4 results found

1. Cloudflare WAF Rules

   Please help with implementing below security features ASAP. There are so many frequent attacks on the website that causes the websites to go down.

   1. Geographical Rate Limiting - Add rules with rate limiting for traffic outside of specific countries (Challenge beyond the primary range/limit and block beyond the secondary range/limit)
   2. Basic Rate Limiting - Can we add a rule with rate limiting to block DoS attacks
   3. Bot Protection - Challenge suspected bots to confirm user authenticity
   4. Bot detection with javascript to identify headless browsers
   5. Captcha functionality - when users initially come into the site or users are starting an order or users are entering credit card information
   6. WAF compromised credentials check
   7. Any other WAF rules to protect the website from anonymous usage and attacks

   There are multiple problems if there are no proper security rules in place.

   • Problem-1: Websites are going down – Loss of business and sales
   • Problem-2: There are many unnoticed attacks, as we know the attacks only after the websites go down
   • Problem-3: There is a possibility of data mining from our websites if there is no security rules

   Please help with implementing below security features ASAP. There are so many frequent attacks on the website that causes the websites to go down.

   1. Geographical Rate Limiting - Add rules with rate limiting for traffic outside of specific countries (Challenge beyond the primary range/limit and block beyond the secondary range/limit)
   2. Basic Rate Limiting - Can we add a rule with rate limiting to block DoS attacks
   3. Bot Protection - Challenge suspected bots to confirm user authenticity
   4. Bot detection with javascript to identify headless browsers
   5. Captcha functionality - when users initially come into the site or users are starting an order… more
   6 votes

   Vote Vote Vote

   We're glad you're here

   Please sign in to leave feedback

   Signed in as (Sign out)

   Close

   Close

   Vote

   We’ll send you updates on this idea

   1 comment  ·  Delete…  ·  Admin →
   Closed  ·  AdminDominic Hartjes (Senior Product Manager, Optimizely) responded

   Thank you for your feedback!

   
   

   This feedback item has been split to enable updates on the various different questions as they become available.

   
   

   • Rate limiting related questions (1 and 2): https://feedback.optimizely.com/redirect/suggestions/50742092
   • Bot Protection related questions (3, 4, 7): https://feedback.optimizely.com/redirect/suggestions/50742158
   • Captcha functionality (5): https://feedback.optimizely.com/redirect/suggestions/50742185
   • WAF compromised credentials check (6): https://feedback.optimizely.com/redirect/suggestions/50742164

2. Stored card orders or subscription orders are not supported in cloud applications without user interaction

   This is reference to #1535075.
   We are looking for the solution: It is regarding the issue we are currently facing on the Customer project, where recurring or subscription orders (credit card payments are failing.
   According to the response provided in the referenced support ticket, it has been stated that Stored card orders or subscription orders will not be supported in cloud applications without user interaction (e.g., entering CVV.
   For context, services like Netflix in the U.S. support recurring payments without requiring user interaction for each transaction (such as CVV entry.
   In order to fulfill this requirement, we are looking for an enhancement to ensure that subscription orders can be placed successfully.

   This is reference to #1535075.
   We are looking for the solution: It is regarding the issue we are currently facing on the Customer project, where recurring or subscription orders (credit card payments are failing.
   According to the response provided in the referenced support ticket, it has been stated that Stored card orders or subscription orders will not be supported in cloud applications without user interaction (e.g., entering CVV.
   For context, services like Netflix in the U.S. support recurring payments without requiring user interaction for each transaction (such as CVV entry.
   In order to fulfill this requirement, we are looking for… more

   1 vote

   Vote Vote Vote

   We're glad you're here

   Please sign in to leave feedback

   Signed in as (Sign out)

   Close

   Close

   Vote

   We’ll send you updates on this idea

   0 comments  ·  Delete…  ·  Admin →
   Closed  ·  AdminSara Winter (Principal Product Manager, Optimizely) responded

   While reviewing details from ticket this was resolved using existing functionality.

3. Product Feedback: feedback too big for page very distracting

   Description: This feedback thing takes up a large portion of my screen and makes it difficult to close. I'm using firefox.

   2 votes

   Vote Vote Vote

   We're glad you're here

   Please sign in to leave feedback

   Signed in as (Sign out)

   Close

   Close

   Vote

   We’ll send you updates on this idea

   Closed  ·  0 comments  ·  Delete…  ·  Admin →

4. Budget Threshold alert related notification emails are being sent to the customer months after initial notification failed.

   Budget Threshold emails are being sent inaccurately. Configured Commmerce Customer previously had the budget threshold feature-requesting further review directly with Partner for this existing functionality.
   ENB-2730: reference for issue and advised to submit Enhancement request.

   3 votes

   Vote Vote Vote

   We're glad you're here

   Please sign in to leave feedback

   Signed in as (Sign out)

   Close

   Close

   Vote

   We’ll send you updates on this idea

   0 comments  ·  Delete…  ·  Admin →
   Closed  ·  AdminSara Winter (Principal Product Manager, Optimizely) responded

   Closing as this was believed to have been resolved via tickets and was not requiring enhancement