Order Received page being exploited

  • Resolved sonalsinha21

    (@sonalsinha21)


    3 years, 6 months ago

    I have pasted the partial link.

    I even tried and switch to storefront theme but that does not resolve this issue.

    Someone is exploiting the the order received page and hitting it continuously.

    When we close the order received page via htaccess the site functions normally.

    When checked in AWStats 17000+ hits were found on the order received page.

    How can we solve this problem?

    My site WooCommerce status:

    
### WordPress Environment ###

WordPress address (URL): https://www.sktthemes.org
Site address (URL): https://www.sktthemes.org
WC Version: 5.6.0
REST API Version: ? 5.6.0
WC Blocks Version: ? 5.5.1
Action Scheduler Version: ? 3.2.1
WC Admin Version: ? 2.5.1
Log Directory Writable: ?
WP Version: 5.8
WP Multisite: –
WP Memory Limit: 512 MB
WP Debug Mode: –
WP Cron: –
Language: en_US
External object cache: –

### Server Environment ###

Server Info: LiteSpeed
PHP Version: 7.4.23
PHP Post Max Size: 64 MB
PHP Time Limit: 300
PHP Max Input Vars: 1000
cURL Version: 7.78.0
OpenSSL/1.1.1l

SUHOSIN Installed: –
MySQL Version: 5.5.5-10.3.31-MariaDB-log
Max Upload Size: 8 MB
Default Timezone is UTC: ?
fsockopen/cURL: ?
SoapClient: ?
DOMDocument: ?
GZip: ?
Multibyte String: ?
Remote Post: ?
Remote Get: ?

### Database ###

WC Database Version: 5.6.0
WC Database Prefix: zglajbaka_
Total Database Size: 1100.74MB
Database Data Size: 821.19MB
Database Index Size: 279.55MB
zglajbaka_woocommerce_sessions: Data: 4.59MB + Index: 0.23MB + Engine MyISAM
zglajbaka_woocommerce_api_keys: Data: 0.00MB + Index: 0.00MB + Engine MyISAM
zglajbaka_woocommerce_attribute_taxonomies: Data: 0.00MB + Index: 0.00MB + Engine MyISAM
zglajbaka_woocommerce_downloadable_product_permissions: Data: 78.57MB + Index: 53.95MB + Engine MyISAM
zglajbaka_woocommerce_order_items: Data: 1.89MB + Index: 1.16MB + Engine MyISAM
zglajbaka_woocommerce_order_itemmeta: Data: 15.98MB + Index: 11.39MB + Engine MyISAM
zglajbaka_woocommerce_tax_rates: Data: 0.00MB + Index: 0.00MB + Engine MyISAM
zglajbaka_woocommerce_tax_rate_locations: Data: 0.00MB + Index: 0.00MB + Engine MyISAM
zglajbaka_woocommerce_shipping_zones: Data: 0.00MB + Index: 0.00MB + Engine MyISAM
zglajbaka_woocommerce_shipping_zone_locations: Data: 0.00MB + Index: 0.00MB + Engine MyISAM
zglajbaka_woocommerce_shipping_zone_methods: Data: 0.00MB + Index: 0.00MB + Engine MyISAM
zglajbaka_woocommerce_payment_tokens: Data: 0.02MB + Index: 0.01MB + Engine MyISAM
zglajbaka_woocommerce_payment_tokenmeta: Data: 0.06MB + Index: 0.06MB + Engine MyISAM
zglajbaka_woocommerce_log: Data: 0.00MB + Index: 0.00MB + Engine MyISAM
zglajbaka_actionscheduler_actions: Data: 0.43MB + Index: 0.19MB + Engine MyISAM
zglajbaka_actionscheduler_claims: Data: 0.00MB + Index: 0.00MB + Engine MyISAM
zglajbaka_actionscheduler_groups: Data: 0.00MB + Index: 0.01MB + Engine MyISAM
zglajbaka_actionscheduler_logs: Data: 0.32MB + Index: 0.23MB + Engine MyISAM
zglajbaka_aepc_custom_audiences: Data: 0.00MB + Index: 0.00MB + Engine MyISAM
zglajbaka_commentmeta: Data: 0.57MB + Index: 0.42MB + Engine MyISAM
zglajbaka_comments: Data: 10.75MB + Index: 4.94MB + Engine MyISAM
zglajbaka_itsec_bans: Data: 0.07MB + Index: 0.08MB + Engine MyISAM
zglajbaka_itsec_dashboard_events: Data: 0.00MB + Index: 0.01MB + Engine MyISAM
zglajbaka_itsec_distributed_storage: Data: 8.98MB + Index: 0.00MB + Engine MyISAM
zglajbaka_itsec_fingerprints: Data: 0.00MB + Index: 0.00MB + Engine MyISAM
zglajbaka_itsec_geolocation_cache: Data: 0.00MB + Index: 0.00MB + Engine MyISAM
zglajbaka_itsec_lockouts: Data: 0.00MB + Index: 0.01MB + Engine MyISAM
zglajbaka_itsec_logs: Data: 0.00MB + Index: 0.00MB + Engine MyISAM
zglajbaka_itsec_mutexes: Data: 0.00MB + Index: 0.00MB + Engine MyISAM
zglajbaka_itsec_opaque_tokens: Data: 0.00MB + Index: 0.00MB + Engine MyISAM
zglajbaka_itsec_temp: Data: 0.00MB + Index: 0.01MB + Engine MyISAM
zglajbaka_itsec_user_groups: Data: 0.00MB + Index: 0.00MB + Engine MyISAM
zglajbaka_links: Data: 0.00MB + Index: 0.00MB + Engine MyISAM
zglajbaka_litespeed_img_optm: Data: 0.00MB + Index: 0.00MB + Engine MyISAM
zglajbaka_nxs_log: Data: 0.00MB + Index: 0.00MB + Engine MyISAM
zglajbaka_options: Data: 108.69MB + Index: 25.12MB + Engine MyISAM
zglajbaka_pmxe_exports: Data: 0.00MB + Index: 0.00MB + Engine MyISAM
zglajbaka_pmxe_google_cats: Data: 0.26MB + Index: 0.05MB + Engine MyISAM
zglajbaka_pmxe_posts: Data: 0.00MB + Index: 0.00MB + Engine MyISAM
zglajbaka_pmxe_templates: Data: 0.00MB + Index: 0.00MB + Engine MyISAM
zglajbaka_postmeta: Data: 138.72MB + Index: 72.95MB + Engine MyISAM
zglajbaka_posts: Data: 173.09MB + Index: 10.76MB + Engine MyISAM
zglajbaka_racart_cartemail: Data: 141.03MB + Index: 22.92MB + Engine MyISAM
zglajbaka_redirection_404: Data: 0.00MB + Index: 0.00MB + Engine MyISAM
zglajbaka_redirection_groups: Data: 0.00MB + Index: 0.00MB + Engine MyISAM
zglajbaka_redirection_items: Data: 0.18MB + Index: 0.18MB + Engine MyISAM
zglajbaka_redirection_logs: Data: 0.00MB + Index: 0.00MB + Engine MyISAM
zglajbaka_redirection_modules: Data: 0.00MB + Index: 0.00MB + Engine MyISAM
zglajbaka_sktsub_subscription: Data: 0.02MB + Index: 0.00MB + Engine MyISAM
zglajbaka_structuring_markup: Data: 0.00MB + Index: 0.00MB + Engine MyISAM
zglajbaka_termmeta: Data: 0.02MB + Index: 0.03MB + Engine MyISAM
zglajbaka_terms: Data: 0.32MB + Index: 0.45MB + Engine MyISAM
zglajbaka_term_relationships: Data: 0.48MB + Index: 0.85MB + Engine MyISAM
zglajbaka_term_taxonomy: Data: 0.53MB + Index: 0.23MB + Engine MyISAM
zglajbaka_tm_taskmeta: Data: 0.00MB + Index: 0.00MB + Engine MyISAM
zglajbaka_tm_tasks: Data: 0.00MB + Index: 0.00MB + Engine MyISAM
zglajbaka_usermeta: Data: 68.13MB + Index: 38.32MB + Engine MyISAM
zglajbaka_users: Data: 4.57MB + Index: 3.36MB + Engine MyISAM
zglajbaka_wcs_payment_retries: Data: 0.00MB + Index: 0.00MB + Engine MyISAM
zglajbaka_wc_admin_notes: Data: 0.01MB + Index: 0.00MB + Engine MyISAM
zglajbaka_wc_admin_note_actions: Data: 0.00MB + Index: 0.00MB + Engine MyISAM
zglajbaka_wc_category_lookup: Data: 0.00MB + Index: 0.00MB + Engine MyISAM
zglajbaka_wc_customer_lookup: Data: 3.50MB + Index: 2.20MB + Engine MyISAM
zglajbaka_wc_download_log: Data: 11.83MB + Index: 9.56MB + Engine MyISAM
zglajbaka_wc_order_coupon_lookup: Data: 0.00MB + Index: 0.00MB + Engine MyISAM
zglajbaka_wc_order_product_lookup: Data: 3.86MB + Index: 2.75MB + Engine MyISAM
zglajbaka_wc_order_stats: Data: 2.68MB + Index: 1.69MB + Engine MyISAM
zglajbaka_wc_order_tax_lookup: Data: 0.00MB + Index: 0.00MB + Engine MyISAM
zglajbaka_wc_product_meta_lookup: Data: 0.03MB + Index: 0.04MB + Engine MyISAM
zglajbaka_wc_reserved_stock: Data: 0.00MB + Index: 0.00MB + Engine MyISAM
zglajbaka_wc_tax_rate_classes: Data: 0.00MB + Index: 0.01MB + Engine MyISAM
zglajbaka_wc_webhooks: Data: 0.00MB + Index: 0.00MB + Engine MyISAM
zglajbaka_woo_sales_country_region: Data: 0.00MB + Index: 0.00MB + Engine MyISAM
zglajbaka_yith_ywsbs_activities_log: Data: 0.00MB + Index: 0.00MB + Engine MyISAM
zglajbaka_yoast_indexable: Data: 26.99MB + Index: 8.50MB + Engine MyISAM
zglajbaka_yoast_indexable_hierarchy: Data: 1.54MB + Index: 3.51MB + Engine MyISAM
zglajbaka_yoast_migrations: Data: 0.00MB + Index: 0.01MB + Engine MyISAM
zglajbaka_yoast_primary_term: Data: 0.11MB + Index: 0.12MB + Engine MyISAM
zglajbaka_yoast_seo_links: Data: 11.73MB + Index: 2.70MB + Engine MyISAM
zglajbaka_yoast_seo_meta: Data: 0.64MB + Index: 0.54MB + Engine MyISAM

### Post Type Counts ###

amp_validated_url: 1
attachment: 8857
faq: 38
forum: 33
job_listing: 62
nav_menu_item: 27
oembed_cache: 5131
page: 40
post: 2469
product: 473
reply: 59616
revision: 8572
shop_coupon: 1
shop_order: 41285
shop_order_refund: 62
shop_subscription: 89
testimonials-widget: 14
topic: 14830
wpcf7_contact_form: 3
ywsbs_subscription: 2315

### Security ###

Secure connection (HTTPS): ?
Hide errors from visitors: ?

### Active Plugins (30) ###

Antispam Bee: by pluginkollektiv – 2.10.0
bbP topic count: by Robin Wilson – 2.8
bbPress Stay Checked: by Ephrain Marchan – 1.0
bbPress: by The bbPress Contributors – 2.6.6
iThemes Security: by iThemes – 8.0.2
WordPress Backup & Security Plugin - BlogVault: by Backup by BlogVault – 4.64
Classic Editor: by WordPress Contributors – 1.6.2
Contact Form 7: by Takayuki Miyoshi – 5.4.2
Disable Feeds: by Samir Shah
BBpress support by Matthew Sigley – 1.4.4

FastSpring: by SKT Themes – 70.0
Force First and Last Name as Display Name: by Stranger Studios – 1.2
Header and Footer Scripts: by Digital Liberation – 2.2.1
Jetpack: by Automattic – 10.0
Meta Generator and Version Info Remover: by Pankaj Kumar Mondal – 13.0
Post Types Order: by Nsp Code – 1.9.5.6
Recover abandoned cart for WooCommerce: by SKT Themes – 200
Redirection: by John Godley – 5.1.3
Bitcoin Payment Gateway for WooCommerce: by TripleA – 1.6.3
User Switching: by John Blackbourn & contributors – 1.5.7
Checkout Field Editor for WooCommerce: by ThemeHigh – 1.4.9
Stripe For WooCommerce: by Payment Plugins
[email protected] – 3.3.9

WooCommerce Sequential Order Numbers: by SkyVerge – 1.9.5
WooCommerce: by Automattic – 5.6.0
Yoast SEO: by Team Yoast – 17.0
WP Force SSL: by WebFactory Ltd – 1.57
WP Job Manager: by Automattic – 1.35.2
WP-Paginate: by Max Foundry – 2.1.7
WP-ShowHide: by Lester 'GaMerZ' Chan – 1.04
Markup (JSON-LD) structured in schema.org: by Kazuya Takami – 4.8.1
YITH Infinite Scrolling: by YITH – 1.5.2

### Inactive Plugins (1) ###

SKT WooCommerce Subscription: by SKT Themes – 1.0

### Settings ###

API Enabled: ?
Force SSL: ?
Currency: USD ($)
Currency Position: left
Thousand Separator: ,
Decimal Separator: .
Number of Decimals: 2
Taxonomies: Product Types: external (external)
grouped (grouped)
simple (simple)
subscription (subscription)
variable (variable)
variable subscription (variable-subscription)

Taxonomies: Product Visibility: exclude-from-catalog (exclude-from-catalog-2)
exclude-from-catalog (exclude-from-catalog)
exclude-from-search (exclude-from-search)
featured (featured)
featured (featured-2)
outofstock (outofstock-2)
outofstock (outofstock)
rated-1 (rated-1)
rated-2 (rated-2-3)
rated-2 (rated-2)
rated-2 (rated-2-2)
rated-3 (rated-3)
rated-4 (rated-4-2)
rated-4 (rated-4)
rated-5 (rated-5)
rated-5 (rated-5-2)
rated-5 (rated-5-3)

Connected to WooCommerce.com: ?

### WC Pages ###

Shop base: #182943 - /shop/
Cart: #39 - /cart/
Checkout: #40 - /checkout/
My account: #41 - /my-account/
Terms and conditions: #5009 - /terms-conditions/

### Theme ###

Name: New SKT Theme
Version: (update to version 0 is available)
Author URL: https://www.shrikrishnatechnologies.com
Child Theme: ? – If you are modifying WooCommerce on a parent theme that you did not build personally we recommend using a child theme. See: How to create a child theme
WooCommerce Support: ?

### Templates ###

Overrides: new-skt-themes/archive-product.php version - is out of date. The core version is 3.4.0
new-skt-themes/woocommerce/myaccount/form-login.php
new-skt-themes/woocommerce/myaccount/my-account.php
new-skt-themes/single-product.php version - is out of date. The core version is 1.6.4
new-skt-themes/woocommerce/taxonomy-product_cat.php version - is out of date. The core version is 4.7.0

Outdated Templates: ?
					
					
						Learn how to update

### Action Scheduler ###

Complete: 1,639
Oldest: 2021-08-24 11:20:40 +0530
Newest: 2021-09-03 06:54:57 +0530

Pending: 53
Oldest: 2021-09-03 07:59:33 +0530
Newest: 2022-08-28 00:41:36 +0530

Canceled: 1
Oldest: -0001-11-30 05:53:28 +0553
Newest: -0001-11-30 05:53:28 +0553

### Status report information ###

Generated at: 2021-09-03 07:58:53 +05:30
  • The topic ‘Order Received page being exploited’ is closed to new replies.