- Issue created by @bsnodgrass
- πΊπΈUnited States bsnodgrass
What version of Stripe.js is being used by this module? Does it pass the data mentioned above?
- πΊπΈUnited States bsnodgrass
Another interesting thing is the Card Testing attempts showing in the log in the Stripe dashboard do not exist as submissions in any of the webforms.
- πΊπΈUnited States bsnodgrass
So far, I have reinstalled reCaptcha module on the webform and we are no longer blocked on payments/donations at Stripe.
We are still looking into other options.
- πΊπΈUnited States bsnodgrass
We have done the following to stop these attempts and continue to experience card testing activity.
- Reviewed all the webforms and verified that any charges going through them would be logged.
- Verified Antibot is working properly on the webforms.
- Verified that stripe.js is loaded on all the webform pages.
- Reviewed server logs
- The API key has been moved into the settings.php file
We noted successes of the card testing had an IP address from our server not assigned to the domain. We are investigating this further AND changing the API key.
We also notice card testing logs on Stripe appear not to be included in webform submissions.
Are there any other things we should do to mitigate this activity?
- πΊπΈUnited States bsnodgrass
Is there a way via this module card testing information can be posted without going through the associated webform?
- πΊπΈUnited States bsnodgrass
It seems we are experiencing this related issue https://www.drupal.org/project/stripe_webform/issues/3318577 π Incomplete Payments generated on webform load Active