Card Testing

I seem to have someone doing credit card testing.  It will come from one IP.   I installed the demo of the plugin and blocked the IP.   After a couple hours, it started coming in from a different IP.  

I have nop 3.5.    

Is there a pattern or something I can do to automatically block these attempts to test declines or passes that are hitting paypal (our only payment provider)?  

Example log:

The level of log entry.Log level:  Error
The log entry message.Short message:  Error while placing order. Error 1: Payment error: LongMessage: This transaction cannot be processed. ShortMessage: Processor Decline ErrorCode: 15005
The details for the log entry.Full message:  
IP address of the machine that caused the exception.IP address:  209.107.195.150
Name of the customer who caused the exception.Customer:  
Originating page of exception.Page URL:  https://mywebsite/checkout/opcconfirmorder/
The referrer URL.Referrer URL:  /onepagecheckout
Date/Time the log entry was created.Created on:  1/24/2017 2:13:04 AM

Did you write me full message?
If you wrote full message I'll add new pattern
Processor Decline ErrorCode: 15005

Try it and write me about result.

Thanks.  Will try that.  Already, since implementing demo and banning 3 ip's, it's seemed to clear issue, but having the pattern will help if this happens again.

Didn't seem to work.

The following is in the Hacker's patterns (note - you had misspelled Hacker's as Hacket's):

was not found or does not implement icontroller
Processor Decline ErrorCode: 15005

I have time set to 1 and # of hacking attempts set to 4.


These came in between 5 and 50 seconds intervals for several hours.


Full message:


The level of log entry.Log level:  Error
The log entry message.Short message:  Error while placing order. Error 1: Payment error: LongMessage: This transaction cannot be processed. ShortMessage: Processor Decline ErrorCode: 15005
The details for the log entry.Full message:  
IP address of the machine that caused the exception.IP address:  89.238.132.40
Name of the customer who caused the exception.Customer:  
Originating page of exception.Page URL:  https://xyz.com/checkout/opcconfirmorder/
The referrer URL.Referrer URL:  /onepagecheckout
Date/Time the log entry was created.Created on:  1/25/2017 6:04:22 PM

Note: I'm running demo still, if that matters.

Can you write me separate ShortMessage and LongMessage?

Was this message in ShortMessage or LongMessage?

ShortMessage: Processor Decline ErrorCode: 15005

The following was on the Short Message log line:


Error while placing order. Error 1: Payment error: LongMessage: This transaction cannot be processed. ShortMessage: Processor Decline ErrorCode: 15005


The Full Message line in the log was blank.

I think I have found the problem, but I want to add new notification in plugin log file. I'll do now new release and answer you after one hour.

1. Download new release from our site, we didn't change the release number.
2. Replace plugin folder (all files)
3. Restart your site.
4. Enable Debugging on plugin Configure page.
5. Try to emulate "wrong payments"
6. Send me plugin log file FoxNetSoft.Plugin.Misc.IPFilter_log.txt from App_Data folder.

Send me file if you have problem again.

I'll give it a try.  I might not be able to emulate, but will keep an eye on for future hack attempts.