Description
Credit card testing is an enormous headache for any ecommerce store owner, especially one as popular as WooCommerce. It a pain to clean up the mess or orders, determine which orders are fake and which are real, and it’s costly to prevent. Over time, there is a complex scaffolding of overlapping services, plugins, and rules that are impossible to reason about, let alone maintain.
Attackers use rotating IP addresses and fake contact info to get around the usual blocking methods like IP Address blocks, Cloudflare firewall rules, and WooCommerce rate-limiting.
This little plugin is a powerhouse that blocks card testing at the local level, on your own store, with zero dependencies our third-party APIs. Card testing relies on large volumes of transactions attempts, so this plugin auto-detects when card testing is starting, blocks any future requests, and then self-heals to let “real” customers still use your store.
Many card-testing attackers hit your site when you’re sleeping in order to go undetected for longer. But this runs in the background at all hours, and self-heals when the card-testing is over.
