Integration guide
WooCommerce setup
Install Predax Fraud Guard and configure checkout risk scoring, enforcement modes, VPN/proxy signal controls, and automatic order tagging.
Prerequisites
- An Predax account with a live API key (register free)
- WooCommerce 6.0 or later already installed and active
- WordPress 5.8 or later, PHP 7.4 or later
1. Installation
- 1In WordPress admin, go to Plugins → Add New and search for “Predax Fraud Guard” (or install it from the WordPress.org directory).
- 2Click Install Now, then Activate Plugin. WooCommerce must already be active.
- 3Open the Predax setup wizard on first activation, or go to WooCommerce → Settings → Predax tab.
2. Connect your API key
- 1Paste your API key (starting with
prdx_) into the API Key field. - 2Click Test Connection — the status badge should turn green.
- 3Click Save changes.
Local dev / Docker
If WordPress runs inside Docker, localhost resolves to the WordPress container — not your Predax API.
- • Docker Desktop:
http://host.docker.internal:8000 - • Linux (same server):
http://172.17.0.1:8000 - • Same Docker network:
http://api:8000
3. Choose an enforcement mode
Start with Tag Only. This adds Predax risk data to your orders as notes and tags with no customer-visible impact — letting you review real traffic before deciding whether to enable blocking.
| Mode | What happens |
|---|---|
| Tag Only | Scores all checkouts. Orders above the tag threshold receive order notes, tags, and metadata. No orders are blocked. |
| Block High Risk | Same as Tag Only, plus: rejects checkout if risk score ≥ block threshold (default 70). |
| Block Critical | Same as Tag Only, plus: only blocks checkouts with risk score ≥ 90. Less aggressive. |
In addition to mode-based blocking, any enabled fraud signal (VPN, proxy, country block) can independently trigger a block regardless of risk score.
4. Set thresholds
| Setting | Default | Recommended |
|---|---|---|
| Tag threshold | 40 | 40 — flags medium+ risk for review |
| Block threshold | 70 | 70 — only active in Block High Risk mode |
5. Configure fraud signals
Each fraud signal has an independent Off / Monitor / Block radio control. Setting a signal to Block means any checkout from that type of IP is rejected outright, regardless of risk score or mode.
| Signal | Recommended | Notes |
|---|---|---|
| VPN | Monitor → Block | Start on Monitor to understand volume, then switch to Block |
| Proxy | Monitor → Block | Open/anonymous proxies are high fraud risk |
| Tor | Block | Almost no legitimate ecommerce traffic uses Tor |
| Datacenter | Monitor | Catches card-testing bots; some B2B traffic comes from datacenters |
| Timezone mismatch | Enable (toggle) | Flags when browser TZ ≠ IP geolocation — low false-positive rate |
6. Understanding order notes & tags
For any order that meets the tag threshold, the plugin adds a private order note and WooCommerce order tags automatically.
Example order note
Order tags applied
- • Predax
- • Predax: Low / Medium / High / Critical Risk
- • Predax: VPN
- • Predax: Proxy
- • Predax: Tor
- • Predax: Datacenter
- • Predax: TZ Mismatch
Order metadata (_meta keys)
- • _predax_risk_score
- • _predax_risk_level
- • _predax_ip
- • _predax_country_code
- • _predax_is_vpn / _proxy / _tor / _datacenter
- • _predax_is_timezone_mismatch
You can query order metadata in WooCommerce reports, custom views, or via get_post_meta($order_id, '_predax_risk_score', true) in custom code.
7. Custom scoring weights
The plugin can send per-user scoring weight overrides with each checkout check, tuning how the Predax API weighs each signal for your specific store. Configure weights in the Custom Scoring section of WooCommerce → Settings → Predax, or manage them from your Predax dashboard.
8. Country & region blocking
You can block checkouts by individual country or by world region. A blocked country or region hard-rejects the checkout with a generic error message regardless of risk score or enforcement mode. Use this for compliance requirements or if you only ship to specific countries.
9. Verify
- 1Place a test order from a known VPN or proxy IP.
- 2Check the order in WooCommerce → Orders — it should have an Predax order note and tags.
- 3In the order note, verify the risk score, IP, country, and detected signals match what you expect.
- 4Use your Predax dashboard lookup to manually check the same IP and compare scores.
Troubleshooting
Test Connection fails
Check the API key starts with prdx_. If in Docker, the API base URL may need updating — see the Docker note in step 2.
Orders are not getting risk notes
The tag threshold must be set and the order's risk score must meet it. Start by lowering the tag threshold to 20 to confirm the connection is working, then raise it.
Legitimate customers are being blocked
Switch VPN and proxy signals to Monitor instead of Block. Review which flag is triggering the block in the order note and adjust accordingly.
Timezone mismatch is triggering on all orders
This can happen if the hidden field is not being populated by JavaScript. Check that predax-woo-tz.js is loading on your checkout page (browser console, Network tab).
