Facebook-for-woocommerce: Security issue?

Created on 16 Jul 2019  路  14Comments  路  Source: facebookincubator/facebook-for-woocommerce

Every time I enter the facebook for woocommerce integration menu on Woocommerce on another browser, facebook blocks my access saying someone tried to access my account. then the token expires. the report happens immediately after loading the page, so there's got to be the plugin that's acting weird. it happens 7-8 times in a row, and I have to change my password all the time

to be more precise: my facebook has the "suspicious login alert" enabled, and when I visit my store, facebook gets blocked saying that someone tried to access my account, from IP xxx.xxx.xxx.xxx (which is my server IP range), and the datacenter location (Houston, in this case). while I can't say that I did the access, it's strange that this happens exactly at the time I load the page

Multiple Reports Need More Info

All 14 comments

My client has also experienced an issue very similar to this, which happened even ever they have to resync the plugin.
Would you be able to shed some light on this issue & how I can be resolved?

it didn't resolve, I just try to completely avoid entering the menu while there's no official explanation if this is the default behavior and I should allow it, say that I DID the login, even though I didn't

EDIT: looking at the code, it seems that it uses an access token https://github.com/facebookincubator/facebook-for-woocommerce/blob/master/includes/fbgraph.php that's effectively like being logged, so I guess that's ok to say that you login from that location, but I'll wait an official answer

This constantly happened to me. Had to give up on the plugin for a different bug but don't regret it. Good luck

I have been getting the same issue. Someone logged in from Utah, so I have had to change my password twice this week. I figured the only thing I changed was my plugin.

KaterynaQ, What did you change too?

Hope that there's not a vulnerability in the code of the plugin.

Most likely Facebook thinks there are bots coming (which there are) and for security reasons automated system has to ask if this was you or not. Usually when I had to update feeds I had to click "That was me" a few times because I know it's a plugin does it until feed updates. It makes it complected with clients because they freak out and start changing passwords. Also if you do anything else like log out of your Facebook or change pages in wordpress etc in the last 6 months it looses API so feed does not update until you fix everything a sit and wait again so nothing breaks (makes it harder with 15,000+ skus). This looses all the purpose of the plugin as it does not update inventory automatically.

Haven't found the free plugin for large numbers of skus yet (haven't looked much yet). The one I found for up to 200 skus is WooCommerce Product Feed by WebAppick
It definitely takes a few hours to figure out the correct file and mapping. Have a minor issue with Facebook variation load but it is probably solvable if I spent more time.

I kept facebook for woocommerce on the sites I had it working before but on the new sites after their updates I obviously can't get it to work and there is no support so had to find other options

This "plugin" is a total bullshit (can't be sorry for the expression!). This piece of shitty code blocked my account and I can't fix it for 2 days. It blocked client's account and when trying to identify the issue, it blocked another account too ... everyone is blocked, cannot recover the account, Facebook not even trying to fix the issue, there is no way to contact them ... "great" work!

just happened again, I can't use ad manager with my store opened, my account will be blocked in a matter of seconds. too bad that an official plugin have no support from the company itself

and again...

Automated Support Message

Hello,

Thanks for your interest in our plugin! Our developer team tries to provide personal support on GitHub whenever possible.

If you have a feature request or feedback for the developers, reply with Feature Request or Feedback.
If you are a developer or have a question for the developers related to code, reply with Developer Question.
If you are running ads with us, reply with Advertiser.

If you have encountered a bug or a problem with the plugin, keep reading for information that can help you resolve the issue yourself or provide us details we need to help you.

Search Existing Issues

First, please search our issues to see if your problem has been reported before.
There may already be a workaround or a solution to your problem. You can use the search bar near the top of our issues page. Be sure to search both _open_ and _closed_ issues.
If you do find a similar issue, leave a comment on that issue instead of creating a new one. Your comment helps us prioritize which existing issues are important and urgent.

Common Resolution Methods

If you are experiencing a problem or bug and have not found any similar issue, please try the following:

  • Upgrade to the latest version of the plugin
  • Try to Resync products using the button on the plugin config page
  • Reset the plugin by selecting Manage Settings > Advanced Options > Delete from the configuration page of the plugin and setting up again
  • Try deactivating other plugins that you think may be interfering, then reset and set up again

Necessary Information

If the above steps did not help, please provide the following information in your next comment in order for us to debug your problem:

  • WooCommerce version
  • WordPress version
  • Plugin version (please note: we only support up-to-date versions of the plugin)
  • A screenshot of where you see the problem (for example: if it is on Facebook, provide a screenshot of Facebook, if it is on WooCommerce, provide a screenshot of WooCommerce. You can provide multiple screenshots if the problem relates to different screens.)
  • The URL of your website
  • The URL of your Facebook Page
  • The URL(s) of where you took your screenshot(s)
  • If applicable, detailed steps you took in order to see the problem

Please include Debug Ready in your reply so our automated system can note your issue for manual review. Please be aware that due to a high volume of issues, we may not be able to respond immediately.

Response Time

We prioritize issues with the tags Advertiser or Multiple Reports.
For issues that have the tags Debug Ready, Feature Request or Developer Question, we aim to respond within 30 days.

If you have not responded to our automated message with one of the above phrases, such as Debug Ready, we may close your issue after 30 days. If a Feature Request is inactive (without new requests, messages or pull requests) for 6 months, we may close it.

Please note that we are not always able to provide support for issues related to interaction from other plugins with this plugin or related to the Facebook advertising interface. To get support related to Facebook ads, try visiting the Facebook Ads Help Center.

For more information on our response times, visit Facebook Support on GitHub.

Thank you,
The Facebook Dev Team

Developer Question Debug Ready Feedback

the problem is getting out of hand, the verification needed to unblock the account is worse every time it happens, can someone and not a bot give some feedback?

if you can live without item sync (you need only Pixel integration) then it's best to reset token and set the pixel ID in the database only. This way plugin thinks it's not configured but Pixel events are triggered..

Hey there! 馃憢

Lindsey here, from the SkyVerge product team! We recently took over development and support for the Facebook for WooCommerce extension.

In our recent 1.10 releases, we've fixed many issues impacting the store connection, pixel tracking, and product sync. Could you please update to the latest version of Facebook for WooCommerce and see if that resolves this issue?

If not, could you please contact our support team or open a new issue here? We'd be happy to help troubleshoot further with you.

Thank you!

Was this page helpful?
0 / 5 - 0 ratings