Hi,
I wondered if you guys have dealt with the cURL loopback requests that OC introduced in v2? There are large numbers of people on shared hosting which now cannot use OpenCart v2 because it utilises these loopback requests on checkout and manageing orders etc. These cURL http loopback requests are blocked on servers for security reasons and a lot of hosts do it.
Hopefully you guys can see the error in this and rectify the issue if you havent done so already. If you do I could see quite a lot of people moving to your software from OC. Not to mention gain the support of massive hosting companies like Heart Internet which may include you as a one click install script.
Thanks
Neil
I wondered if you guys have dealt with the cURL loopback requests that OC introduced in v2? There are large numbers of people on shared hosting which now cannot use OpenCart v2 because it utilises these loopback requests on checkout and manageing orders etc. These cURL http loopback requests are blocked on servers for security reasons and a lot of hosts do it.
Hopefully you guys can see the error in this and rectify the issue if you havent done so already. If you do I could see quite a lot of people moving to your software from OC. Not to mention gain the support of massive hosting companies like Heart Internet which may include you as a one click install script.
Thanks
Neil
In Development
Share this post:
Responses (12)
-
Accepted Answer
-
Accepted Answer
-
Accepted Answer
Hi Neil,
If you're talking about this issue, I've heard about but had no time to check in details.
Is there any solution available out there?
Regards -
Accepted Answer
Hi, yeh pretty much. But like Q says its not a cloudflare issue although it may be affected too.
Essentially a lot of hosts have dropped support for OC v2 because of this and OpenCart doesnt seem to care as all the issues raised are closed and posts on forums ignored.
I havent checked for a solution for a week or so as Ive been busy but I can only see this as a massive plus for you guys if you sort it. I resell hosting so I and many others would then be recommending Arastta and not OC when hosting with us.
Also it seems you guys want to be more community led and listen to the people that can make this software great and popular.
I will however have another quick search for a solution and report back here if I find one.
Ta
Neil -
Accepted Answer
Denis Dulici wrote:
Hi Neil,
If you're talking about this issue, I've heard about but had no time to check in details.
Is there any solution available out there?
Regards
Qphoria have an idea:
https://github.com/opencart/opencart/issues/3062 -
Accepted Answer
It seems JNeuhoff has plans too: http://forum.opencart.com/viewtopic.php?f=190&t=135248&start=80
He says in the post that the api should be called directly without having to use loopback requests. As you can see Q says 35% of his customers cant support v2! He also says he doesnt understand why the hosts dont allow them and I have been told it is a security issue because loopbacks can be either hijacked or misused it could put huge strain on servers and bring down all the websites running on that server. Thats why its only shared hosting thats affected. If you have a VPS or dedicated server it wont matter.
Perhaps you could link up with JNeuhoff and implement the direct access to the API? -
Accepted Answer
-
Accepted Answer
Guys, this issue has been resolved and will be available in Arastta 1.0.6
https://github.com/arastta/arastta/pull/82
Feel free to test and reply back -
Accepted Answer
-
Accepted Answer
Your Reply
Please login to post a reply
You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here.
Register Here »