Announcement

Collapse
No announcement yet.

Non-completed Orders question

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Non-completed Orders question

    My store just went live 10 days ago, and I'm seeing something that looks a little odd in my Non-Completed Orders.

    My previous shopping cart did not show me non-completed orders, so I don't know if this was happening before or not, but I am seeing a large number of non-completed orders from two specific IP addresses.

    One is in the US and appears to be a risk management/PCI compliance company. The other is in Russia, and I can't determine what it is.

    The orders are mostly just a single product, and they occur within minutes or even seconds of each other, several orders in a row, then the next day, same thing again.

    Someone else posted in the forum about getting a lot of peculiar text messages right after their store went live (I think it was via their comment box), and that turned out to be testing for SSL compliance.

    My SSL certificate was issued just a day or so before I went live, so perhaps that's what I'm seeing here.

    Has anyone else seen anything like this, or could someone explain what might cause all these non-completes? It doesn't look like normal customer shopping behavior, and I'd really like to know what they are.

    Thanks!
    Last edited by spardue; 07-31-2013, 03:23 PM.

  • #2
    It's good you're catching this now. I typically don't notice until I see my bandwidth use goes thru the roof and I'm billed for it.

    There are a lot of hackers out there, and [in my experience] repeated connections from Europe and the Middle East with one item in the cart and each cart coming seconds or minutes after the other are those bastards looking for holes. Block em in Settings > General > IP Security.
    Chris
    TC Life Safety
    TC Wireless

    Comment


    • #3
      Good suggestion. I will block both IPs and see what happens next.

      Maybe I'm just totally naïve, but why would someone do that? Are they looking for a vulnerability in my site? What's the benefit to them of running up MY bandwidth?

      Comment


      • #4
        Originally posted by spardue View Post
        Maybe I'm just totally naïve, but why would someone do that? Are they looking for a vulnerability in my site? What's the benefit to them of running up MY bandwidth?
        Stealing credit card data is pretty high on the list.

        You might not want to block the PCI company. I don't know who you use as a processor, but mine requires PCI scans quarterly. They will also run up your bandwidth, but that's the cost of doing [e]business.
        Chris
        TC Life Safety
        TC Wireless

        Comment


        • #5
          I decided to block both, as searches on the PCI company's IP address showed that this address is linked to blacklist activities. Yuck!

          Thanks for the tip-off - yes, credit card data would be a nice thing for them to get their hands on.

          I'm going to assume that if this was legitimate testing by my SSL issuer, I'll hear from them about not being able to complete their testing.
          Last edited by spardue; 07-31-2013, 03:46 PM.

          Comment

          Working...
          X