prestonchoate/module-carding-prevention
This module adds a plugin before \Magento\Checkout\Model\GuestPaymentInformationManagement::savePaymentInformationAndPlaceOrder that will log the used cart ID to the configured caching service (most likely redis). If that cart ID is used again within the configured threshold the transaction will be canceled.
To install via Composer you need to add this repository to your Magneto project.
composer config repositories.prestonchoate '{"type": "vcs","url": "[email protected]:prestonchoate/CardingModule.git"}'
Then require the module with:
composer require prestonchoate/module-carding-prevention
Finally run the following commands to fully install the module:
bin/magento module:enable PrestonChoate_CardingPrevention
bin/magento setup:upgrade
bin/magento cache:flush
There are two configurations for this module. They both are located at Stores -> Configuration -> Security -> Carding Prevention
- General
- Enabled - This controls enabling and disabling the module as a whole
- Threshold
- This will set the number of seconds between requests that a user must wait to post another transaction with the same Cart ID
A model is supplied for retrieving configurations at \PrestonChoate/CardingPrevention/Model/Config.php.
The main plugin exists at \PrestonChoate\CardingPrevention\Plugin\Magento\Checkout\Model\CardingPreventionPlugin