StoreGuard - IP Rate Limiter for WooCommerce

StoreGuard provides enterprise-grade IP rate limiting for WooCommerce stores of any size. By restricting the number of actions any single IP address can perform within a specific time window, StoreGuard automatically blocks malicious activity while maintaining a smooth experience for legitimate customers.

Whether you’re fighting registration spam, brute-force login attacks, comment spam, review spam, card testing fraud, or checkout abuse, StoreGuard has comprehensive protection for all critical WooCommerce functions.

7 Independent Rate Limiters

1. Registration Protection — Stop registration spam and automated bot accounts. Limit signups per IP with customizable time windows and block durations. Recommended: 3 attempts per 60 minutes, block for 24 hours.

2. Checkout Protection — Prevent payment fraud and checkout abuse. Covers classic forms, AJAX checkout, and WooCommerce Blocks. Recommended: 10 attempts per 60 minutes, block for 12 hours.

3. Login Protection — Block brute-force password attacks across all login methods (WordPress login, WooCommerce account login, REST API, custom endpoints). Recommended: 5 failed attempts per 30 minutes, block for 60 minutes.

4. Password Reset Protection — Prevent email enumeration attacks by limiting password reset requests per IP. Stop attackers from discovering valid email addresses in your system.

5. Comment & Review Protection — Stop spam submissions on posts, pages, and product reviews. Configure independently for different limits on comments vs. reviews.

6. Payment Method Protection — Reduce card testing attacks by limiting payment method additions per IP. Works with all WooCommerce payment gateways and REST API.

7. IP Management — Whitelist trusted IPs (office, developers, partners), manually block suspicious IPs, and view all currently blocked IPs in your dashboard.

Professional Features

Security Monitoring — Dashboard widget shows recent blocks, detailed logs show exactly what was blocked and why, email notifications alert you immediately to suspicious activity.

Flexible Configuration — 7 organized tabs in WooCommerce settings, recommended starting values provided for each limiter, fully customizable from dashboard, no coding required.

Activity Logging — Comprehensive logs for each rate limiter type, block event history with timestamps, security audit trails, filter by IP address and action.

Email Alerts — Real-time notifications when IPs are blocked, customizable email templates with placeholders, configure sender, subject, and body, enable/disable as needed.

Why Choose StoreGuard?

Purpose-Built for WooCommerce — Designed specifically for WooCommerce security with native integration in WooCommerce settings.

Safe by Default — All rate limiters are OFF by default. The plugin is completely passive until you deliberately enable only the protections you need.

No Impact on Legitimate Customers — Whitelisting available for trusted IPs, generous attempt limits prevent false positives (5-10 attempts before blocking), high time windows (30-60 minutes), long block durations prevent permanent lockouts, manual unblocking available in seconds.

Enterprise-Grade Protection Made Simple — Install in 2 minutes, configure in 5 minutes with provided recommendations, comprehensive documentation included, professional admin interface following WooCommerce standards.