Someone has been using the donation page in one of my websites to test stolen credit card information. They have been able to send through hundreds of payment requests in a very short time.
Is there any way to implement flood control in a payment gateway? Or some other to add some security to prevent this happening?
Thanks.
You should probably look into various SPAM control mechanisms such as Captcha and reCaptcha by google. You can read more about spam controls in Matrix here: https://matrix-manuals.squiz.net/custom-form/chapters/form-contents#form_contents_screen
You should probably look into various SPAM control mechanisms such as Captcha and reCaptcha by google. You can read more about spam controls in Matrix here: https://matrix-manuals.squiz.net/custom-form/chapters/form-contents#form_contents_screen
Thanks Bart. I did implement captcha, but that didn't stop them. (I didn't try recaptcha though as it is not clear to me that it is available for ecommerce forms.) In the end we had to get the payment gateway to forbid all payments from outside Australia and New Zealand.
Thanks Bart. I did implement captcha, but that didn't stop them. (I didn't try recaptcha though as it is not clear to me that it is available for ecommerce forms.) In the end we had to get the payment gateway to forbid all payments from outside Australia and New Zealand.
Typically a captcha should be enough to stop spamming but sometimes captcha can be broken to provide protection, just interested to know if that is the case here. Can you please PM me the details of how the captcha was setup? I'm curious on the effectiveness of the captcha and what works and what doesn't. If anyone else has noticed the same problem with the captcha, feel free to PM me the details as well.