Add Google reCaptcha for place order against carding attack
-
Because Carding Attack serious issue, this repo was born.
-
Tested against forged place order attack script, follow by the rest url and place order method
- /V1/guest-carts/:cartId/payment-information
Magento\Checkout\Model\GuestPaymentInformationManagement::savePaymentInformationAndPlaceOrder()
- /V1/carts/mine/payment-information
Magento\Checkout\Model\PaymentInformationManagement::savePaymentInformationAndPlaceOrder()
- /V1/guest-carts/:cartId/payment-information
-
Support Magento 2.4.1 and upper.
-
Wrok for
Braintree Credit CardwithGoogle reCaptcha v2 invisibleONLY. No test other cases.
- This module will be replaced by future version of magento/security-package.
composer require rangerz/magento2-module-re-captcha-checkout
bin/magento module:enable Rangerz_ReCaptchaCheckout
bin/magento setup:upgrade
-
Apply reCaptcha v2 invisible by Google
-
Fille website and secret key
-
Configuration -> SECURITY -> Google reCAPTCHA Storefront -> reCAPTCHA v2 Invisible
- Configuration -> SECURITY -> Google reCAPTCHA Storefront -> Storefront
