Hundreds of spam orders

  • Resolved janetaylor22

    (@janetaylor22)


    1 year, 3 months ago

    Our website is getting hundreds of spam WooCommerce orders from one spam user – he continues to change his IP address and email domain so blocking those does not help. How can we block this user? We are one the Lite version of Wordfence.

    The page I need help with: [log in to see the link]

Viewing 1 replies (of 1 total)
  • Plugin Support wfphil

    (@wfphil)

    Hi @janetaylor22

    With regards to spam plus fraud and carding attacks to test stolen credit cards, when a human or a bot places a fake or fraudulent order then there isn’t anything for Wordfence to automatically block as no malicious requests are being sent to your website in an attempt to compromise your WordPress file system or database.

    About a half of all internet traffic is bot traffic. A percentage of it is friendly and the rest is either a nuisance or unfriendly. Unfriendly bots that send malicious requests to your website in an attempt to compromise the WordPress file system or database are automatically blocked by Wordfence as that is what Wordfence was designed to do. Other bot traffic that is unfriendly, but doesn’t send malicious requests to your website, can come from an enormous amount of IP addresses, hostnames, user agents and spoofed user agents. ?In many cases it can be impractical to block them in Wordfence via IP address, IP address range, user agent or hostname as this can be very time consuming and you may not be able to keep up with the enormous amount of bots. Our Rate Limiting rules might help to an extent in some cases but we recommend that you use our recommended settings:

    https://www.wordfence.com/help/firewall/rate-limiting/

    If all of the fraud attempts are coming from a specific IP address, IP address range, hostname or user agent then you can try using the various blocking options outlined here:

    https://www.wordfence.com/help/blocking/

    However, the fraudster may have access to a large pool of IP addresses and hostnames if you block them and change their tactics so their bot or bots can easily circumvent your blocking rules. ?They can also easily spoof the user agent too if you block them via a user agent blocking rule.

    This is something that you can ask WooCommerce about as they have two plugins to help with preventing bots from placing fake or fraudulent orders:

    https://woocommerce.com/products/woocommerce-anti-fraud/

    https://woocommerce.com/products/recaptcha-for-woocommerce/

    You can also ask WooCommerce and any payment gateways that you use about implementing AVS and CVV matching. The Address Verification System (AVS) checks the billing address that buyers provide at checkout against the address that the credit card company has on file for them. The credit card company sends a response immediately to let you know if the billing address matches.

Viewing 1 replies (of 1 total)
  • The topic ‘Hundreds of spam orders’ is closed to new replies.