- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-12-2019
09:46 PM
04-12-2019
09:46 PM
Re: PayPal Payflow extension exploited for fraudulent transactions
I also faced the same issue. So I installed fail2ban [ https://www.fail2ban.org/wiki/index.php/Main_Page ] on the server to ban repeated activity for 24 hours and also installed Google reCAPTCHA for Payflow Pro payment.
Magento provided a solution to add reCAPTCHA for specific Paypal Methods. Please see here for more information:
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-05-2019
09:13 AM
05-05-2019
09:13 AM
Re: PayPal Payflow extension exploited for fraudulent transactions
I wrote this, to quickly stop the issue. Fail2ban would work also.
<?php $limit = 10; exec('grep requestSecureToken /var/log/apache2/access.log | sed -e \'s/\([0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+\).*$/\1/\' | sort | uniq -c',$output); foreach($output as $line) { echo $line . "\n"; $parts = preg_split("/[\s]+/", $line); $count = $parts[1]; $ip = $parts[2]; if($count >= $limit) { $msg = gethostname() . " has a high count of paypal hits: " . $count . "\n"; $msg .= "IP: " . $ip . " Hits: " . $count . "\n"; $msg = wordwrap($msg,70); echo $msg; $cmd = "ufw insert 1 deny from " . $ip; exec($cmd); mail("address@test", "CRITICAL Paypal Issue", $msg); } else { # $msg = "All Good"; # mail("address@test", "CRITICAL Paypal Issue", $msg); } } ?>
- « Previous
- Next »