I am under WooCommerce order spam attack: I never seen this kind before

My personal shop from coderevolution.ro is under a weird kind of spam attack, I get tons of failed orders, each coming from a different person.

What are the people who do this kind of attack have to win from it? No idea, as all orders are set to use PayPal and all fail at payment.

Did you face similar problems before, if yes, how did you solve it?

Any idea how to fix this, maybe adding a captcha on order finalization would be helpful.

image1164×730 41.5 KB

As more detail on this, each order looks normal, has full info provided, each time unique data is entered:

image491×584 14.5 KB

Any tips appreciated.

Please explain to me how Cloudflare works do I need to upload my entire server files or just the ones that are causing issues?

I think either:

• Disable guest checkout (require registration first) + Add captcha on registration with a plugin

OR

• Add cloudflare or another layer that has bot protection.

IMO, I think the first option is easiest and quick to implement.

CloudFlare’s Under Attack Mode seems to be the best solution, while the attack lasts.