Breakpoints & Breaktime

December 29, 2020
Woocommerce / WordPress

Prevent Orders from Blacklisted Email Addresses in WooCommerce

by Jigang Guo

Why Block Orders from Certain Emails?

Blocking orders from known suspicious or unauthorized users can:

  • Reduce fraud attempts.
  • Protect your business from chargebacks.
  • Enforce terms of service and regional restrictions.

Example: Block Orders Based on Email Address

The following snippet hooks into the WooCommerce checkout validation process. It checks the customer’s billing email against a predefined blacklist. If a match is found, the order submission is halted with a custom error message.

Add this to your theme’s functions.php file or a custom plugin:

add_action( 'woocommerce_after_checkout_validation', 'wprs_blacklist_billing_email', 9999, 2 );

function wprs_blacklist_billing_email( $data, $errors ) {
    $blacklist = [ 'hello@example.com', 'info@lorem.io', 'me@john.co' ];
    if ( in_array( $data['billing_email'], $blacklist ) ) {
        $errors->add( 'blacklist', __( 'Sorry, our website is currently unable to process your request.', 'bbloomer' ) );
    }
}

How it works:

  • The function wprs_blacklist_billing_email is triggered during checkout validation.
  • If the customer’s email matches one of the blacklisted addresses, WooCommerce displays an error and halts the checkout process.

Optional: Block Orders Based on Shipping Address

You can also expand this logic to evaluate shipping addresses. For instance, if you want to block all orders from a high-risk region:

add_action( 'woocommerce_after_checkout_validation', 'wprs_blacklist_shipping_region', 9999, 2 );

function wprs_blacklist_shipping_region( $data, $errors ) {
    $blocked_countries = [ 'NG', 'PK', 'RU' ]; // ISO country codes
    if ( in_array( $data['shipping_country'], $blocked_countries ) ) {
        $errors->add( 'blocked_country', __( 'We are currently not shipping to your region.', 'your-text-domain' ) );
    }
}

Summary

WooCommerce offers powerful customization tools through hooks like woocommerce_after_checkout_validation. By adding a simple PHP snippet, you can easily:

  • Prevent blacklisted users from placing orders based on their email.
  • Block risky regions based on shipping addresses.
  • Improve your store’s security and risk management.

For long-term maintainability, consider storing blacklisted entries in the database or integrating with a third-party fraud prevention service.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may also like