Implementing Hosted Pay Page with Data Preload on Wordpress

Hi,

I am trying to figure out cleanest and most secured way of switching to  Data Preload Hosted Page hosted on WordPress. 

Is there any sample code or advise on how to proceed with switching to this method when website is using WordPress ? 

 

Please  let me know.

 

  • RR_Moneris
    I'm not sure what we could suggest as far as cleanest way to switch... ideally you would want to implement in QA and then push to production.

    Just make sure that your data preload is sent to us from your server (e.g. not using HTML from user's browser).

    When doing the data preload all the HPP fields will be loaded there, and when you do the browser redirect, just pass ps_store_id, hpp_preload and ticket...

    Is the reason you are implementing data preload to prevent card testing?
  • sskoric

    In reply to RR_Moneris:

    Yes reason for implementing data preload is to prevent card testing.

    Currently there is a straight forward HTML form with Google Captcha, as a WordPress page; however as you mentioned there was a lots of card testing.

    Implementing data preload, can we leave HTML form with Google Captcha, use php file to capture value from the HTML form, and send data preload to Moneris ?
  • RR_Moneris

    In reply to sskoric:

    So with the data preload you will have to that request with PHP server side only... The data preload request should not be viewable to the user, say by doing a view source via browser.

    When doing the redirect to us with the ticket that can still be HTML. You can still keep your Captcha with that. Once implemented you might want to keep an eye on it... if your payment form is easily accessible to the public they could still use your own form to do the testing. If you find its still happening you might want to consider some time of session management or server side checks to control payments...

    do you have CVD and AVS enabled on the hosted config?