Thanks, I was all ready to install it and you saved me a potentially big headache.
Yes, I had already read the FAQ and was aware of the checkbox. If a user has already been marked as a spammer, then enabling the checkbox will not cause the user to suddenly get their WooCommerce downloads working again. The information above should permit you to replicate the issue. If you wish to replicate the issue, install the plugin on a WooCommerce site, enter customer information into the Checkout page, wait for checkout/?wc-ajax=update_order_review to be accessed by the javascript, and you will see the “we think you are a spammer” page generated by this plugin as an XHR response to the javascript query. I am not sure how to detect AJAX responses in the generic case, so I can’t recommend a specific workaround, but you may wish to take a look at the is_checkout() and is_cart() and is_woocommerce() functions from within WooCommerce.
That’s correct. Checking that box won’t retroactively unblock previous users that got trapped in the spam filter. It will only make sure that it doesn’t happen again in the future.
But, with any spam control solution that involves whitelists and blacklists, sometimes you’ll need to manually allow people as well as manually block them.
Stop Spammers is pretty good in most situations, but is indeed more of a generic or general protection for WordPress sites as a whole.
While Stop Spammers is powerful (despite being so lightweight), it definitely can’t claim to offer specific protection for third-party plugins. Wordfence is probably overkill for the average website, but this plugin looks like a pretty happy medium for what you need:
https://wordpress.org/plugins/cleantalk-spam-protect/
Thanks for the recommendation. I went with WP-SpamShield for the time being.
You should consider stopping your plugin from interfering with any AJAX request, which would have fixed this problem. See this StackOverflow article for information on how to detect whether the current query is AJAX.
