Title: Spam orders attack Last modified: November 22, 2024 --- # Spam orders attack * Resolved [panoramix71](https://wordpress.org/support/users/panoramix71/) * (@panoramix71) * [1 year, 6 months ago](https://wordpress.org/support/topic/spam-orders-attack/) * Hi all, * in last 12 hours I received 180 failed orders. Different products, value less then 100€. * They cames from differents IP address. * I updated the site and all the plugins and put it maintenance mode but the orders keep coming in. * How can I stop them quickly? * Thanks in advance. * The page I need help with: _[[log in](https://login.wordpress.org/?redirect_to=https%3A%2F%2Fwordpress.org%2Fsupport%2Ftopic%2Fspam-orders-attack%2F%3Foutput_format%3Dmd&locale=en_US) to see the link]_ Viewing 9 replies - 1 through 9 (of 9 total) * [ckadenge (woo-hc)](https://wordpress.org/support/users/ckadenge/) * (@ckadenge) * [1 year, 6 months ago](https://wordpress.org/support/topic/spam-orders-attack/#post-18155488) * Hi [@panoramix71](https://wordpress.org/support/users/panoramix71/), * Thank you for reaching out. * I’m sorry to hear you’re facing possible spam order attacks. * It could be possible you’re dealing with fraudulent activity on your site. To quickly mitigate this, consider implementing security measures such as CAPTCHA to verify users before they can place an order. You could also use a security plugin that can block IP addresses suspected of malicious activities. * Please always keep your site and plugins updated, as this also contributes to the overall security of your site. * I hope this helps. * Thread Starter [panoramix71](https://wordpress.org/support/users/panoramix71/) * (@panoramix71) * [1 year, 6 months ago](https://wordpress.org/support/topic/spam-orders-attack/#post-18156201) * Hi, * thanks for your anser. * I implemented reCAPTCHA first but not helped. * Then, i implementend the email verification (I bought the official WC plugin) but no lucky with this one as well. * IP address are alway different and orders spam continue What else can I do? * thanks in advance * [Jonayed (woo-hc)](https://wordpress.org/support/users/jonayedhosen/) * (@jonayedhosen) * [1 year, 6 months ago](https://wordpress.org/support/topic/spam-orders-attack/#post-18157851) * Hi [@panoramix71](https://wordpress.org/support/users/panoramix71/) , * I understand you’re still receiving a significant amount of spam orders, even after implementing CAPTCHA on your checkout and enabling email verification. * To help us investigate further, it would be helpful to review your current ** System Status Report** for more insight into your setup. You can find this report by navigating to **WooCommerce > Status** in your dashboard. From there: 1. Select **Get system report**. 2. Click **Copy for support**. * Additionally, if there are any error logs for your Payment Gateway plugin or Woocommerce, please share those as well. These can be accessed under **WooCommerce > Status > Logs**. * Once you’ve gathered this information, please paste it into a Code block in your reply or use [pastebin.com](https://pastebin.com) to share the link with us. * Let us know once you have this information, and we’ll assist you further. * [pdagency](https://wordpress.org/support/users/pdagency/) * (@pdagency) * [1 year, 6 months ago](https://wordpress.org/support/topic/spam-orders-attack/#post-18157949) * Hi, * We are currently facing fraudulent attacks involving card testing. Despite implementing various paid plugins, such as [Google reCAPTCHA for WooCommerce](https://woocommerce.com/products/google-recaptcha-for-woocommerce/) and [reCAPTCHA for WooCommerce](https://woocommerce.com/products/recaptcha-for-woocommerce/), bots are still able to bypass the reCAPTCHA process. The attacker appears to be using different IP addresses and Gmail accounts for each attempt, resulting in around 8 to 10 failed orders every 15 minutes. * As a temporary measure, we have disabled guest checkout and now require customers to register or log in before completing their purchases. * We are looking for a solution to securely re-enable guest checkout, as it previously worked without any issues. Any advice or recommendations would be greatly appreciated. * Thank you. * Plugin Support [shahzeen(woo-hc)](https://wordpress.org/support/users/shahzeenfarooq/) * (@shahzeenfarooq) * [1 year, 6 months ago](https://wordpress.org/support/topic/spam-orders-attack/#post-18159610) * Hi [@pdagency](https://wordpress.org/support/users/pdagency/) If you’re experiencing the same issue, we recommend [creating a new support ticket](https://wordpress.org/support/plugin/woocommerce/#new-topic-0). This helps us investigate your specific setup and provide a tailored solution. Sometimes, similar issues may have different causes, so a new ticket ensures we can offer the best assistance. Thank you!In the meantime, I recommend trying our **WooCommerce Anti-Fraud** plugin to help prevent fake or fraudulent orders: [WooCommerce Anti-Fraud](https://woocommerce.com/products/woocommerce-anti-fraud/). * Alternatively, you can try this free plugin: [Woo Blocker Lite – Prevent Fake Orders and Blacklist Fraud Customers](https://wordpress.org/plugins/woo-blocker-lite-prevent-fake-orders-and-blacklist-fraud-customers/). Thank you * Thread Starter [panoramix71](https://wordpress.org/support/users/panoramix71/) * (@panoramix71) * [1 year, 6 months ago](https://wordpress.org/support/topic/spam-orders-attack/#post-18159824) * Hello, * here my report: [https://pastebin.com/jvwqPiPh](https://pastebin.com/jvwqPiPh) * Thanks in advance. * Massimiliano * [Jonayed (woo-hc)](https://wordpress.org/support/users/jonayedhosen/) * (@jonayedhosen) * [1 year, 6 months ago](https://wordpress.org/support/topic/spam-orders-attack/#post-18163175) * Hi [@panoramix71](https://wordpress.org/support/users/panoramix71/) , * Thank you for sharing the SSR details. Upon reviewing them, I noticed that you are using the following premium plugin: * [WooCommerce Anti-Fraud](https://woocommerce.com/products/woocommerce-anti-fraud/) * For more specific guidance on this issue, I recommend reaching out directly to the Happiness support team. You can open a support request here: [Contact WooCommerce Support](https://woocommerce.com/my-account/contact-support/). * I hope this points you in the right direction! * Thread Starter [panoramix71](https://wordpress.org/support/users/panoramix71/) * (@panoramix71) * [1 year, 6 months ago](https://wordpress.org/support/topic/spam-orders-attack/#post-18163363) * Hi, * I installed those plugin after the card testing attack. * I’m can’t understand yours support strategy: A: Help request R: please install pluginsR2: then, please ask plugin support teams? - This reply was modified 1 year, 6 months ago by [panoramix71](https://wordpress.org/support/users/panoramix71/). * [Jonayed (woo-hc)](https://wordpress.org/support/users/jonayedhosen/) * (@jonayedhosen) * [1 year, 6 months ago](https://wordpress.org/support/topic/spam-orders-attack/#post-18166036) * Hi [@panoramix71](https://wordpress.org/support/users/panoramix71/) , * I understand there might be some confusion regarding our support policy. While we aim to assist everyone as much as possible, premium users do receive priority support tailored to their specific issue. Since you’re a premium plugin holder, we encourage you to reach out to us directly through your WooCommerce account. This way, our expert Happiness Engineers can provide you with faster, personalized assistance. * We’re here to help, so feel free to reach out through your account for more guidance. Viewing 9 replies - 1 through 9 (of 9 total) The topic ‘Spam orders attack’ is closed to new replies. * ![](https://ps.w.org/woocommerce/assets/icon.svg?rev=3234504) * [WooCommerce](https://wordpress.org/plugins/woocommerce/) * [Frequently Asked Questions](https://wordpress.org/plugins/woocommerce/#faq) * [Support Threads](https://wordpress.org/support/plugin/woocommerce/) * [Active Topics](https://wordpress.org/support/plugin/woocommerce/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/woocommerce/unresolved/) * [Reviews](https://wordpress.org/support/plugin/woocommerce/reviews/) * 9 replies * 5 participants * Last reply from: [Jonayed (woo-hc)](https://wordpress.org/support/users/jonayedhosen/) * Last activity: [1 year, 6 months ago](https://wordpress.org/support/topic/spam-orders-attack/#post-18166036) * Status: resolved