Posting in the Magento forums has been disabled pending the implementation of a new and improved forum solution which should better serve the community.

For new questions please post at magento.stackexchange.com, the community-run support site for the Magento community. We will be providing updates on the new forum solution soon. For questions or concerns please email community@magento.com.

Magento Forum

Page 2 of 3
magento/apache try to connect to 208.69.122.7 in *every page*
 
miribota
Jr. Member
 
Total Posts:  23
Joined:  2008-10-13
 

As far as I can tell all this is harmless. Isn’t it obvious that some of the http requests to the magentocommerce.com domain are for notices and updates.  There is a built in system for updates and notices that pull from feeds like
http://www.magentocommerce.com/notifications_feed.  These notifications are displayed under System->Notifications.  Notices are checked and updated throughout the system so you can be notified on any admin page without having to check the notifications page for updates.  I’m running 1.1.6 and it only makes a request occasionally and only in the admin. The app checks the last time it made a request and only checks again based on a set frequency.  Check out the AdminNotification module, it’s all in there.

I have yet to come across any page on the frontend that makes any requests or posts to any external domain. Also, to-date I haven’t found any evidence of this causing performance issues.

 
Magento Community Magento Community
Magento Community
Magento Community
 
SimpleHelixcom
Enthusiast
 
Avatar
Total Posts:  906
Joined:  2007-08-31
Huntsville, AL
 

actually, i can confirm that in the old previous versions of magento, the default template had an image in the left callout with a full url to varien’s backend port of 8010 at dev.varien.com/.......which was incredibly slow to load.

this have been addressed ever since 1.1.x releases i believe.

i think this is what they might be referring to (?)

 
Magento Community Magento Community
Magento Community
Magento Community
 
turbo1
Sr. Member
 
Avatar
Total Posts:  296
Joined:  2008-08-19
Los Angeles, CA
 

I can’t comment on past versions (I’ve only run 1.1.5 and 1.1.6), but I can say that the frontend is faster after the IPs were blocked. I don’t know why. The Admin login page takes MUCH longer to load - to me that is proof that it’s trying to get/send data.  There’s no reason why the initial page to load the login should be sending anything.  once the dashboard loads, I can understand version checking.. but IMHO I like my privacy.

 
Magento Community Magento Community
Magento Community
Magento Community
 
ShopGuy
Guru
 
Total Posts:  462
Joined:  2008-09-07
 

To stop this from happening look into this file:

app/code/core/Mage/AdminNotification/Model/Feed.php

Look for the following function:

public function getFeedData()

Place return false at the beginning of the function.

To make it so the toolbar does not display in the backed go to

app/code/core/Mage/Adminhtml/Block/Notification/Toolbar.php

Find the function public function isShow()

Place return false at the very top

 
Magento Community Magento Community
Magento Community
Magento Community
 
joyously
Guru
 
Total Posts:  447
Joined:  2008-08-21
 

@ShopGuy: Your suggestion gets rid of the notifications, which default to check once per hour. As miribota said, it’s not that big a deal and it’s only in the backend.
If turbo1 sees a difference in the frontend after blocking the IPs, that seems to indicate it’s something else.
I don’t know how to block the IP, or I’d try some tests on my site.

 
Magento Community Magento Community
Magento Community
Magento Community
 
ShopGuy
Guru
 
Total Posts:  462
Joined:  2008-09-07
 

Yeah, I know. I wanted to get rid of the notifications on my install. Nothing is more annoying than a nag screen every time I login, especially since I don’t update via magento connect or after every version.

 
Magento Community Magento Community
Magento Community
Magento Community
 
turbo1
Sr. Member
 
Avatar
Total Posts:  296
Joined:  2008-08-19
Los Angeles, CA
 

I get a lot of questions regarding this, so I’ll post a bit of info here without going into specifics.

Known Varien IPs:

208.69.123.125/32, 208.69.123.126/31, 208.69.123.128/30, 208.69.123.132/31

Known Irubin IPs:

71.137.175.152/29

They also have a block in this range - 208.69.120.0/21
however because the block is so large, you may just want to deny certain IPs. 208.69.122.7 is a confirmed Varien IP.

If you have a dedicated server, look into IPTABLES and APF, or just PM me wink

 
Magento Community Magento Community
Magento Community
Magento Community
 
Frederik Krautwald
Member
 
Avatar
Total Posts:  58
Joined:  2007-09-25
Reykjavík, Iceland
 

When connecting to a magento store, the following HTTPs are being connected to:

http://www.prototypejs.org
http://www.yui-ext.com/ for more information. *
http://tetlaw.id.au/view/javascript/really-easy-field-validation
http:// is required
http://script.aculo.us, http://mir.aculo.us
http://script.acul
http://dev.rubyonrails.org/ticket/2707
http://dev.rubyonrails.org/ticke
http://encytemedia.com
http://diveintomark.org
http://script.aculo.us
http://www.oriontransfer.co.nz, sammi@oriontransfer.co.nz
http://blogs.law.harvard.edu/ivan
http://www.tirsen.com
http://scrip
http://wiki.script.aculo.us/scriptaculous/show/Ajax.InPlaceEditor
http://opensource.or
http://www.magentocommerce.com
http://www.varien.com
http://opensource.org/licenses/osl-3.0.php
http://open

This is really unpleasant as this could be 3rd party harvesting marketing information from magento shops without the knowledge of the owner nor the visitor. Obviously, some of the addresses are connected to due to 3rd-party scripts used by magento, and these might want to track how much the usage of their scripts is.

 
Magento Community Magento Community
Magento Community
Magento Community
 
joyously
Guru
 
Total Posts:  447
Joined:  2008-08-21
 

Wow, that’s a lot! Getting rid of those would certainly speed things up.
I read a thread here about using Google’s server for scriptaculous, since most people have Google in their cache already. They encourage it too.
Are these connections hidden in various places of the code or what?

 
Magento Community Magento Community
Magento Community
Magento Community
 
Frederik Krautwald
Member
 
Avatar
Total Posts:  58
Joined:  2007-09-25
Reykjavík, Iceland
 

@joyously:

I believe most of them are hidden in the javascript libraries and files, but it puzzles me why it would call this link http://blogs.law.harvard.edu/ivan, and the link to http://www.tirsen.com has only one link to a blog, namely http://jutopia.tirsen.com/, which states:

My name is Jon Tirsén (pronounced “yoon” for you english people). I work as a software engineer at Google in Sydney. Here I write on things I find interesting. I’m Swedish but I currently live on Manly beach outside Sydney in Australia.

http://encytemedia.com redirects to http://alternateidea.com, which is copyrighted by Justin Palmer. It looks like he works with the prototype library.

If you want to track who your Magento installation connects to, you can download a free sniffing software called URL Snooper, here is the link to the web site.

 
Magento Community Magento Community
Magento Community
Magento Community
 
turbo1
Sr. Member
 
Avatar
Total Posts:  296
Joined:  2008-08-19
Los Angeles, CA
 
Frikki - 22 January 2009 11:44 AM

When connecting to a magento store, the following HTTPs are being connected to:

http://www.prototypejs.org
http://www.yui-ext.com/ for more information. *
http://tetlaw.id.au/view/javascript/really-easy-field-validation
http:// is required
http://script.aculo.us, http://mir.aculo.us
http://script.acul
http://dev.rubyonrails.org/ticket/2707
http://dev.rubyonrails.org/ticke
http://encytemedia.com
http://diveintomark.org
http://script.aculo.us
http://www.oriontransfer.co.nz, sammi@oriontransfer.co.nz
http://blogs.law.harvard.edu/ivan
http://www.tirsen.com
http://scrip
http://wiki.script.aculo.us/scriptaculous/show/Ajax.InPlaceEditor
http://opensource.or
http://www.magentocommerce.com
http://www.varien.com
http://opensource.org/licenses/osl-3.0.php
http://open

This is really unpleasant as this could be 3rd party harvesting marketing information from magento shops without the knowledge of the owner nor the visitor. Obviously, some of the addresses are connected to due to 3rd-party scripts used by magento, and these might want to track how much the usage of their scripts is.

big surprise  I wasn’t even aware of all those, good God.  If it’s connecting to all those places, something is terribly amiss with magento.
I’m going to work on blocking those on my server, and will report the results.

 
Magento Community Magento Community
Magento Community
Magento Community
 
turbo1
Sr. Member
 
Avatar
Total Posts:  296
Joined:  2008-08-19
Los Angeles, CA
 

Alright, these are the IPs of those sites listed:

70.84.143.104
67.228.178.42
117.55.225.49
78.46.35.106
208.67.216.132
8.7.217.32
207.210.122.158
67.19.173.100
120.138.18.82
128.103.64.85
207.7.108.211
209.237.226.92

I’ve blocked them all inbound and outbound from my server. No ill effects. I take my privacy seriously.  red face

 
Magento Community Magento Community
Magento Community
Magento Community
 
Brady
Guru
 
Avatar
Total Posts:  330
Joined:  2007-09-10
Orange County, CA
 

I’ve blocked them all inbound and outbound from my server. No ill effects. I take my privacy seriously.  red face

Blocking these IPs is still slowing down the Admin, correct?

 
Magento Community Magento Community
Magento Community
Magento Community
 
Frederik Krautwald
Member
 
Avatar
Total Posts:  58
Joined:  2007-09-25
Reykjavík, Iceland
 
jshpro2 - 28 January 2009 04:24 AM

Well again, I was asking if anyone actually found in the code that this is happening? I highly doubt its hitting all those non -magento related domains, and speculatively blocking things doesnt help, neither does spreading speculation w/o concrete evidence, so again I’ll ask ( since I searched for those IPs and found nothing, where is this being called? Perhaps you guys just have viruses? )

I highly doubt this is due to viruses (vira), but please do me a favor and check for yourself. I used URL Snooper to check the traffic. I checked several sites, but only the Magento sites showed these posted HTTP calls.

 
Magento Community Magento Community
Magento Community
Magento Community
 
turbo1
Sr. Member
 
Avatar
Total Posts:  296
Joined:  2008-08-19
Los Angeles, CA
 

The admin side is only slowed down if you block Varien’s IPs.  As for viruses, not here - fresh Red Hat install, dedicated server, nothing else running. But it was a good suggestion smile

Here’s what I’ve found:

- Blocking Varien’s IPs causes the Admin login page to take up to 2 minutes to load. After that, everything is fast.
- Blocking Varien’s IPs makes the front end faster (IMHO).
- Blocking those other 3rd party sites has no effect on the frontend or backend.
- Blocking Varien’s IPs prevents those annoying “new version available” messages.

Now, based on #1, why the heck should this be happening? Because it’s trying to contact Varien, and timing out. For the life of me, I can’t find the code that causes this.

 
Magento Community Magento Community
Magento Community
Magento Community
Magento Community
Magento Community
Back to top
Page 2 of 3