Hundreds of fake cart since last update

Confirming this.

Also adding “https://www.tychesoftwares.com/docs/docs/abandoned-cart-for-woocommerce-lite/track-only-genuine-visitor-carts/” the following to your robots.txt dose not block thease bots from your website.

I confirm also that I’ve added the code in robots.txt but it does not resolve the issue.

Can the support please respond to this issue asap? It’s an important issue
Thanks

I was able to avoid it by blocking the ASN for Huawei from which all these attacks seem to be coming. I also added all their IP ranges to my .htaccess and now no longer have the spam abandoned carts.

Basically, they’re trying to add (usually 2 of the same) items to your cart, preferably with special characters in the name, in the hope that they can exploit a bug from an older version of the abandoned cart plugin.

• This reply was modified 4 years, 9 months ago by stoelwinder.

Hi @stoelwinder
Would it be possible to provide more details info about how you’ve done it?

– how to block ASN
– what’s the code added into htaccess?
– what are those ip adresses?

Thanks a lot

You’d have to check whether the IP address that is submitting all these abandoned carts is the same as mine first, otherwise it really doesnt do much good. But I was able to find out by checking the IP address in the abandoned cart plugins overview page and hovering over the “From” flag. This gave me a couple of IP addresses and I noticed a similarity between them.

Next, I went to the following website:
https://www.ultratools.com/tools/asnInfoResult?domainName=

There you should see the ASN for the IP (its the 2 letters and 6 numbers combination at the top).

Next, I went to the following website to find all the IP addresses associated with that ASN:

https://www.enjen.net/asn-blocklist/

Make sure you select “HTAccess Blocklist” from the drop-down. This gave me the code to add to my .htaccess file.

At the same time, if you use a firewall on your host (or on Cloudflare for example), you can at times just add the ASN to the Firewall rules to block that entire range.

Hope this helps.

Hello @gevcen @emcthemes and @stoelwinder

Apologies for the delay but we were investigating the root cause of these abandoned carts.

The source of these carts is from Chinese scrapers with user agents such that they are getting bypassed by robots.txt

Moreover, WooCommerce creates a session and cart when a bot crawls through the add to cart link on the site.

We have identified some user agents which will be bots and can be stopped from creating carts. We are currently monitoring one site and the bots have stopped as of now. If everything goes well we might release an update tomorrow.

The solution provided by @stoelwinder is an ideal one by blocking via htaccess file itself but our plugin does not intend to modify that in any way and would try to block such bots from creating abandoned carts.

Dear,

Ok but I think it would be good to have a built-in extended list of blacklisted IP adresses into the plugin.

What do you think?
Thanks

@stoelwinder Are you using the lite version of the plugin? If yes, could you share the version?

I am not able to see any “From” or overviews page to check the IP address

I use the Light one, latest version from wordpress repository.