Hi,
While doing my weekly read of the event viewers on our web servers, I see someone from the same I.P. address hitting several specific pages, for payment services that we do NOT use.
We only do Visa, MC, and Purchase Order. We do not use these services, and therefore not these pages:
alipay_notify.aspx
Worldpayreturn.aspx
paypalpdthandler.aspx
cybersourceipnhandler.aspx
amazonsimplepay.aspx
getlicense.ashx (we offer no downloadable products)
- all from the same IP address, over about 3 nopCommerce sites.
I wonder if there are any vulnerabilities in these that someone is trying to exploit?
- we blocked the IP address at our firewall, but it would be good to know if there are any issues with these pages, that anyone else has run into?
(p.s. we're on v 1.90)
thanks
David