Go to main content

help desk

How to prevent an hacker to test multiple credit card?

Hacker can use a program to test card number multiple times.

 

Asked on 2022-08-02 11:19:00

OFFICIAL ANSWER

We implement the followings to stop that:

1. We accept only Canadian client

2. If a client is attempting to test a card more that 3 times within 5 minutes, his IP address is block definitively.

 

This was implemented using the preload in Extenso

 
function limit_ip()
 c = connection();
 r = request();
 client_ip = c.client_ip;
 geoip = geoip2(db:"/GeoIP2-City.mmdb",ip:client_ip);
 res = sql(single:true,"select count(*) as nb from ip_limit where ip = '?' and (sn_cdate > now() - interval 5 minute or blockip = 'yes')", client_ip);
 if res.rows.nb > 3 then
 blockip = "yes";
 else
 blockip = "no";
 endif

 res = insert(table:"ip_limit",snc:true,fields : {
 "ip":client_ip,
 "request":r.unparsed_uri,
 "blockip":blockip,
 "country_code" : geoip.country_code,
 "info" : stringnify(geoip)
 });
 return blockip;
endf
Answer by:
Pierre Laplante

Replied on: 2022-08-02 11:20:00