AbanteCart Community
Shopping Cart Operations => Security => Topic started by: mgcby2001 on March 04, 2021, 05:49:29 PM
-
Someone just use my website to brute force cardconnect. Now, cardconnect requires me to have Captcha in the payment form.
Also, they require me to lock down the user if there are 3 failed payment or so on.
How to do that?
-
what version of abantecart do you use?
-
Hello.
Disable Guest checkout in the AbanteCart settings. You can enable the reCaptcha for customer registration form
-
The easiest solution is to block guest checkout. If you still want a guest checkout, you would need to program Captcha into the process. This requires some coding skills.
Also, you can change the payment provider to Stripe, for instance. I think they have better way of handling this.
-
1.2.16
-
I disabled the guest check out. However, the credit card processor requires Captcha in the check out as requirement for now.
-
I also encountered this case. Someone enters more than 7,000 times in the credit card number input box.
Now Cardconnect has disabled my account, until I can add Captcha in this section.
Don't know if this issue has been updated in the latest versions. I am still using the old version 1.2.15.
I can pay someone who can help me to add the captcha to this section.
-
Hello.
Disable the Guest checkout, enable the captcha for account registration and you can enable the new accounts email verification to prevent fake emails to register.
https://abantecart.atlassian.net/wiki/spaces/AD/pages/6094921/Captcha+on+create+account
https://abantecart.atlassian.net/wiki/spaces/AD/pages/6258768/Google+reCAPTCHA
https://abantecart.atlassian.net/wiki/spaces/AD/pages/6815852/Email+Activation
-
I have done all your tips.
Thank you for your support.
BTW, Just signed up with Stripe instead of Cardconnect and I feel so much better.
-
Thanks for the tips.
-
what version you are using in current tyr to check it
-
Someone just use my website to brute force cardconnect. Now, cardconnect requires me to have Captcha in the payment form.
Also, they require me to lock down the user if there are 3 failed payment or so on.
How to do that?
Hello. You can add Recaptcha to the checkout with the Order Attributes (https://marketplace.abantecart.com/order_attributes) 3rd party extension