Weve been battling with a card testing attack.
We seem to have been able to block most transaction with the right blocks and rules via stripe radar however…
New Customers are still able to be created and seem to have s2member access level one even if a charge was blocked.
Any suggestions would be great.
Enable logging and post the logs for those that make it through without actual payment. I had the same problem a couple of times (with legitimate customers that failed 3d secure) so there is definitely something wrong with S2 and stripe.
I since 2 months didn’t have such a problem anymore so have to wait for it to happen to post a log extract.
Hi Markus.
I’m interested in finding out how that’s happening, to prevent it.
As Felix suggested, please enable logging and when/if it happens again, please find the relevant entries from the log files. WP Admin > s2Member Pro > Log Files
Also all the related log entries from Stripe’s side. https://dashboard.stripe.com/logs?method[0]=post&method[1]=delete&direction[0]=connect_in&direction[1]=self
You can email me the logs when you have them, same address you wrote me to before.
Have the attacks continued? Are you using recaptcha? Are you using any s2 custom profile fields?
