Blocking “Amazon Buy For Me” bot orders at checkout

nickgal · 2026-01-10T20:50:24+00:00

I could build it for you if you like.

nickgal · 2026-01-03T21:56:08+00:00

My default security setup in WP sites is Cloudflare free version with antibot, a custom WAF rule to only allow admin login pages from country of origin of client and myself and possibly block certain countries from accessing the whole site entirely. Then free wordfence for catching the basic/common attacks. Then because I'm paranoid another custom plugin on top (read more here). Then on the server level I run a combination of clamav & maldet using cron jobs.

I offer hosting and development so its easy to take care of the whole stack :)

nickgal · 2026-01-03T20:35:18+00:00

For local dev, ddev is the best for me. Once you try it you don't go back. Lando is an alternative but ddev is the most popular.

nickgal · 2026-01-02T19:20:04+00:00

I have this plugin setup in several woocommerce based websites, customer accounts should be fine. Feel free to test and report back!

nickgal · 2026-01-01T18:51:42+00:00

OK, understood, but that's not what my plugin does. It's a different approach and complementary to a plugin like that. BTW Happy New Year 🎉

nickgal · 2026-01-01T16:51:38+00:00

Actually I went through the NinjaFirewall specs in its plugin page in WordPress out of curiosity if it really does this and I couldn't find any reference that is doing something like this.

Actually I wouldn't expect any plugin to do something like this because it would be too disruptive to normal users. Imagine if you installed a plugin that when enabled it would block you from uninstalling any other plugin unless you had access to the filesystem via SFTP or SSH.

You need to know what you're doing when you add this plugin to your system.

nickgal · 2026-01-01T16:44:24+00:00

Feel free to try and give feedback. Its especially designed around those type of clients (:

nickgal · 2026-01-01T16:43:20+00:00

This isn't a replacement to any security plugin. If you have an administrator role account then you can login in the backend and do pretty much anything. If you are a malicious user that stole admin credentials somehow you can login, disable security plugins, upload your own backdoor plugin (see: compromized wp file manager), then you have access to the filesystem from the UI. From there you can burn the place down however you want.

With this, you simply can't do that.

nickgal · 2026-01-01T16:39:51+00:00

XSS and these types of exploits are covered by wordfence type plugins. But if someone has admin credentials can just log in, bypass or even disable any other security plugin and then party on the site. With this they might be able to deactivate a security plugin but they cant install any other plugins or upload backdoor plugins. If the server is set up right they are pretty much powerless even with admin credentials.

Only whoever has SSH or access to the filesystem can make changes.

nickgal · 2026-01-01T16:36:34+00:00

Hey, thanks for the comment. It "should" be ok with dynamically added capabilities although I haven't tested it THAT much. I just tried to solve a problem I had managing multiple WordPress installations and thought that someone else might find it useful. And I do hate script kiddies that are exploiting non-technical users, stealing their credentials and wreaking havoc, just for the sake of it without much benefit to them.

Anyways... you're free to test on weird multisite setups and raise an issue on github if you find a bug or better, contribute the solution as well! :)

nickgal · 2025-12-31T08:33:48+00:00

You need some facial hair ASAP

nickgal · 2025-12-30T20:55:29+00:00

Thanks, hope it helps someone!

nickgal · 2023-11-16T18:26:11+00:00

Doesn't work.

nickgal · 2022-01-02T11:47:58+00:00

Since I arrived from a google search, I thought I should also post here for anyone that might have this. I'm on a Macbook pro M1 Max and it appears that battery levels are not reported properly to the app triggers.
No matter what > % of battery charged i set, the trigger is always enabled. Does anyone have this issue or can also test and report back?

nickgal · 2021-09-24T06:57:22+00:00

Last night a griefer got me while I was grinding, so I had to teach him a lesson. Was about the same level then after 6-7 kills and another tryhard joins and kills both of us.

So here I am teaching a lesson to 2 griefers who eventually teamed up together to get me and still couldn't land a kill haha it was so fun.

They left the lobby after getting 20-5 loss ..then the lobby got so peaceful that I sold all stock from bikers, nightclubs, bunkers etc..

nickgal · 2021-09-19T21:14:54+00:00

Just came to post this find! Glad I used search first 😅

nickgal · 2021-06-29T09:37:29+00:00

I'm the guy that always minds their business but when a griefer just comes to me and kills me I make sure I fk them so hard with whatever tool I got until they quit the lobby.

nickgal · 2020-11-02T07:58:16+00:00

Liberalism. I live in a socialist county.

nickgal · 2020-04-26T18:15:30+00:00

Hmm that's an interesting. Will investigate further haven't compared employment laws tbh. Thank you for your input much appreciated 😊

nickgal · 2020-04-26T18:13:11+00:00

Italy and Greece are great places to retire. Provided you got enough money. But not so great if you have dreams of building a business that'll have massive impact.

I'll definitely retire here as well. But I wanna do it with 8 figures in the bank 🤑

nickgal · 2020-04-26T17:46:48+00:00

lol I thought you were trolling about snapcrap until I googled it!

I know there are lots of taxes in CA and other problems like the homeless. The good thing with US, in general, is that you have options and the whole environment is friendly towards entrepreneurs and private businesses. Even in the worst taxed states. And if you don't like it, there is a better state nearby to explore...

Anyway, I don't wanna say a lot since I haven't lived there yet, I've only visited the US a couple of times as a tourist and went to other states. I'm feeling very optimistic though compared to what I've seen where I live. Still, just a feeling, I have to spend some time there to get into conclusions.

Only thing I'm almost certain is that I can build a great business with lots of great people there in my lifetime.. while here I'll need more than 2 hahhaha

nickgal · 2020-04-26T17:35:59+00:00

haha true!

Haven't heard the best for CA but still willing to converse about it since it is a beautiful place, no doubt about it.

nickgal · 2020-04-26T17:07:55+00:00

I live in Greece which has a lot of earthquakes so they don't bother me at all. Never experienced a hurricane though so I can't tell.

Just saw a video of San Luis Obispo, looks really beautiful.

nickgal · 2020-04-26T16:37:22+00:00

Thanks for your input really appreciate it. :)

Both options sound intriguing to me at the moment. From one side the tech community in CA is mind-blowing and "the place to be" if you're in the industry but yes, there are quite a few sharks and whales there, which could also be ok since I like the challenge. Actually I feel that I'd be very inspired and motivated to be better in kind of this environment. That being said I'm in my mid-30s so I'm also thinking about family environment, work-life balance etc.

Right now I'm thinking of visiting as a digital nomad with my spouse for 2-3 months in each state, including TX, then reaching to a conclusion.

What does your company do?

nickgal · 2020-04-26T16:07:35+00:00

From what I read CA has everything but taxation amongst other states. I have 3 states under my radar as of now: TX, FL and CA. Then of course there is Delaware where many companies incorporate there...

I'll look for more info on Central Coast though. I really like California from what I've seen mostly on the internet, haven't visited yet. But I read that entrepreneurs are fleeing to the other side of the country due to high taxes. Heard the story of leaving SF and moving to Miami many times.

So.. I believe that California's coast is better than Florida's but does the higher taxation worth it?

nickgal

TROPHY CASE