I have 3.5 and Paypal as payment method.
I was contacted by Paypal saying they have seen a ton of requests with credit cards being tested. I'm not seeing orders, which leads me to believe they somehow created an account to test an order to capture the cooking to then start hammering my site to test credit cards.
I'm not seeing any log showing this. So I'm not sure how I can stop this. I need to do this before Paypal shuts me down. They recommended maybe forcing a captcha at purchase stage.
Any ideas on how I can stop people from doing this?
Thanks!
Lance
cards being tested on site
- 1390
- 11685
- 8/10/2012
- United States
If you have no evidence of bogus orders being placed in your site, and nothing appears in the system log indicating failed transactions, then chances are very high that the hacker is doing it from his own localhost site, but using your paypal authentication information.
At Paypal, I'm fairly certain there is a way to specify acceptable URL origins for your transactions. Ensure that you have your https://www.yourdomain.com/onepagecheckout defined as the ONLY acceptable URL for transactions to originate from.
At Paypal, I'm fairly certain there is a way to specify acceptable URL origins for your transactions. Ensure that you have your https://www.yourdomain.com/onepagecheckout defined as the ONLY acceptable URL for transactions to originate from.