#Genazvale

Hi there!

Can you share the webhook endpoint ID (we_xxx)? And what do you mean by "flood" exactly?

it's we_1DyFadKFgWVc4PH5UTYl2Z8a.
On the screenshot is what I mean by flood. To many requests in a short period of time.

This webhook endpoint is listening to ALL events. Do you really need this?

You should only listen to the events you actually need.

Thanks! Makes sense, but there're too many, I'm not sure which ones to keep. Anyways, it's not a problem. I didn't have any issues in a few years, until yesterday. It looks like DDoS attack.

Looks like your server failed, which means Stripe retried to send the events, which made your sever fail even more.
The solution is to only listen to events you actually need. Usually less than 10 is enough.

It won't help, there're only two events in the list.
customer.created
payment_method.attached
Even if I keep only two of them (and they are essential), it would still be the same.
The server failed because I blocked them, because they killed the server.

So what is your end goal here? Disable this webhook? Stop the retry events from the webhook? Something else?

If you blocked requests from your server, it's expected that all events are failing and will be retried by Stripe.

right. The goal is to get rid of those requests. It's like a DDoS - every second a few fake payments requests created, which creates tons of requests for the server, which goes down because of them. If I block them to keep the server alive (which is the only way for now), then real payments won't go through. So the goal is to stop them somehow or filter fake from real ones, or something like that.

The goal is to get rid of those requests.
Then just delete the webhook endpoint and re-create a new one.

then they will go to the new one, no?

No, you will get only the new events I think.

May work, thank you! But also, how do I delete the endpoint? I don't see this option in "Update details". Should I recreate the entire webhook?

Is this what you mean? Add endpoint?

You can disable the existing webhook endpoint, and then create a new one.

Thanks! Won't it hurt new real payments?

Also, I have to set the url. If I use the same url, it won't help, right? Because nothing will change for the requests. So I have to set another url?

For new payments you will recieve the events to your new webhook endpoint. The issue is for past payments that were sent to your server but your server responded with an error. So you'll need to check those.

Not really. I'm still getting them every second.

Give me a few minutes to look into this.

Did you disable the existing webhook endpoint and create a new one?

https://tenor.com/view/spongebob-worship-worshipping-now-bowing-gif-12297363

not yet. I'm not sure how to deal with the url. If I keep old one, they will still come there, if I change it, I'm not sure the real payments will work.

You should keep the same URL, since your code that handle webhook events is there.

ok, disabled the old one.

how can I test if it works?

Did you create the new webhook endpoint?

Yes.

So is it working?

How do I know 🤷

Need to make a real payment to check?

If you changed this is test mode too you can create a payment in test mode

Live mode would depend on the events you set up

You might need to wait for a payment

Ok, guys, it didn't help at all, all the new requests keep flooding the new web hook, which was expected, because the link is the same.
Anyone have other ideas?
Also, how can I reach out to stripe support? There are no any options on the website.
Thanks!

Well what do you mean, whats the issue?

Did you change the webhook configuration?

https://dashboard.stripe.com/webhooks/we_1Mef9vKFgWVc4PH52VPHAIAJ

YOu set this up with almost 200 event types, why?

You should only listen for the events you need in your application

Yes, if you subscribe to all those event types you'll... get a lot of events

Thanks! As I told earlier, I'm getting only two events and they are essential - customer created, and payment method attached.
Every second I'm getting like 5 new customers.
It's not a bug or issue, it's an attack.

Ok, you need to implement controls on your customer attach and payment endpoints:
https://stripe.com/docs/disputes/prevention/card-testing#implement-controls

add captchas, require auth, use rate limits, etc

Nope, it's not that. No one actually make payments. I don't even have stripe on my website, I accept payments through a third party (thrivecart). I'm just getting tons of requests to the webhook url. Thousands.
It's not card testing.

Ok then you will need to speak to ThriveCart about these requests since yes they are coming from their platform

Whoops, sorry, Didn't mean to lock

no, they are not from there.

Check out this server log. That's what is happening.

The requests the lead to these events are: https://dashboard.stripe.com/logs/req_KbVuBTRK0lZMjT

You can look over your logs to see other example requests

Yes, I saw them. They have different responses. From card declined to wrong amount.

Sure, but these are requests from the paltform, they can be invalid for many reasons

but these are what are leading to your event flood

what? I don't understand, sorry. 🙂

they all have Thrivecart, you're right.

Yes

Your first order issue is an overwhelmed webhook endpoint

This is because its getting a lot of events

These events are related to lots of requests

Those requests are coming from the platform you're connected to

got it, thank you. But how it can be? How can they come from the platform? Like "someone" (bot) is filling out my payment form on their website?

More or less, yes, these are requests enabled by the platform -- I can only speculate on their origins

well, is it like DDoS but on the payment gateway, rather than on the website?