Integration guide

WooCommerce setup

Install Predax Fraud Guard and configure checkout risk scoring, enforcement modes, VPN/proxy signal controls, and automatic order tagging.

WooCommerce 6.0+WordPress 5.8+PHP 7.4+v1.3.0

Prerequisites

  • An Predax account with a live API key (register free)
  • WooCommerce 6.0 or later already installed and active
  • WordPress 5.8 or later, PHP 7.4 or later

1. Installation

  1. 1In WordPress admin, go to Plugins → Add New and search for “Predax Fraud Guard” (or install it from the WordPress.org directory).
  2. 2Click Install Now, then Activate Plugin. WooCommerce must already be active.
  3. 3Open the Predax setup wizard on first activation, or go to WooCommerce → Settings → Predax tab.

2. Connect your API key

  1. 1Paste your API key (starting with prdx_) into the API Key field.
  2. 2Click Test Connection — the status badge should turn green.
  3. 3Click Save changes.

Local dev / Docker

If WordPress runs inside Docker, localhost resolves to the WordPress container — not your Predax API.

  • • Docker Desktop: http://host.docker.internal:8000
  • • Linux (same server): http://172.17.0.1:8000
  • • Same Docker network: http://api:8000

3. Choose an enforcement mode

Start with Tag Only. This adds Predax risk data to your orders as notes and tags with no customer-visible impact — letting you review real traffic before deciding whether to enable blocking.

ModeWhat happens
Tag OnlyScores all checkouts. Orders above the tag threshold receive order notes, tags, and metadata. No orders are blocked.
Block High RiskSame as Tag Only, plus: rejects checkout if risk score ≥ block threshold (default 70).
Block CriticalSame as Tag Only, plus: only blocks checkouts with risk score ≥ 90. Less aggressive.

In addition to mode-based blocking, any enabled fraud signal (VPN, proxy, country block) can independently trigger a block regardless of risk score.

4. Set thresholds

SettingDefaultRecommended
Tag threshold4040 — flags medium+ risk for review
Block threshold7070 — only active in Block High Risk mode

5. Configure fraud signals

Each fraud signal has an independent Off / Monitor / Block radio control. Setting a signal to Block means any checkout from that type of IP is rejected outright, regardless of risk score or mode.

SignalRecommendedNotes
VPNMonitor → BlockStart on Monitor to understand volume, then switch to Block
ProxyMonitor → BlockOpen/anonymous proxies are high fraud risk
TorBlockAlmost no legitimate ecommerce traffic uses Tor
DatacenterMonitorCatches card-testing bots; some B2B traffic comes from datacenters
Timezone mismatchEnable (toggle)Flags when browser TZ ≠ IP geolocation — low false-positive rate

6. Understanding order notes & tags

For any order that meets the tag threshold, the plugin adds a private order note and WooCommerce order tags automatically.

Example order note

Predax: High risk (78/100) | IP: 185.65.50.51 | Country: RU | Detected: VPN, Proxy

Order tags applied

  • • Predax
  • • Predax: Low / Medium / High / Critical Risk
  • • Predax: VPN
  • • Predax: Proxy
  • • Predax: Tor
  • • Predax: Datacenter
  • • Predax: TZ Mismatch

Order metadata (_meta keys)

  • • _predax_risk_score
  • • _predax_risk_level
  • • _predax_ip
  • • _predax_country_code
  • • _predax_is_vpn / _proxy / _tor / _datacenter
  • • _predax_is_timezone_mismatch

You can query order metadata in WooCommerce reports, custom views, or via get_post_meta($order_id, '_predax_risk_score', true) in custom code.

7. Custom scoring weights

The plugin can send per-user scoring weight overrides with each checkout check, tuning how the Predax API weighs each signal for your specific store. Configure weights in the Custom Scoring section of WooCommerce → Settings → Predax, or manage them from your Predax dashboard.

8. Country & region blocking

You can block checkouts by individual country or by world region. A blocked country or region hard-rejects the checkout with a generic error message regardless of risk score or enforcement mode. Use this for compliance requirements or if you only ship to specific countries.

9. Verify

  1. 1Place a test order from a known VPN or proxy IP.
  2. 2Check the order in WooCommerce → Orders — it should have an Predax order note and tags.
  3. 3In the order note, verify the risk score, IP, country, and detected signals match what you expect.
  4. 4Use your Predax dashboard lookup to manually check the same IP and compare scores.

Troubleshooting

Test Connection fails

Check the API key starts with prdx_. If in Docker, the API base URL may need updating — see the Docker note in step 2.

Orders are not getting risk notes

The tag threshold must be set and the order's risk score must meet it. Start by lowering the tag threshold to 20 to confirm the connection is working, then raise it.

Legitimate customers are being blocked

Switch VPN and proxy signals to Monitor instead of Block. Review which flag is triggering the block in the order note and adjust accordingly.

Timezone mismatch is triggering on all orders

This can happen if the hidden field is not being populated by JavaScript. Check that predax-woo-tz.js is loading on your checkout page (browser console, Network tab).