Shahid Malla

WHMCS Fraud Prevention and Order Screening Tools

Shahid Malla Shahid MallaDecember 30, 202510 min read
WHMCS Fraud Prevention and Order Screening Tools

Fraud costs hosting companies thousands in chargebacks and abuse. WHMCS has built-in tools to catch fraudsters before they become customers.

Common Hosting Fraud Types

  • Stolen Credit Cards: Fraudsters buy hosting with stolen cards
  • PayPal Disputes: Claim "unauthorized transaction" after receiving service
  • Abuse Signups: Create accounts for spam, phishing, or attacks
  • Free Trial Abuse: Create multiple accounts for perpetual free service

MaxMind Integration

WHMCS integrates with MaxMind minFraud for real-time fraud scoring:

  • IP geolocation and proxy detection
  • Email domain reputation
  • Device fingerprinting
  • Historical fraud patterns

Setup

  1. Create MaxMind account and get license key
  2. Go to Setup → Other → Fraud Protection
  3. Enter MaxMind credentials
  4. Configure score thresholds

Fraud Rules

Configure automatic actions based on fraud score:

  • Score 0-20: Accept automatically
  • Score 21-50: Accept but flag for review
  • Score 51-75: Hold for manual review
  • Score 76+: Reject automatically

Additional Protections

CAPTCHA

Enable reCAPTCHA on registration and checkout to stop bots.

Order Holds

Automatically hold orders that match risk criteria:

  • High-value first orders
  • Free email providers (Gmail, Yahoo)
  • High-risk countries
  • VPN/proxy detected

Custom Hooks

add_hook('AcceptOrder', 1, function($vars) {
    // Block known disposable email domains
    $blockedDomains = ['tempmail.com', '10minutemail.com'];
    $email = getUserEmail($vars['orderid']);
    $domain = substr($email, strpos($email, '@') + 1);
    
    if (in_array($domain, $blockedDomains)) {
        return ['abortWithError' => 'Disposable emails not allowed'];
    }
});

Manual Review Process

  1. Verify phone number matches location
  2. Check if email domain exists and is reputable
  3. Look for previous fraud from same IP/email pattern
  4. Request additional verification for suspicious orders

Handling Chargebacks

  • Document everything: IP, timestamps, communications
  • Respond promptly with evidence
  • Use Address Verification Service (AVS)
  • Consider 3D Secure for card payments
Share this article:
Shahid Malla

About Shahid Malla

Expert

Full Stack Developer with 10+ years of experience in WHMCS development, WordPress, and server management. Trusted by 600+ clients worldwide for hosting automation and custom solutions.

View Profile Hire Me