Do you know who is spamming your site? How are you protecting your site? Do you have any security plugins set up in your site?
Regards
We found that all these transactions are done from a single IP address and we blocked that IP. Still, multiple spam transactions are happening.
As a security measure, we’ve implemented SSL on the website.
Currently, we are not using any security plugins.
Hi, I strongly suggest that you install a security plugin. There are many in WordPress repository. I recommend All In One WP Security and Firewall plugin.
Kind regards
Hi.
Are they spamming with actual card numbers or just some rubbish?
We can see random card numbers.
Looks like it’s some automated system is testing stolen\generated card numbers.
We’ll see what can be done about it. There are 2 possible solutions:
1. Add “honeypot” to the form, which is invisible for a regular visitor, but should be visible for bots. If the honeypot is touched, a message should be displayed that automatic submissions are not allowed. This should help against simple bots, but won’t help against more advanced.
2. Add Google reCaptcha support to the form. It should handle most of the bots, or at least greatly decrease their number.
If you don’t mind your customers clicking “I’m not a robot” before submitting the form, I guess #2 would be the best solution in this situation.
Hi,
We’ve already added those options. Still, we got spam transactions in Braintree.
Right now our Braintree account was suspended because of this issue.
We will add reCaptcha support for the credit card payment form shortly. Then you can contact Braintree, explaining the situation, they should unblock your account after this.
reCaptcha support for the payment form has been added. You need to configure it in plugins settings first. WP Braintree -> Settings, reCaptcha tab. Tick “Enabled”, enter your site keys and save changes. After this, your customers would need to click “I’m not a robot” checkbox to complete the payment.
You can get new plugin version with reCaptcha support here https://github.com/Arsenal21/wp-braintree/releases/download/2.0.3t1/wp-braintree.zip or wait until its released on WordPress repo (this could take a couple of days).
Plugin Author
mra13
(@mra13)
The new version has been released and it has the reCAPTCHA option in the settings menu that you can enabled (if your site is being targeted by bots)
