{"id":300257,"date":"2026-05-12T16:40:32","date_gmt":"2026-05-12T16:40:32","guid":{"rendered":"https:\/\/wordpress.org\/plugins\/adaptive-bot-shield-for-woocommerce\/"},"modified":"2026-05-12T16:40:07","modified_gmt":"2026-05-12T16:40:07","slug":"basiru-checkout-fraud-guard","status":"publish","type":"plugin","link":"https:\/\/ml.wordpress.org\/plugins\/basiru-checkout-fraud-guard\/","author":18233420,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_crdt_document":"","version":"4.5.0","stable_tag":"trunk","tested":"6.9.4","requires":"5.8","requires_php":"7.4","requires_plugins":null,"header_name":"Basiru Checkout Fraud Guard for WooCommerce","header_author":"Basir","header_description":"Intelligent WooCommerce bot blocking for checkout abuse, carding protection, and operator review.","assets_banners_color":"98c4d0","last_updated":"2026-05-12 16:40:07","external_support_url":"","external_repository_url":"","donate_link":"","header_plugin_uri":"https:\/\/wordpress.org\/plugins\/basiru-checkout-fraud-guard\/","header_author_uri":"https:\/\/profiles.wordpress.org\/basiru004\/","rating":0,"author_block_rating":0,"active_installs":0,"downloads":16,"num_ratings":0,"support_threads":0,"support_threads_resolved":0,"author_block_count":0,"sections":["description","installation","faq","changelog"],"tags":[],"upgrade_notice":{"4.5.0":"<p>This version migrates plugin data from wp_options to dedicated database tables for improved performance. The migration runs automatically on upgrade.<\/p>"},"ratings":[],"assets_icons":{"icon-128x128.png":{"filename":"icon-128x128.png","revision":3530170,"resolution":"128x128","location":"assets","locale":"","width":128,"height":128},"icon-256x256.png":{"filename":"icon-256x256.png","revision":3530170,"resolution":"256x256","location":"assets","locale":"","width":256,"height":256}},"assets_banners":{"banner-1544x500.png":{"filename":"banner-1544x500.png","revision":3530170,"resolution":"1544x500","location":"assets","locale":"","width":2172,"height":724},"banner-772x250.png":{"filename":"banner-772x250.png","revision":3530170,"resolution":"772x250","location":"assets","locale":"","width":772,"height":250}},"assets_blueprints":{},"all_blocks":[],"tagged_versions":[],"block_files":[],"assets_screenshots":[],"screenshots":{"1":"Dashboard showing blocked requests and statistics","2":"Blocklist management with bulk import","3":"Whitelist configuration","4":"Settings panel with all configurable options"},"jetpack_post_was_ever_published":false},"plugin_section":[],"plugin_tags":[166108,262701,262702,600,286],"plugin_category":[45,54],"plugin_contributors":[262703],"plugin_business_model":[],"class_list":["post-300257","plugin","type-plugin","status-publish","hentry","plugin_tags-bot-protection","plugin_tags-carding","plugin_tags-checkout-protection","plugin_tags-security","plugin_tags-woocommerce","plugin_category-ecommerce","plugin_category-security-and-spam-protection","plugin_contributors-basiru004","plugin_committers-basiru004"],"banners":{"banner":"https:\/\/ps.w.org\/basiru-checkout-fraud-guard\/assets\/banner-772x250.png?rev=3530170","banner_2x":"https:\/\/ps.w.org\/basiru-checkout-fraud-guard\/assets\/banner-1544x500.png?rev=3530170","banner_rtl":false,"banner_2x_rtl":false},"icons":{"svg":false,"icon":"https:\/\/ps.w.org\/basiru-checkout-fraud-guard\/assets\/icon-128x128.png?rev=3530170","icon_2x":"https:\/\/ps.w.org\/basiru-checkout-fraud-guard\/assets\/icon-256x256.png?rev=3530170","generated":false},"screenshots":[],"raw_content":"<!--section=description-->\n<p>Basiru Checkout Fraud Guard protects your WooCommerce checkout from automated bot attacks, carding attempts, and fraudulent order submissions. It uses behavioral analysis, rate limiting, and learned reputation signals to block malicious traffic while allowing legitimate customers through.<\/p>\n\n<h4>Key Features<\/h4>\n\n<ul>\n<li><strong>Behavioral Detection<\/strong> - Identifies bots through missing browser headers, suspicious order totals, and known bot patterns<\/li>\n<li><strong>Rate Limiting<\/strong> - Sliding window rate limiting with configurable thresholds<\/li>\n<li><strong>Identity Rotation Detection<\/strong> - Detects when bots cycle through multiple identities from the same IP<\/li>\n<li><strong>Name Rotation Detection<\/strong> - Flags IPs submitting orders with many different names<\/li>\n<li><strong>IP Reputation<\/strong> - Automatic temporary and permanent bans for repeat offenders<\/li>\n<li><strong>JS Proof Token<\/strong> - Browser verification system that blocks headless bot scripts<\/li>\n<li><strong>Manual Blocklist<\/strong> - Add IPs and CIDR ranges to block specific sources<\/li>\n<li><strong>Whitelist<\/strong> - Exempt trusted IPs and email domains from checks<\/li>\n<li><strong>Learned Reputation<\/strong> - Builds internal database of blocked signals for future detection<\/li>\n<li><strong>Full Audit Trail<\/strong> - Review recent blocks with customer details and block reasons<\/li>\n<li><strong>Email Alerts<\/strong> - Configurable notifications when bots are blocked<\/li>\n<li><strong>WooCommerce Logging<\/strong> - Integrates with WooCommerce log system<\/li>\n<\/ul>\n\n<h4>Detection Methods<\/h4>\n\n<ul>\n<li>Known fake email domains (mailinator, guerrillamail, etc.)<\/li>\n<li>Known bot phone numbers<\/li>\n<li>Landmark\/test addresses (1600 Pennsylvania Ave, etc.)<\/li>\n<li>Common bot order totals used in carding tests<\/li>\n<li>Missing HTTP headers (Origin, Accept-Language)<\/li>\n<li>Rapid checkout attempts<\/li>\n<li>Identity cycling patterns<\/li>\n<\/ul>\n\n<h4>Requirements<\/h4>\n\n<ul>\n<li>WordPress 5.8 or higher<\/li>\n<li>WooCommerce 6.0 or higher<\/li>\n<li>PHP 7.4 or higher<\/li>\n<\/ul>\n\n<!--section=installation-->\n<ol>\n<li>Upload the plugin files to <code>\/wp-content\/plugins\/basiru-checkout-fraud-guard\/<\/code> or install through the WordPress plugins screen<\/li>\n<li>Activate the plugin through the 'Plugins' screen in WordPress<\/li>\n<li>Navigate to WooCommerce &gt; Basiru Checkout Fraud Guard to configure settings<\/li>\n<li>The plugin begins protecting your checkout immediately with default settings<\/li>\n<\/ol>\n\n<!--section=faq-->\n<dl>\n<dt id=\"will%20this%20block%20legitimate%20customers%3F\"><h3>Will this block legitimate customers?<\/h3><\/dt>\n<dd><p>The plugin uses a scoring system with configurable thresholds. Legitimate customers rarely trigger multiple detection signals. You can adjust the score threshold and individual signal weights in Settings. The whitelist feature allows you to exempt known-good IPs and email domains.<\/p><\/dd>\n<dt id=\"what%20happens%20when%20a%20bot%20is%20blocked%3F\"><h3>What happens when a bot is blocked?<\/h3><\/dt>\n<dd><p>Blocked requests receive a generic \"Not Found\" error to avoid revealing detection methods. The block is logged in the audit trail and optionally to WooCommerce logs and email alerts.<\/p><\/dd>\n<dt id=\"does%20this%20work%20with%20the%20woocommerce%20block%20checkout%3F\"><h3>Does this work with the WooCommerce Block Checkout?<\/h3><\/dt>\n<dd><p>Yes. The plugin protects both the classic WooCommerce AJAX checkout and the new Store API (Block Checkout). The JS Proof token system provides additional protection for Store API requests.<\/p><\/dd>\n<dt id=\"can%20i%20import%20a%20list%20of%20ips%20to%20block%3F\"><h3>Can I import a list of IPs to block?<\/h3><\/dt>\n<dd><p>Yes. The Blocklist tab includes a bulk import feature. Enter one IP or CIDR range per line, optionally with a note separated by |.<\/p><\/dd>\n<dt id=\"does%20this%20affect%20site%20performance%3F\"><h3>Does this affect site performance?<\/h3><\/dt>\n<dd><p>The plugin only runs during checkout submissions. Rate limiting uses efficient database queries with proper indexing, and all detection runs locally inside WordPress and the plugin database tables.<\/p><\/dd>\n\n<\/dl>\n\n<!--section=changelog-->\n<h4>4.5.0<\/h4>\n\n<ul>\n<li>Database storage for all plugin data (migrated from wp_options)<\/li>\n<li>Improved admin UI with statistics dashboard<\/li>\n<li>Added bulk import for blocklist entries<\/li>\n<\/ul>\n\n<h4>4.3.1<\/h4>\n\n<ul>\n<li>Hardened JS Proof token system with nonce verification<\/li>\n<li>Added WC session cross-check for token validation<\/li>\n<li>Hard block via rest_authentication_errors for Store API<\/li>\n<\/ul>\n\n<h4>4.3.0<\/h4>\n\n<ul>\n<li>Added JS Proof token system for Store API protection<\/li>\n<li>Improved identity rotation detection<\/li>\n<\/ul>\n\n<h4>4.2.0<\/h4>\n\n<ul>\n<li>Full admin UI for all settings<\/li>\n<li>Manual blocklist and whitelist management<\/li>\n<li>Email alert configuration<\/li>\n<\/ul>","raw_excerpt":"Intelligent WooCommerce bot blocking for checkout abuse, carding protection, and operator review.","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ml.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin\/300257","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ml.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin"}],"about":[{"href":"https:\/\/ml.wordpress.org\/plugins\/wp-json\/wp\/v2\/types\/plugin"}],"replies":[{"embeddable":true,"href":"https:\/\/ml.wordpress.org\/plugins\/wp-json\/wp\/v2\/comments?post=300257"}],"author":[{"embeddable":true,"href":"https:\/\/ml.wordpress.org\/plugins\/wp-json\/wporg\/v1\/users\/basiru004"}],"wp:attachment":[{"href":"https:\/\/ml.wordpress.org\/plugins\/wp-json\/wp\/v2\/media?parent=300257"}],"wp:term":[{"taxonomy":"plugin_section","embeddable":true,"href":"https:\/\/ml.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_section?post=300257"},{"taxonomy":"plugin_tags","embeddable":true,"href":"https:\/\/ml.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_tags?post=300257"},{"taxonomy":"plugin_category","embeddable":true,"href":"https:\/\/ml.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_category?post=300257"},{"taxonomy":"plugin_contributors","embeddable":true,"href":"https:\/\/ml.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_contributors?post=300257"},{"taxonomy":"plugin_business_model","embeddable":true,"href":"https:\/\/ml.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_business_model?post=300257"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}