[ic] RE: ip validation

Mike Heins mike at perusion.com
Thu Dec 4 19:01:18 EST 2003 

Quoting Aftermarket Cellular (wfiore at aftermarketcellular.com):
> 
> > > Hi,
> > >
> > > I have recently received hundreds of fraudulent attempts on my
> merchant
> > > account from within my interchange store, where a customer uses
> various
> > > credit card numbers to find a valid one. The transactions are being
> > > declined by authorize.net but I am still receiving an $.08 decline
> fee
> > > each time. Is there an available script that will block an ip
> address
> > > after three attempts.
> > 
> > You could place this piece of code on the checkout-page
> > 
> > [if term="[env REMOTE_ADDR]" op="eq" compare="12.34.56.78"]
> >   [bounce href="[area tage.html]"]
> > [/if]
> >
> >I would block them on the firewall or by Apache.
> >
> >Ciao
> >     Racke
> >
> All the responses I have received to this post have been helpful. I
> placed a request through Authorize.net for the perpetrators ip address
> and am waiting for a response.
> 
> In general, is there a way to have a session timeout placed on the
> interchange shopping cart, and after so many attempts to checkout the
> session will expire?

Easily. Depending on where your [charge ...] is happening, do something
like this (untested):

    [calc]
            my $filename = "tmp/charge_failed/$Session->{ohost}";
            my $past = $Tag->counter({ file=> $fn, value => 1});
            return unless $past > 3;
            die errmsg(
                            "Real-time charge failed. Reason: %s\n",
                            'too many failed charge attempts',
                    );
    [/calc]
        
    [tmp name="charge_succeed"][charge route="[var MV_PAYMENT_MODE]"][/tmp]

    [if scratch charge_succeed]
    [then]
        [set do_invoice]1[/set]
        [set do_payment]1[/set]
        Real-time charge succeeded. ID=[data session payment_id] amount=[scratch tmp_remaining]
    [/then]
    [else]
        Real-time charge FAILED. Reason: [data session cybercash_error]
        Failed charge count: [counter file="tmp/charge_failed/[data session ohost]"]
        [calc]
                my $count = $Tag->{
                die errmsg(
                                "Real-time charge failed. Reason: %s\n",
                                errmsg($Session->{cybercash_error}),
                        );
        [/calc]
    [/else]
    [/if]

-- 
Mike Heins
Perusion -- Expert Interchange Consulting    http://www.perusion.com/
phone +1.765.647.1295      <mike at perusion.com>

If you like what you're gettin', keep doin' what you're doin'. -- Hector

More information about the interchange-users mailing list