Forum Replies Created
September 20, 2021 at 11:42 pm in reply to: Spammers Posted hundreds ‘card testing’ transactions #4328
reCAPTCHA is implemented on the server side so it can’t be tampered with.
The other issue is that there are some people out there who offers a service to solve captcha manually (a human sitting there solving the captcha). That’s not something we can handle on our end since that responsibility falls on the captcha library.
We are going to make a couple of changes to address this issue. I will give you an update after we make the necessary code modifications to the plugin.
Hi, Are you doing the one time donation and a subscription donation all in one product? That seems to be causing an conflict. You need to delete that product then create a new product and pick the subscription type for it. Don’t select a “donation” type product then switch it to subscription.
Product types (one time, donation, subscription) are totally unique types. A NEW product needs to be created for each type of those.September 13, 2021 at 11:55 pm in reply to: Spammers Posted hundreds ‘card testing’ transactions #4319
Yep, that’s what it looks like from your explanation.September 12, 2021 at 11:33 pm in reply to: Spammers Posted hundreds ‘card testing’ transactions #4309
We already do that. The issue is that the spammers have the ability to post the data directly to Stripe’s site (without touching your site). So you always have to do a price verification after the transaction also (for maximum protection).September 11, 2021 at 12:26 am in reply to: Spammers Posted hundreds ‘card testing’ transactions #4306
There are various different things the spammers try so I won’t be able to tell you exactly what happened in your scenario without looking at all the income server request data. The captcha will stop all of those anyway and solve the issue.
There is an additional price verification that is done by our plugin after a successful API response. The post payment processing script will look at the webhook data sent by Stripe and match the price value with the data saved in the database for that product. If that validation fails, it won’t add to the orders menu (since it is not a valid transaction).
There is a lot more technical stuff that happens underneath, if you are interested, use the contact form to email us and I will give you more info.September 10, 2021 at 11:09 am in reply to: Spammers Posted hundreds ‘card testing’ transactions #4303
You need to enable the following captcha feature asap. That will stop those spam bots:
It’s actually a recommended setup when you setup the plugin at first. However, some uses dismiss that message. So please enable that feature and let us know how it goes after that.
Hi, We don’t have an option for it within the plugin. It’s not something we advertise. The simple shipping option available in the plugin is documented here:
You could perhaps put a message on your site that explains which countries you do support? You can maybe create a page listing the supported countries where you ship and the shipping rules. Then you can link to that page from your message. Also, you can add that to your terms and conditions.
I will also add this on our feature wish list document to consider a feature for it in the future.
Credit card is handled by Stripe directly. It’s also stored by Stripe. Your website won’t store any card information when this plugin is used. This is a good security practice as it reduces any liability from your side.August 25, 2021 at 8:17 am in reply to: First Name and Last Name not showing up in Stripe? #4217
Can you post the URL of the page where I can go and inspect your buy now button to see how it is behaving on this site?
Normally our plugin shows a field called “Name” which is for the full name (it doesn’t have separate first name and last name fields).August 18, 2021 at 12:58 am in reply to: Stripe API error occurred: Your card was declined. #4207
Yes that’s a clue. Go to the “Advanced Settings” menu of the plugin and then uncheck the “Enable Legacy Checkout API” checkbox and save the settings. Stripe is slowly discontinuing their old API usage. So you need to make sure to use the new API (which our plugin supports).
Also, go to your stripe merchant account dashboard and make sure that you are using the latest API in your account.
On a side note: Looks like you may have switched your site to use SSL certificate but you are not enforcing that all pages be loaded using the “HTTPS” URL. Do the following:
1) Check all the settings field to see if there is any URL that is using a non-https URL. If it is then update that URL value to use the “https” URL and save the settings.
2) Use a plugin like the following to force all pages on your site to be loaded using the HTTPS version:August 15, 2021 at 2:17 am in reply to: Stripe API error occurred: Your card was declined. #4189
Looks like Stripe is telling our plugin that the API key you provided in the settings is incorrect. Stripe is giving the following response to our plugin when it tries to submit the info to Stripe:
Invalid API Key provided
Double check the API key in your stripe account and make sure you have copied and pasted the correct API keys in the correct fields. Sometimes users make a copy and paste mistake. The following page has info on how to configure the API keys:
Also, edit the individual product and check if you have entered API key info in there. If you did, double check that API key value.August 12, 2021 at 11:31 pm in reply to: Stripe API error occurred: Your card was declined. #4173
Is there any other additional info in the error email that was sent?
Is this a valid card? Looks like Stripe is declining the card you are using.
Set everything in test mode (if that is possible) then post the URL of the page with the button so I can try a test mode transaction.August 2, 2021 at 12:35 am in reply to: Custom Field functionality is disabled in core plugin #4147
For the custom fields, if you are entering the text, then you specify the text in your language.
The text that comes from our plugin can be translated by using a translation file:
Also, some of the text on the payment popup window can be customized using this free addon:
The custom fields can only be ordered within the custom fields section of the payment popup window. The screenshot on the following page shows where the custom field section is within the payment popup:July 31, 2021 at 12:43 am in reply to: Custom Field functionality is disabled in core plugin #4138
Thank you for that. Looks like the custom fields option is not enabled in the advanced settings menu of the main plugin.
Go to the following interface:
Settings -> Advanced Settings
Check the Enable For All Buttons and Products checkbox and save the settings.
Then you can go back to the custom fields addon’s interface and configure the fields.