Constant Low Value Fake Orders From a Bot/Malware Script

  • Resolved jh

    (@jethrohazelhurst)


    5 years, 5 months ago

    As if Black Friday was not stressful enough. Since this morning there have been constant order attempts, some successful, for low value items (£4.95). They try over and over… and over again.

    This is what the orders look like:

    View post on imgur.com


    And this is the payment attempts on each order:

    View post on imgur.com

    I am manually adding their IPs to our .htaccess file however this bot changes IP as soon as they are blocked. I won’t be able to keep up. Some of the IPs I have blocked:

    deny from 13.68.180.220
    deny from 175.176.90.217
    deny from 152.32.112.5
    deny from 103.27.230.144
    deny from 128.90.79.184
    deny from 178.208.176.20

    If they keep updating their IP address, I suppose there is just no way to sort this out, they will always have a way around what ever guards I put up?

    Many thanks for any help or advice.

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Support Senff – a11n

    (@senff)

    5 years, 5 months ago

    Hey @jethrohazelhurst

    One way to avoid this, is to restrict customers from making an order if they don’t have an account created on your site (you can set this under WooCommerce → Settings → Accounts & Privacy).

    Although this might not stop them from creating an account of course, you can also us a recaptcha plugin to avoid bots creating accounts or placing orders, such as reCaptcha for WooCommerce.

    Missy a11n

    (@m155y5)

    Automattic Happiness Engineer

    5 years, 4 months ago

    We haven’t heard back from you in a while, so I’m going to go ahead and mark this thread as resolved. If you have any other questions please feel free to start a new thread.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Constant Low Value Fake Orders From a Bot/Malware Script’ is closed to new replies.