A customer’s eCommerce site came under attack. It was a little unusual, because first, it was a live person that attempted an invalid transaction, and then they launched a BOT (script) that made another thousand attempts. Of course, the attempts failed, and our customer was charged a small transaction fee that was waived by the credit card gateway, but it forced us to study how we could stop or slow this type of attack.
Our customer runs a boutique eCommerce site that uses WooCommerce for the shopping cart and Authorize.net as their credit card gateway. To connect the two they use Woo’s Authorize.net DPM Connector, which allows the transaction to be framed into their site, much like a Google map can be displayed in your website.
First, a CAPTCHA is a test that makes sure that a real person, not a script or a bot, is submitting information to your website. To be more customer friendly we had not set up a CAPTCHA, but after the attack we decided it was necessary. Second, it’s good to have a firewall running in your site that can monitor (and stop) attacks, and also allow you to individually block an IP address that is attacking. When we see highly scripted programs try to take down a customer, these types of attacks frequently come from a single IP. The easy ability to watch real-time attacks from a single IP and then be able to block that IP is invaluable.
We found the WP reCaptcha Integration plugin to work the best for us. It took some research to find a solution that integrated seamlessly with WooCommerce as part of the transaction process, and the WP reCaptcha Integration plugin did the trick. Not only that, but it uses Google’s reCaptcha implementation, which was friendly and professional:
And we also liked the visual interface:
Another win: CAPTCHA is built into the WordPress login, so no more attacks on your WordPress content management system.
There are many great articles that review various WordPress security plugins. WordFence is well reviewed and was always in the top three, but most importantly for us, it was easy to blacklist specific IP addresses. Yes, we know that attacks come from many IPs, but when you have a specific competitor targeting your site, it helps to be able to block them in a surgically precise way. WordFence does more than just IP blocking, it also monitors logins, scans your site proactively, and emails legitimate warnings to your admins.