dealing with fake/spam orders

[Easy Green Hosting]

Sorry forget, the fake purchases are back again.

[Easy Green Hosting]

No fake purchases in the last 9 hours.

What fixed for us:

- updating whmcs and the template
- moving from recaptcha v2 to hCaptcha
I've read the recaptcha v3 is also a good solution.

The custom field trick was pretty useless

[createashoppe]

I just updated to 8.11.2, and now I am getting not-stop bot orders for domains. No payments, just the account creation and order. I've tried everything I've seen to fix it, and nothing is stopping them. WHMCS really needs a fix ASAP,

[snake]

have you tried my previous suggestion of changing the question/answer on the custom form field to something else other than the default suggested in the KB ?
as mentioned previously, this worked for me, and no fake orders since.

[Looper]

5 minutes ago, snake said:

have you tried my previous suggestion of changing the question/answer on the custom form field to something else other than the default suggested in the KB ?

This! custom field fixed my issue, but don't use the default one provided in the documentation. Use something like '7 + 3 = ?' instead

[bullybobgoogle]

Has nobody actually looked elsewhere for the answer....... IT'S GOOGLE pinging false orders to check you are complying with their rules, tc etc. Don't try to stop it or block ip or you will see your presence o  google drop or dissappear completely. just suck it up and it will stop once they've gone through your inventory 

[bear]

On 11/30/2024 at 3:14 PM, bullybobgoogle said:

IT'S GOOGLE pinging false orders to check you are complying with their rules, tc etc. Don't try to stop it or block ip or you will see your presence o  google drop or dissappear completely

And you have definitive proof of this fantastic claim?

[Looper]

On 12/1/2024 at 1:44 AM, bullybobgoogle said:

Has nobody actually looked elsewhere for the answer....... IT'S GOOGLE pinging false orders to check you are complying with their rules, tc etc. Don't try to stop it or block ip or you will see your presence o  google drop or dissappear completely. just suck it up and it will stop once they've gone through your inventory 

Good try, Mr. Hacker! So, you are the one who does these spams.

 

2 minutes ago, bear said:

And you have definitive proof of this fantastic claim?

Ignore them, it's not true

[MikePitta]

On 10/5/2024 at 9:06 PM, createashoppe said:

I just updated to 8.11.2, and now I am getting not-stop bot orders for domains. No payments, just the account creation and order. I've tried everything I've seen to fix it, and nothing is stopping them. WHMCS really needs a fix ASAP,

If you have a custom template for orders or frontend, have you updated them as well?

[Tman1816c]

Does someone please have the actual download file for the clouflare turnstyle hook to add to WHMCS. I am either blind or dumb but when i go to git i cannot find the downlod files?

[bear]

9 hours ago, Tman1816c said:

Does someone please have the actual download file for the clouflare turnstyle hook to add to WHMCS. I am either blind or dumb but when i go to git i cannot find the downlod files?

You mean this?

https://github.com/hybula/whmcs-turnstile/blob/main/includes/hooks/hybula_turnstile.php

[Huslua]

I’ve had a similar issue before with fake accounts, and what worked for me was setting up address validation during the registration process. I used a service that checks if the postal code matches a valid UK address, which helped weed out a lot of the non-UK sign-ups right from the start. You could also consider flagging email addresses with non-UK domains, like .com or anything not related to the UK. It’s a bit more manual but saved me a lot of hassle. Hopefully, something like that could help you block these fake users before they even get through.

[bear]

14 minutes ago, Huslua said:

something like that could help you block these fake users

So, anyone not in the UK is fake?
Please explain. 

[Lashmar Media]

Hey all, I have been suffering with this issue and think I have found a solution: 
After trying everything I still was getting round 75 fake order but tried this method of having the client first validate their email before placing the order. 
Here is the hook if you want to give it a try:
 

Step 1: Enable Email Verification

1. Log in to your WHMCS Admin Area.

2. Go to Configuration (Cog Icon) > System Settings > Security.

3. Find the setting "Enable Email Verification".

4. Tick the box to enable it.

5. Click Save Changes at the bottom.

✅ This will send a verification link to the user’s email after they register.

---

✅ Step 2: Prevent Ordering Until Email Is Verified

WHMCS does not natively block unverified users from ordering. You need to modify the cart behavior using a hook.

⚠️ How to Add a Custom Hook to Block Orders from Unverified Accounts:

1. Access your WHMCS Files via FTP or File Manager in cPanel.

2. Navigate to:
   /includes/hooks/

3. Create a new file, e.g.,
   blockUnverifiedOrders.php

4. Paste the following code inside that file:

php

CopyEdit

<?php use WHMCS\Database\Capsule; add_hook('ShoppingCartValidateCheckout', 1, function($vars) { $client = Menu::context('client'); if ($client && !$client->emailVerified) { return 'You must verify your email before you can place an order. Please check your email for the verification link.'; } });

5. Save the file.

✅ This stops the checkout with a message if the client’s email is not verified.

[snake]

Unfortunately this solution doesn't stop the users being created, and if you're blocking the order you simply won't notice all the additional users, which will still end up gradually increasing your license cost. You will then end up with many hundreds if not thousands of users that you need to delete manually.

The solution that I provided many months ago is still working just fine for me, I haven't had any fake spam users or orders since then.