Customer paid only £1 instead of actual price.

  • Resolved h_rehman90

    (@h_rehman90)


    4 years, 4 months ago

    I don’t know how a customer paid only £1 instead of the actual price of product. The order is Cash on delivery so the issue is not in any payment gateway. Is it somebody hacked my website? Help your earliest.

    The page I need help with: [log in to see the link]

Viewing 6 replies - 1 through 6 (of 6 total)
  • Plugin Support Tseten a11n

    (@tibetanitech)

    Hi @h_rehman90,

    That definitely looks fishy. Could you please share a copy of your site’s System Status to understand how your site is currently configured? You can find it via WooCommerce > Status.
    Select “Get system report” and then “Copy for support”.? Once you’ve done that, paste it here in your response.

    Also, check if there is any information on the order details page of the order if they used any discount code or check the order notes if there is any more information about their order.

    Thread Starter h_rehman90

    (@h_rehman90)

    Hi @tibetanitech

    Thanks for your response. No coupon code or discount is used in the order. This is the status of WooCommerce

    
### WordPress Environment ###

WordPress address (URL): https://www.tendersleep.co.uk
Site address (URL): https://www.tendersleep.co.uk
WC Version: 4.2.2
REST API Version: ? 1.0.8
WC Blocks Version: ? 2.5.16
Action Scheduler Version: ? 3.1.6
WC Admin Version: ? 1.2.4
Log Directory Writable: ?
WP Version: 5.4.2
WP Multisite: –
WP Memory Limit: 256 MB
WP Debug Mode: –
WP Cron: ?
Language: en_GB
External object cache: –

### Server Environment ###

Server Info: Apache
PHP Version: 7.0.32 - We recommend using PHP version 7.2 or above for greater performance and security. How to update your PHP version
PHP Post Max Size: 260 MB
PHP Time Limit: 30
PHP Max Input Vars: 1000
cURL Version: 7.19.7
NSS/3.44

SUHOSIN Installed: –
MySQL Version: 5.6.41-84.1
Max Upload Size: 256 MB
Default Timezone is UTC: ?
fsockopen/cURL: ?
SoapClient: ?
DOMDocument: ?
GZip: ?
Multibyte String: ?
Remote Post: ?
Remote Get: ?

### Database ###

WC Database Version: 4.2.2
WC Database Prefix: 
Total Database Size: 189.57MB
Database Data Size: 171.25MB
Database Index Size: 18.32MB

### Post Type Counts ###

attachment: 513
custom_css: 1
customize_changeset: 1
et_pb_layout: 3
nav_menu_item: 21
page: 19
post: 17
product: 102
raccartlist: 3486
racemailtemplate: 1
racmaillog: 2402
racrecoveredorder: 4
revision: 92
shop_coupon: 116
shop_order: 1901
shop_order_refund: 1
wpcf7_contact_form: 1

### Security ###

Secure connection (HTTPS): ?
Hide errors from visitors: ?

### Active Plugins (20) ###

Contact Form 7: by Takayuki Miyoshi – 5.1.9
GDPR Cookie Consent: by WebToffee – 1.8.8
Divi Booster: by Dan Mossop – 3.1.7
Read More: by Edmon – 2.5.2
iThemes Security Pro: by iThemes – 5.1.4
Mailchimp for WooCommerce: by Mailchimp – 2.4.1 – Installed version not tested with active version of WooCommerce 4.2.2
Order Delivery Date for WooCommerce (Lite version): by Tyche Softwares – 3.10.2 – Installed version not tested with active version of WooCommerce 4.2.2
Recover Abandoned Cart: by Fantastic Plugins – 21.7 – Installed version not tested with active version of WooCommerce 4.2.2
Recent Posts Widget Extended: by Satrya – 0.9.9.7
Tawk.to Live Chat: by Tawkto – 0.4.2
Trustpilot-reviews: by Trustpilot – 2.5.808 – Installed version not tested with active version of WooCommerce 4.2.2
WC Product Builder For Divi: by AbdElfatah AboElgit – 1.4.0 – Installed version not tested with active version of WooCommerce 4.2.2
WooCommerce PDF Invoices & Packing Slips: by Ewout Fernhout – 2.5.2
WooCommerce TM Extra Product Options: by themeComplete – 4.9.6 – Installed version not tested with active version of WooCommerce 4.2.2
WooCommerce: by Automattic – 4.2.2
WooCommerce BarclaycardCw: by customweb GmbH – 4.0.173 – Installed version not tested with active version of WooCommerce 4.2.2
Yoast SEO: by Team Yoast – 14.4.1
Smush Pro: by WPMU DEV – 3.2.2
Redirection for Contact Form 7: by Query Solutions – 1.3.6
Custom Product Tabs for WooCommerce: by YIKES
Inc. – 1.7.1 – Installed version not tested with active version of WooCommerce 4.2.2

### Inactive Plugins (4) ###

All-in-One WP Migration: by ServMask – 7.24
All-in-One WP Migration Unlimited Extension: by ServMask – 2.34
WPNotif: WordPress SMS & WhatsApp Notifications: by UnitedOver – 1.7 – Installed version not tested with active version of WooCommerce 4.2.2
Yoast SEO Premium: by Team Yoast – 10.1.1

### Settings ###

API Enabled: –
Force SSL: –
Currency: GBP (£)
Currency Position: left
Thousand Separator: ,
Decimal Separator: .
Number of Decimals: 2
Taxonomies: Product Types: external (external)
grouped (grouped)
simple (simple)
variable (variable)

Taxonomies: Product Visibility: exclude-from-catalog (exclude-from-catalog)
exclude-from-search (exclude-from-search)
featured (featured)
outofstock (outofstock)
rated-1 (rated-1)
rated-2 (rated-2)
rated-3 (rated-3)
rated-4 (rated-4)
rated-5 (rated-5)

Connected to WooCommerce.com: –

### WC Pages ###

Shop base: #346 - /shop/
Basket: #307 - /cart/
Checkout: #309 - /checkout/
My account: #311 - /my-account/
Terms and conditions: ? Page not set

### Theme ###

Name: Divi
Version: 3.24
Author URL: https://www.elegantthemes.com
Child Theme: ? – If you are modifying WooCommerce on a parent theme that you did not build
personally we recommend using a child theme. See: How to create a child theme

WooCommerce Support: ?

### Templates ###

Overrides: /home2/woodlers1234/public_html/wp-content/plugins/woocommerce-tm-extra-product-options/templates/cart/cart-item-data.php

### Action Scheduler ###

Complete: 3,288
Oldest: 2020-05-30 07:54:07 +0000
Newest: 2020-06-30 06:49:08 +0000
    Plugin Support Tseten a11n

    (@tibetanitech)

    I’ve had a look at your system status and there’s nothing in there that stands out as problematic.

    I’m not sure how the customer was able to place an order for only £1 if they didn’t use a coupon. It is possible that they hacked into your site like you mentioned.

    I recommend hiring a developer or security expert to look into this. I recommend checking the post WooCommerce Security: The 7 Things You Should Do First.

    Thread Starter h_rehman90

    (@h_rehman90)

    I am a developer and I used iThemes Security Pro
    – two-factor authentication (2FA)
    – Reliable hosting of Hostgator
    – Site lockout is enabled on multiple login attempts.
    – Anti-malware is enabled

    I don’t know what else can I do to prevent such things in the future?

    Plugin Support Tseten a11n

    (@tibetanitech)

    I see. I’m not sure how that user was able to order the product with only £1 when you’ve taken care of all the security essentials needed for your website.

    I recommend keeping an eye for any similar actions. If you get similar behavior regularly, you will need to look further into this by hiring web security experts. This behavior is not reported to us by any users and therefore I don’t have a possible solution for that unless you find a way to replicate this behavior on your site.

    Thread Starter h_rehman90

    (@h_rehman90)

    Thanks for your response @tibetanitech

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Customer paid only £1 instead of actual price.’ is closed to new replies.

Tags