Here’s my second attempt to fight against WooCommerce spam, without installing a captcha plugin. A few posts ago I covered the My Account user registration spam, so today I want to tackle the WooCommerce Checkout, and try to “trick” spam bots.
Of course, this is a workaround and smart bots may understand you’re tricking them. So, feel free to test this first and let me know if it stops spam orders, card testing attacks, and tons of fake user registrations.
Same as the other post, I will be adding a custom hidden checkout field with an empty value. This won’t be visible to the customer, but will be to spam bots, which will try to post a value. My validation code will, however, generate an error if the custom field posts a value, and therefore should prevent most spam bots from going through.
Let me know if it works!
Here’s the hidden field that users don’t see but spam bots do. If they fill the input with a value, the WooCommerce Checkout page will return a validation error. Fingers crossed…
PHP Snippet: (Try to) Prevent Spam Orders @ WooCommerce Checkout
/** * @snippet Custom Captcha @ WooCommerce Checkout * @how-to Get CustomizeWoo.com FREE * @author Rodolfo Melogli * @compatible WooCommerce 8 * @donate $9 https://businessbloomer.com/bloomer-armada/ */ add_action( ‘woocommerce_after_checkout_billing_form’, ‘bbloomer_checkout_honeypot’, 9999 ); function bbloomer_checkout_honeypot() { echo ‘
‘; } add_action( ‘woocommerce_after_checkout_validation’, ‘bbloomer_checkout_honeypot_validate’ ); function bbloomer_checkout_honeypot_validate( $posted ) { if ( isset( $_POST[‘bb_checkout_hp’] ) && ! empty( $_POST[‘bb_checkout_hp’] ) ) { wc_add_notice( ‘Sorry, our system flagged this checkout attempt as spam. Please try again’, ‘error’ ); } }
Where to add custom code?
You should place PHP snippets at the bottom of your child theme functions.php file and CSS at the bottom of its style.css file. Make sure you know what you are doing when editing such files – if you need more guidance, please take a look at my guide “Should I Add Custom Code Via WP Editor, FTP or Code Snippets?” and my video tutorial “Where to Place WooCommerce Customization?”
Does this snippet (still) work?
Please let me know in the comments if everything went as expected. I would be happy to revise the snippet if you report otherwise (please provide screenshots). I have tested this code with Storefront theme, the WooCommerce version listed above and a WordPress-friendly hosting.
If you think this code saved you time & money, feel free to join 17,000+ WooCommerce Weekly subscribers for blog post updates and 250+ Business Bloomer supporters for 365 days of WooCommerce benefits. Thank you in advance!
Need Help with WooCommerce?
Check out these free video tutorials. You can learn how to customize WooCommerce without unnecessary plugins, how to properly configure the WooCommerce plugin settings and even how to master WooCommerce troubleshooting in case of a bug!
Rodolfo Melogli
Business Bloomer Founder
Author, WooCommerce expert and WordCamp speaker, Rodolfo has worked as an independent WooCommerce freelancer since 2011. His goal is to help entrepreneurs and developers overcome their WooCommerce nightmares. Rodolfo loves travelling, chasing tennis & soccer balls and, of course, wood fired oven pizza.