Fraud prevention should help you make faster decisions. It should not leave you searching through settings, reviewing every unusual order manually, or trying to understand why legitimate customers are being flagged.
Anti-Fraud for WooCommerce 8.0.0 introduces a redesigned, merchant-focused experience that makes your store’s protection easier to understand, configure, and manage.
The new release also brings together the major fraud-prevention improvements added throughout our recent development cycle, including stronger card-testing protection, more accurate location checks, marketplace-aware scoring, improved alerts, expanded MaxMind signals, and better performance for busy stores.
- Identify important protection gaps without searching through every setting
- Slow automated card testing and repeated payment attempts
- Reduce false positives affecting legitimate customers
- Review, hold, block, or clear suspicious orders more efficiently
- Keep fraud alerts and failed-order noise under control
A clearer way to manage store protection
Fraud tools can become difficult to manage when every rule, integration, and checkout control is presented with equal importance.
Version 8.0.0 reorganizes Anti-Fraud around the jobs a merchant needs to complete.
The redesigned Overview provides a central protection status screen showing:
- Whether Checkout CAPTCHA is active and correctly configured
- Whether card-testing limits are fully enabled
- Whether suspicious orders are screened before payment
- Which optional fraud services and integrations are connected
- Settings that require immediate attention
Status cards link directly to the relevant setting, helping merchants move from identifying a problem to fixing it without navigating through unrelated options.
The settings navigation has also been reorganized into clear areas such as essential protection, card-testing protection, order review, trusted and blocked customers, integrations, and advanced controls.
Less commonly used settings are placed under expandable advanced sections, keeping everyday configuration focused and easier to understand.
Fight card testing before it overwhelms checkout
Card-testing attacks can generate large numbers of failed payments, clutter the order screen, flood inboxes, and place unnecessary pressure on payment gateways and store resources.
Anti-Fraud for WooCommerce combines multiple layers of checkout protection so merchants do not have to depend on a single rule.
Checkout CAPTCHA
Require a human verification step before an order can complete using either Google reCAPTCHA or Cloudflare Turnstile.
Merchants using the classic checkout can also choose where the CAPTCHA appears, helping improve compatibility with different themes and checkout layouts.
Order and payment attempt limits
Limit how many orders or failed payment attempts a customer can make within a defined period. Anti-Fraud can evaluate activity using available identifiers such as customer details and network information.
Progressive checkout delays
Add increasing delays between repeated checkout attempts, making automated attacks slower and less effective without adding the same delay to ordinary customers.
Site-wide checkout rate limits
Apply an additional store-level limit when unusually high checkout activity indicates a broader automated attack.
Time-based order limits
Set additional order limits during selected hours, such as overnight periods when legitimate order volume is normally lower.
Failed-order cleanup
Bulk-delete failed orders created during an attack and temporarily suppress failed-payment emails when they are creating unnecessary inbox noise.
PayPal checkout hardening
Align supported PayPal checkout paths with your CAPTCHA and payment-attempt controls so attackers cannot simply move to a less-protected payment route.
Reduce false positives with more accurate fraud signals
Fraud detection is not only about flagging more orders. It is about distinguishing genuinely suspicious behavior from normal customer activity.
Recent improvements help the plugin interpret location and customer information more accurately.
- Improved matching of abbreviated and full state or region names
- Better handling of browser-provided country, state, and postal-code information
- More consistent comparison of browser and IP-based location signals
- Reduced reliance on city-level matches that may incorrectly flag nearby customers
- Improved formatting and interpretation of United States phone numbers and addresses
- Better handling of privacy and relay services, including iCloud Private Relay and Cloudflare networks
These changes help reduce unnecessary order holds while preserving useful signals when customer information is genuinely inconsistent.
Detect advanced IP risks with MaxMind
Merchants using supported MaxMind minFraud services can add deeper IP intelligence to their fraud scoring.
Advanced signal rules can identify:
- Anonymous VPN connections
- Public proxy services
- TOR exit nodes
- Hosting-provider or data-center IP addresses
- Large distances between an IP location and the billing address
Each signal can be enabled separately and assigned its own rule weight, allowing merchants to decide how strongly it should affect an order’s overall risk score.
MinFraud Score, Insights, and Factors results can also be blended into the Anti-Fraud score using configurable thresholds and weighting.
Treat marketplace orders like marketplace orders
Orders imported from marketplaces often look different from orders placed through your store’s checkout.
They may not contain a normal customer IP address, may use a masked email address, and may show that they were created through the REST API. Applying ordinary checkout rules without context can cause legitimate marketplace orders to be held or canceled.
Anti-Fraud can detect supported orders originating from:
- eBay
- Amazon
- Etsy
- Other unrecognized API import sources
Marketplace profiles allow the plugin to skip signals that are not meaningful for a particular channel while continuing to evaluate relevant order risks.
A built-in marketplace test tool can create a temporary test order, run the fraud check, show which source was detected, display the rules affected by the marketplace profile, and provide an option to delete the test order afterward.
Respond to suspicious activity faster
Finding a risky order is only useful when the merchant can understand it and act on it quickly.
Anti-Fraud provides clearer order-level information and practical response tools, including:
- One-click blocking of suspicious email and IP addresses
- Related-order visibility when several orders use the same IP address
- Clearer explanations of the rules contributing to an order’s score
- Automatic re-evaluation when relevant order details or trusted-customer settings change
- Fraud information included in the WooCommerce System Status report
- Dashboard views of high-risk orders, canceled orders, blocked activity, and recent attack pressure
Merchants can also configure score thresholds that determine when an order is considered medium or high risk and when it should be placed on hold or canceled.
Control trusted and blocked customers
Known customers should not be repeatedly delayed, while known sources of abuse should not be allowed to keep trying.
The expanded allow list can recognize trusted:
- Email addresses and IP addresses
- Phone numbers
- First and last names
- Address keywords
- Countries, cities, states, and postal codes
- User roles
- Payment methods
The block list provides similar controls for known risky emails, IP addresses, phone numbers, names, address phrases, countries, cities, states, and postal codes.
High-risk email and IP addresses can also be added automatically when the relevant auto-blocking options are enabled.
Reduce alert fatigue and premature order emails
During an attack, a useful alert can quickly turn into hundreds of repetitive messages.
Anti-Fraud now gives merchants more control over fraud-related email behavior.
- Set the minimum fraud score that triggers an alert
- Send alerts to additional recipients
- Limit the number of alerts sent during a defined window
- Temporarily suppress failed-payment emails during card attacks
- Prevent premature New Order emails while fraud checks are still running
This helps store teams focus on orders that require action instead of sorting through repeated automated notifications.
Better performance for busy stores
Large stores and stores experiencing automated attacks should not have to choose between fraud protection and a responsive WordPress admin.
Recent performance improvements include:
- A dashboard date filter that defaults to a manageable recent period
- Saved date-range preferences for each administrator
- Improved loading of large allow lists
- Reduced unnecessary database activity during high-volume bot attacks
- Improved handling of memory-related dashboard errors
- More defensive processing when external payment callbacks contain incomplete order data
The release also includes additional compatibility and reliability improvements for WooCommerce Checkout Blocks, High-Performance Order Storage, supported payment methods, and PHP 8.4 environments.
Optional protection when your store needs more
Every store has a different risk profile. Anti-Fraud allows merchants to begin with essential checkout and scoring controls, then add more advanced services when needed.
Optional integrations and tools include:
- MaxMind minFraud Score, Insights, and Factors
- Trust Swiftly step-up customer verification
- AI-assisted order-risk notes using your own OpenAI API key
- FraudLabs Pro SMS verification
- PayPal account email verification
- Chargeback-management partner programs
Stronger fraud protection without more guesswork
Anti-Fraud for WooCommerce 8.0.0 is designed to help merchants answer four important questions more quickly:
- Is my checkout protected against automated attacks?
- Why was this order flagged?
- What should I change next?
- How can I stop the same activity from happening again?
By combining clearer setup guidance with layered checkout protection, more accurate fraud signals, practical order-review tools, and better performance, version 8.0.0 makes it easier to protect revenue without creating unnecessary work for your team or friction for legitimate customers.
Upgrade to version 8.0.0
Customers with an active subscription can update Anti-Fraud for WooCommerce through the WordPress plugin screen or download the latest package from their WooCommerce account.







