My WooCommerce website is getting fake/bot orders.
The support doesn work on Saturdays and Sundays, so some Friday requests can be answered on Monday. If you have problems with registration ask help on contact us page pleaseIf you not got email within 24~36 business hours, firstly check your spam box, and if no any email from the support there - back to the forum and read answer here. DO NOT ANSWER ON EMAILS [noreply@pluginus.net] FROM THE FORUM!! Emails are just for your info, all answers should be published only here.
The support doesn work on Saturdays and Sundays, so some Friday requests can be answered on Monday.
I am continuously getting fake orders by bots on my WooCommerce website theinsightsolutions.com from the different IPs of the different states of world.
Every order has a different billing or shipping address, also have a different email and phone number. There is no pattern found in those orders. Cloudflare is not connected with my website.
Is there any free plugin which can block these fake orders?
Hi, this isn't related to HUSKY (WOOF) plugin (product filters), but here are general solutions for WooCommerce bot orders:
- Add reCAPTCHA to checkout page (Google reCAPTCHA v3)
- Use plugins:
- WooCommerce Anti-Fraud
- Cloudflare Turnstile
- OTP Verification for checkout
- Enable email verification before order completion
- Block suspicious patterns - same IP, disposable emails, etc.
You might want to contact WooCommerce support or security forums for this issue.
Hey Alex...thanks for the reply.. I turned on the V3 reCaptcha on the checkout page and also blocked the countries from where I were getting fake orders... But i think it will reduce my website traffic.
Hi Amyleon
Blocking entire countries is too aggressive and will hurt legitimate traffic. Here's a better approach:
Smart Solutions (won't affect real customers):
1. reCAPTCHA v3 + Score Threshold
- Keep v3 enabled, but set threshold to 0.5 (balance between security/UX)
- Only challenge suspicious scores, not everyone
2. Add Phone Verification (OTP) - ONLY for suspicious orders
// Trigger OTP only if order value > $500 or shipping != billing country
// This catches most bots without annoying regular customers
3. Enable"Payment Hold"
- Set new orders to"On Hold" status
- Review suspicious ones before processing
- Use WooCommerce Order Status Manager
4. Honeypot Field (invisible to humans, catches bots)
add_action('woocommerce_after_order_notes', function($checkout) {
echo '<div style="position:absolute;left:-5000px;">
<input type="text" name="confirm_email" tabindex="-1" autocomplete="off" />
</div>';
});
add_action('woocommerce_checkout_process', function() {
if (!empty($_POST['confirm_email'])) {
wc_add_notice('Error processing order', 'error');
}
});
5. Free Plugin: WooCommerce Anti-Fraud
- Scores orders automatically
- Flags suspicious ones for review
- Won't block anyone, just alerts you
6. Check Payment Method
- Are bots using"Cash on Delivery"? Disable it temporarily
- Require card verification for first-time customers
Don't block countries - you'll lose real sales. Use smart detection instead.