內容簡介
Checkout Shield for WooCommerce 是一款專為 WooCommerce 設計的外掛,旨在阻止假訂單、垃圾機器人及信用卡測試攻擊。透過驗證每個結帳請求來自真實瀏覽器會話,確保商店的安全性。
【主要功能】
• 自動阻擋機器人,啟用後立即生效
• 四種保護級別,選擇適合的防護強度
• 儀表板概覽,快速查看被阻擋與驗證的訂單
• 訂單狀態追蹤,了解哪些訂單被標記或阻擋
• IP 白名單,允許信任的地址通過
• 支援所有結帳類型,包括經典與區塊式
外掛標籤
開發者團隊
② 後台搜尋「Checkout Shield for WooCommerce – Stop Fake Orders, Spam Bots & Card Testing」→ 直接安裝(推薦)
原文外掛簡介
Checkout Shield stops fake checkout orders and card testing attacks — the kind that bypass your CAPTCHA.
Card testing bots don’t fill out your checkout form. They hit your store’s checkout API directly, completely skipping any reCAPTCHA or hCaptcha you’ve set up. That’s why CAPTCHA alone doesn’t stop them.
This plugin verifies that every checkout request comes from a real browser session. Bots that can’t prove they loaded your checkout page get blocked before WooCommerce processes the order.
Why Store Owners Choose This Plugin
Catches what CAPTCHA misses — blocks bots hitting your checkout API directly
Works with any caching — LiteSpeed, Cloudflare, WP Rocket, W3TC — no conflicts
Zero configuration — activate and you’re protected
No external services — everything runs on your server, no subscriptions
No performance impact — validation adds microseconds, not seconds
Features (Free)
Automatic bot blocking — works the moment you activate, no setup needed
4 protection levels — Learning, Permissive, Balanced, and Strict — choose how aggressive you want to be
Dashboard overview — see blocked vs verified orders at a glance with a 7-day chart
Order status tracking — know which orders were flagged, passed, or blocked
IP whitelist — let trusted addresses through, supports CIDR notation
API key authentication — for headless and custom checkout setups
Works with all checkout types — classic, block-based, and all payment gateways
HPOS compatible — works with High-Performance Order Storage
WooCommerce logging — full integration with WooCommerce Status logs
Pro Features
Take control with advanced tools:
Smart logging — choose what gets logged: nothing, blocked attempts only, or everything with full details
Recent blocks feed — see the last 50 blocked attempts right on your dashboard, with email, payment method, and block reason
Automatic CDN/proxy detection — correctly identifies visitor IPs behind Cloudflare, Sucuri, or Akamai without manual configuration
Stronger permissive mode — adds referrer verification on top of session checks for tighter bot detection
Checkout details in logs — see exactly which email and payment method bots tried to use
Customer blocklist — block repeat offenders by email, name, address, phone, IP, or postal code
Order block metabox — add customers to the blocklist directly from any order screen
Learn more about Pro features
