Carticy Checkout Shield for WooCommerce
| 开发者 |
carticy
alikhallad |
|---|---|
| 更新时间 | 2026年1月25日 20:16 |
| 捐献地址: | 去捐款 |
| PHP版本: | 8.0 及以上 |
| WordPress版本: | 6.9 |
| 版权: | GPLv2 or later |
| 版权网址: | 版权信息 |
详情介绍:
- Catches what CAPTCHA misses - Blocks bots hitting your API directly
- Works with any caching - LiteSpeed, Cloudflare, WP Rocket, W3TC - no conflicts
- Zero configuration - Activate and you're protected
- No external services - Everything runs locally on your server
- No performance impact - Validation adds microseconds, not seconds
- 4 Protection Modes - Learning, Permissive, Balanced, and Strict
- Activity Log - See blocked attempts with timestamps, reasons, and IPs
- IP Whitelist - Whitelist trusted IPs with CIDR notation support
- API Key Authentication - For headless and custom checkout setups
- Proxy Support - Works behind Cloudflare, load balancers, reverse proxies
- Block Checkout Ready - Supports both classic and block-based checkout
- HPOS Compatible - Works with High-Performance Order Storage
- WooCommerce Logging - Full integration with WooCommerce Status logs
安装:
- Upload the plugin files to
/wp-content/plugins/carticy-checkout-shield-for-woocommerce/ - Activate the plugin through the 'Plugins' menu in WordPress
- That's it. Protection is active immediately.
- WordPress 6.0+
- WooCommerce 8.0+
- PHP 8.0+
屏幕截图:
常见问题:
Does this slow down checkout?
No. Validation happens locally in microseconds. No external API calls, no waiting on third-party services.
Will this block real customers?
Very unlikely. The default Balanced mode is tuned to avoid blocking legitimate orders. If you're cautious, start with Learning mode - it logs what would be blocked without actually blocking anyone.
Does it work with Block Checkout?
Yes. Works with both classic checkout and the newer block-based checkout.
What about PayPal, Stripe, and other payment gateways?
All major gateways work normally. Payment confirmations from gateways aren't affected by checkout validation.
I run a headless store. Will this break my setup?
Not if you configure it. Add your frontend's server IP to the whitelist, or use API key authentication. Both options let legitimate automated requests through.
Do I still need CAPTCHA?
Up to you. This plugin catches bots that CAPTCHA misses (the ones hitting your API directly). You can use both, or drop CAPTCHA entirely and reduce checkout friction.
How do I know it's working?
Check the Activity Log in the plugin settings. You'll see every blocked attempt with the reason, timestamp, and IP address.
更新日志:
- Initial release
- Stateless bot detection with double-submit cookie
- Four protection modes (learning, permissive, balanced, strict)
- IP whitelist with CIDR support
- API key authentication for headless checkout
- Proxy/CDN support (Cloudflare, etc.)
- WooCommerce logging integration
- Dashboard statistics widget
- Orders list shield status column
- HPOS compatibility
- Block checkout compatibility