Back to Community
Home / Community / PluginWoocommerce

Troubleshooting WooCommerce Order Issues: Failed Payments, Duplicates, and Spam

25 threads Sep 7, 2025 PluginWoocommerce

Content

Managing a WooCommerce store comes with its challenges, and order-related issues can be particularly frustrating for store owners. Based on common community reports, this guide addresses three prevalent problems: an influx of failed/spam orders, duplicate orders, and mysterious discounts. We'll explore why these issues happen and provide practical steps to resolve them.

1. Influx of Failed or Spam Orders

Many store owners report a sudden surge in failed orders from suspicious sources. These orders often use similar but unique email patterns (e.g., [email protected]), fake addresses, and varying IP addresses, making them difficult to block individually.

Why this happens: This is typically a credit card testing attack. Fraudsters use automated bots to place small orders with stolen card details to validate them. The orders fail because the payment doesn't go through, but the attempt is logged in your store.

Common solutions:

  • Implement Advanced Fraud Prevention: While basic CAPTCHA and honeypot tools are helpful, sophisticated attacks may require more robust solutions. Consider implementing rules in your security plugin or at the server level to block orders from specific ZIP codes or regions if a pattern is detected (e.g., multiple failed orders from the same ZIP in a short period).
  • Review Payment Gateway Settings: Ensure your payment gateway's fraud detection features are configured correctly. Some gateways offer advanced settings to block suspicious transactions based on velocity or amount.
  • Server-Level Security: Work with your hosting provider to investigate server logs for patterns and potentially implement rate limiting or IP blocking for excessive POST requests to your checkout and cart pages.

2. Duplicate Orders and Payments

A particularly disruptive issue involves orders being duplicated, sometimes with duplicate payments. This often occurs across multiple payment gateways (PayPal, Stripe, etc.) and is frequently accompanied by a "Bad Gateway" error shown to the customer, prompting them to try again.

Why this happens: The root cause is often a communication failure between your site and the payment processor's server. If a customer gets an error (like a 502 Bad Gateway) after submitting payment, they may click again, triggering a second payment attempt. If the first attempt was actually successful but the confirmation never made it back to your site, both orders are created. Server timeouts or misconfigured webhooks can also cause this.

Common solutions:

  • Contact Your Payment Gateway Support: Since this issue is often tied to a specific payment plugin, the first step is to contact the support team for that gateway (e.g., Stripe, PayPal). They can check their logs for duplicate transaction attempts and help configure webhooks correctly.
  • Check Server Performance: A "Bad Gateway" error often indicates a problem with your server or the connection between your server and the payment gateway. Contact your hosting provider to investigate potential server timeouts, resource limits, or SSL certificate issues during peak traffic.
  • Test the Checkout Process: While duplicate orders can be random, try to replicate the issue by placing test orders. Monitor your server's error logs during checkout for any timeouts or connection refusals.

3. Mystery 100% Discounts Applied

Some store owners find orders where a 100% discount has been mysteriously applied, resulting in a free order with no payment method. This can happen even with no coupons active.

Why this happens: This is almost always caused by a third-party dynamic pricing or discounts plugin. A misconfigured rule—such as one granting a 100% discount for a specific user role, location, or product quantity—can trigger this. In some cases, a conflict between plugins may also cause unexpected behavior.

Common solutions:

  • Audit Your Discount Plugins: Thoroughly review all rules configured in any pricing or discount plugins. Look for rules that could apply a 100% discount based on user role, specific products, or cart total. Test these rules extensively.
  • Run a Conflict Test: Temporarily disable all plugins except WooCommerce and switch to a default theme (like Storefront). If the issue stops, reactivate your plugins one by one to identify which one is causing the conflict.
  • Check for Zero-Dollar Checkout Issues: WooCommerce may handle zero-dollar orders differently. If a 100% discount is a valid use case for your store, ensure your checkout process is configured to handle them correctly, as they often bypass the standard payment gateway selection.

General Best Practices for Order Management

  • Keep Everything Updated: Always ensure WordPress, WooCommerce, your theme, and all plugins are running the latest versions to benefit from security patches and bug fixes.
  • Regular Security Audits: Regularly review user roles, permissions, and installed plugins to minimize potential vulnerabilities.
  • Maintain Backups: Before making any significant changes to your site, ensure you have a recent backup so you can restore if needed.

While these solutions address the most common causes, persistent or complex issues may require deeper investigation into server configurations or custom code. The WooCommerce community is a great resource for sharing findings and solutions.

Related Support Threads Support