Skip to content
← Configured Commerce

Welcome! 👋

Configured Commerce

Categories

JUMP TO ANOTHER FORUM

(thinking…)

Captcha functionality

Please note: this idea required splitting so that various points may be addressed as information becomes available.

New request:

Captcha functionality - when users initially come into the site or users are starting an order or users are entering credit card information

Original request:

Please help with implementing below security features ASAP. There are so many frequent attacks on the website that causes the websites to go down.

  1. Geographical Rate Limiting - Add rules with rate limiting for traffic outside of specific countries (Challenge beyond the primary range/limit and block beyond the secondary range/limit)
  2. Basic Rate Limiting - Can we add a rule with rate limiting to block DoS attacks
  3. Bot Protection - Challenge suspected bots to confirm user authenticity
  4. Bot detection with javascript to identify headless browsers
  5. Captcha functionality - when users initially come into the site or users are starting an order or users are entering credit card information
  6. WAF compromised credentials check
  7. Any other WAF rules to protect the website from anonymous usage and attacks

There are multiple problems if there are no proper security rules in place.

• Problem-1: Websites are going down – Loss of business and sales
• Problem-2: There are many unnoticed attacks, as we know the attacks only after the websites go down
• Problem-3: There is a possibility of data mining from our websites if there is no security rules

5 votes

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

Vijayakumar Subramaniyan shared this idea  ·   ·  Report…  ·  Admin →
How important is this to you?

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Vijayakumar Subramaniyan commented  ·   ·  Report

    Hi Sara,

    The Captcha functionality here differs from the one on the website. This is needed to protect the site from unusual or bot attacks.

    Please review and assist in addressing these security issues, as we've been experiencing a significant increase in bot attacks recently. Thank you!

  • AdminSara Winter (Principal Product Manager, Optimizely) commented  ·   ·  Report

    Thank you for submitting this request! While we provide some reCAPTCHA settings pertaining to areas of the website where emails are often generated, we do not yet offer this upon accessing the website, initiating an order, or entering credit card information. This should be customizable by partners at the project level today but is not currently on our short term roadmap.

    We have added this item to our backlog for future base consideration and prioritization.