Fraudulent IP Blocking
- Sarah Holst
Overview
Aspenware has a feature to enable auto-blocking of IP addresses that exhibit fraudulent volume behavior. The feature works by configuring a threshold for the number of times an IP address fails within an hour at the payment complete step. If an IP address fails on payment complete more than the configured threshold within an hour, the IP will be blocked from completing an order in all payment forms and sending values to the payment provider will also be blocked. A generic error message will be presented letting the user know that their order cannot be processed.
IMPORTANT: Aspenware Admins cannot view blocked IPs in Admin, nor can they unblock IPs in Admin. Blocked IPs will automatically be unblocked in one hour.
Detailed Setup
There are two settings that are used to enable this functionality:
order.ipblocking.enabled enables the functionality globally
order.ipblocking.threshold is used to define the threshold for triggering the IP block
The Store ID for both settings must be set to 'All Stores'. You may delete a setting and re-add it to set the Store ID.
To configure these settings:
Go to Configuration > Settings > All settings in the Commerce Admin Dashboard.
In the Search box, enter ‘blocking’ to return the two settings.
Click Edit next to the order.ipblocking.enabled setting to change the value.
Once in edit mode, click in the Value field and type in ‘True” to enable blocking (’False' will disable the functionality). Then click Update.
Then, configure order.ipblocking.threshold in the same manner. The Value will be an integer representing the number of times in one hour that a failed payment complete from this IP address will be tolerated. Beyond that threshold, the IP address will be blocked by writing a record to the GenericAttribute table.
Frequently Asked Questions
Q: How long is an IP address blocked if it’s triggered the order blocking functionality?
A: It is blocked for one hour and will then be cleared.