AbanteCart Community

Shopping Cart Operations => Security => Topic started by: mgcby2001 on March 04, 2021, 05:49:29 PM

Title: Issue with credit card brute force
Post by: mgcby2001 on March 04, 2021, 05:49:29 PM
Someone just use my website to brute force cardconnect. Now, cardconnect requires me to have Captcha in the payment form.
Also, they require me to lock down the user if there are 3 failed payment or so on.

How to do that?
Title: Re: Issue with credit card brute force
Post by: abolabo on March 05, 2021, 03:18:04 AM
what version of abantecart do you use?
Title: Re: Issue with credit card brute force
Post by: Basara on March 05, 2021, 06:29:01 AM
Hello.
Disable Guest checkout in the AbanteCart settings. You can enable the reCaptcha for customer registration form
Title: Re: Issue with credit card brute force
Post by: maxter on March 05, 2021, 09:13:56 AM
The easiest solution is to block guest checkout. If you still want a guest checkout, you would need to program Captcha into the process. This requires some coding skills.

Also, you can change the payment provider to Stripe, for instance. I think they have better way of handling this.
Title: Re: Issue with credit card brute force
Post by: mgcby2001 on March 07, 2021, 10:15:11 AM
1.2.16
Title: Re: Issue with credit card brute force
Post by: mgcby2001 on March 07, 2021, 10:16:25 AM
I disabled the guest check out. However, the credit card processor requires Captcha in the check out as requirement for now.