solution is:
go to /admin
config.php
comment the line

Code: Select all

// OpenCart API
define('OPENCART_SERVER', 'https://www.opencart.com/');
for

Code: Select all

// OpenCart API
//define('OPENCART_SERVER', 'https://www.opencart.com/');

New member

Posts

Joined
Tue Jan 14, 2014 9:38 pm
Location - Dublin

Post by letxobnav » Fri Apr 10, 2020 8:14 am

that is a bad idea.

Crystal Light Centrum Taiwan
Extensions: MailQueue | SUKHR | VBoces

“Data security is paramount at [...], and we are committed to protecting the privacy of anyone who is associated with our [...]. We’ve made a lot of improvements and will continue to make them.”
When you know your life savings are gone.


User avatar
Expert Member

Posts

Joined
Fri Aug 18, 2017 4:35 pm
Location - Taiwan

Post by jvandemerwe » Tue Oct 27, 2020 9:12 pm

mr.who wrote:
Sat Apr 04, 2020 11:34 pm
:-\ what a solution ....
simple permenant fix :
go to : public_html/admin/controller/extension/extension/promotion.php
replace line 18 with :

Code: Select all

return '';
that's it
I would put the return here:

Code: Select all

class ControllerExtensionExtensionPromotion extends Controller {
	public function index() {
	     return '';
This avoids the curl init and execution.

User avatar
Newbie

Posts

Joined
Tue Nov 06, 2018 5:57 pm


Post by devwerkslab » Thu Feb 04, 2021 11:41 am

Line 18 just worked great! thanks!

Newbie

Posts

Joined
Tue Jul 28, 2020 12:14 pm

Post by tingwing » Thu Feb 04, 2021 3:46 pm

the solution works perfectly

Active Member

Posts

Joined
Tue Aug 02, 2016 9:01 pm

Post by Ozfarmer » Tue Mar 16, 2021 4:44 am

Perefect :)

mr.who wrote: ↑
Sat Apr 04, 2020 11:34 pm
:-\ what a solution ....
simple permenant fix :
go to : public_html/admin/controller/extension/extension/promotion.php
replace line 18 with :
Code: Select all

return '';
that's it

Active Member

Posts

Joined
Wed Aug 17, 2011 7:08 pm
Location - Australia
Who is online

Users browsing this forum: No registered users and 28 guests