mesmer7

Hi @rakibuzzamansiam1

That helped. It wasn’t the config file, but a filter function that Kadence’s tech support gave me to patch a bug in the theme’s FAQ schema output.

Unfortunately, I can’t narrow it down any further. The code contains a regex expression and an escape function I don’t really understand.

I’m also suddenly having a problem with my sitemaps, and I have no idea why. When I tried to view my sitemaps today, it shows the following error:

This page contains the following errors:

error on line 2 at column 7: XML declaration allowed only at the start of the document Below is a rendering of the page up to the first error.

https://www.hypnoticdreams.com/sitemap_index.xml (NSFW)

1. I’m going to need third-party confirmation before I add this to my site. Last time I tried something like this it disabled all the add-to-cart buttons, and locked me out of the site for an hour.
2. WooCommerce’ Hand Picked products block doesn’t use AJAX. I had to add the following code to my site to compensate for this issue.
3. I hate nested IF statements. Doesn’t anyone know how to use PHP’s Switch/Case Statement?

add_action( 'wp_enqueue_scripts', 'hand_picked_block_ajax');

function hand_picked_block_ajax() {
// Only load this on the homepage to keep the site fast
if ( is_front_page() ) {
// Force the core WooCommerce AJAX scripts to load
    wp_enqueue_script( 'wc-add-to-cart' );
       wp_enqueue_script( 'wc-cart-fragments' ); // This fixes the "0 items" issue

    // The custom JS logic
    $custom_js = "
        jQuery(document).on('click', '.wc-block-handpicked-products .add_to_cart_button', function(e) {
            e.preventDefault();
            var \$button = jQuery(this);
            var product_id = \$button.data('product_id');

            if (!product_id) return;

            \$button.addClass('loading');

            jQuery.ajax({
                type: 'POST',
                url: wc_add_to_cart_params.ajax_url,
                data: {
                    action: 'woocommerce_ajax_add_to_cart',
                    product_id: product_id
                },
                success: function(response) {
                    if (response.error && response.product_url) {
                        window.location = response.product_url;
                        return;
                    }
                    // Trigger the fragment refresh so the mini-cart updates
                    jQuery(document.body).trigger('added_to_cart', [response.fragments, response.cart_hash, \$button]);
                    \$button.removeClass('loading').addClass('added');
                }
            });
        });
    ";

    // Attach this script to the 'wc-add-to-cart' handle
    wp_add_inline_script( 'wc-add-to-cart', $custom_js );
}}

I’ve been dealing with this attack for three months now. Every day a botnet (rotating IPs) crawls (or hits) 20-30 add-to-cart buttons across my site. Most of them never view a page, but go directly to the add-to-cart. In addition another bot triggers two to three remove_items from the cart. These bots create 20-30 shopping carts every day without ever completing a purchase.

I’ve tried a dozen different configurations for the htaccess file and finally settled on the code below. It reduces the server load, but the attack continues.

RewriteCond %{QUERY_STRING} (^|&)add-to-cart=[0-9]+ [NC]
RewriteCond %{HTTP_USER_AGENT} !googlebot [NC]
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} !^www.hypnoticdreams.com$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} (bot|crawl|spider) [NC,OR]
RewriteCond %{HTTP_REFERER} \?.(^|&)add-to-cart=[0-9]+(&|$) [NC,OR] RewriteCond %{HTTP_REFERER} ^$ [NC] RewriteRule . - [E=blockbot:1,F,L]

I finally signed up for quic.cloud’s CDN and enabled UNDER ATTACK mode. It seems to be blocking the attack for now, but it really, really slows down the add-to-cart function when I test it.