Jump to content

Code to report fraudulent orders back to Maxmind -and- todo list


Recommended Posts

"About maxmind: Users of the minFraud service benefit from a dynamic and adaptive approach to fraud detection and the mutual protection of the minFraud Network. For example, if we detect suspicious activity from an IP address, it will be flagged as high risk throughout the entire minFraud Network in real-time. Feedback from merchants thus serves as a warning signal to all others within the minFraud Network."

 

---

 

This script will report an order as fraud to maxMind when it is set to fraud status in WHMCS. This is ideal because maxMind will monitor the order for up to a week after it was placed, and follow-up with other providers to help stop the fraud. The more companies using this hook, the stronger all our fraud screenings will be.

 

When maxmind follows-up with information that an order in your system is fraud (up to a week after the transaction), it will appear in your WHMCS "To do" list to investigate further.

 

 

Extract to your WHMCS system. two files:

 

 

maxmindcallback.php

includes\hooks\ReportMaxMindFraud.php

 

Login to Maxmind and set the minFraud alert URL to http://yourwhmcs.com/maxmindcallback.php[/url]

maxmind_callback_for_whmcs.zip

Link to comment
Share on other sites

I don't know how it would be possible to put a button on the order detail page to do that. the code is not encoded, it's open for anyone to review and edit. If you find a way to perfect it, please just post it back so everyone can use it. thank you

Link to comment
Share on other sites

What about orders which Maxmind flags as fraud incorrectly?

You simply login to maxmind and tell them its not fraudulent, and they adjust their scoring.

In over 5 years we've only had 3 orders they've said are fraud that have been valid, but thousands they've said are valid fail our additional fraud checks.

Link to comment
Share on other sites

You simply login to maxmind and tell them its not fraudulent, and they adjust their scoring.

In over 5 years we've only had 3 orders they've said are fraud that have been valid, but thousands they've said are valid fail our additional fraud checks.

 

No, I actually meant: how will this script be able to tell Maxmind that a fraudulent order was flagged for fraud incorrectly?

Link to comment
Share on other sites

This is a great idea but maybe it should be a manual process as some orders are marked as fraud which aren't.

 

I received an email the other day to not activate an order because it matched other reported frauds which I found to be a great service from MaxMind.

Link to comment
Share on other sites

  • 2 months later...
  • 4 months later...
  • 3 months later...
  • 2 weeks later...

I have been getting e-mails from MaxMind regarding "MaxMind Alert URL Failure". I have replaced the old IPs in the callback file and I haven't received any other e-mails from them since:

 

/*
Maxmind IP's are:
50.97.220.229
50.97.220.230
174.36.207.187
174.36.207.188
174.36.207.189
*/
$maxmindipaddresses = array('50.97.220.229','50.97.220.230','174.36.207.187','174.36.207.188','174.36.207.189');

Link to comment
Share on other sites

Is this still needed for the current version of WHMCS

 

As far as i can make out yes. The API at MaxMind has options you need to set, Callback url, WHMCS sends its own callback url for the initial order, I dont know if this is used again for the updated reports as this is a seperate area within the site, two things you can do, callback url or callback email address.

 

The documentation here at whmcs does not specify anything about updates or manual reporting back to MaxMind so i can only assume one of two things. Either this function is not available, or the documentation is not correct. You could ask support for that information but i have updated this hook and module file anyway.

 

 

You simply login to maxmind and tell them its not fraudulent, and they adjust their scoring.

In over 5 years we've only had 3 orders they've said are fraud that have been valid, but thousands they've said are valid fail our additional fraud checks.

 

You do not need to log in to MaxMind at all with this hook. Yes i know its available, however this works off the button on the order page to "set as fraud", to be more specific it actually works directly off the FraudOrder hook so this will trigger even when the api makes an order as fraud (IE when you get the first callback). I am working on that matter right now, its a simple case of checking where the hook is being called from and only allowing admin fraud marking to fire it.

 

New Update version 1.1 download MaxMind_Fraud_Order_Reporting.zip

 

Change Log

 

::1 Callback File Relocated - Moved into maxmind module directory.

::2 Array Structure Altered - Easier Reading for changes.

::3 Comments Added - Documented a few more areas, better too many than not enough.

::4 URL to IP Address list provided - User can easily find and change the IP Addresses needed for call back servers to work.

::5 General Code Tidying - Just being fussy.

::6 Added WHMCS version switching - init.php in version WHMCS 5.2 properly supported.

::7 Added Activity Logging - Keep track of this reports/access etc.

::8 Tidy up of SQL Queries - Removal of escaped quotations to aid readability.

::9 Choose where to notify staff. - Configuration option to allow the use of staff notice board or to-do items list (noticeboard must active if used).

::10 Added 403 Access Denial. - Direct Access to callback file will throw a 403 denied notice using your own error pages if you have them set up.

::11 Improved Notices - Better format on comment block for Author, license, Usage and Revision version in php files.

::12 Removed Camel Case - CamelCaseFunction naming changed to standard function_naming_practice.

::13 mysql query rewritten - Query in reporting hook file has been rewritten into one single query.

Edited by CDJ Hosting
Link to comment
Share on other sites

  • 3 months later...
  • 2 weeks later...

Hi there, @ the developer of this plugin.

 

Seeing as you have experience with the process involved with the MaxMind fraud check, i was wondering if the following could somehow be achieved:

 

I want to skip the fraud check on a specific product (free trial), but perform the fraud check when someone upgrades from this free trial to a paid product.

 

Could you code something to do this? Or offer advice on how we could code it ourselves?

Link to comment
Share on other sites

What you are asking isn't a feature of this module or even the maxmind module. Whmcs has settings to skip the fraud checks for existing clients if you need it to but what you are asking is the reverse, no check for a certain product and then make the check on upgrade.

 

This can be done with a hook, basically all the hook will do is prevent the fraud check for your free products, your normal settings will take over there after, obviously this will mean you have fraud checks enabled and do not disable it for existing active clients.

Link to comment
Share on other sites

Thanks for the input, thats really helpful.

 

The only problem is that it seems that the fraud check does not take place on upgrades (it happens only on new orders). So even if you "Enabled" fraud checking for existing clients, it would not run the check for the upgrade. Only if those existing clients ordered a new product entirely would it be checked.

 

Any other suggestions to accomplish my requirements?

Link to comment
Share on other sites

  • 3 weeks later...

the only requirement I made when I first published the module was that it is and shall remain a FREE module for every whmcs user to use with the stipulation that if you perfect it, you publish it for all.

 

Although we are all competitors to some degree, if we can band together to fight fraud then we can really go a long way towards reducing it to an absolute minimum. Many of these criminals will hop from provider to provider and I hope that this module will squash that practice.

Link to comment
Share on other sites

  • 2 months later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated