Storefront Sentry
Documentation

Complete technical documentation for Shopify integration, webhook handling, and merchant-facing features

Overview

Storefront Sentry is a comprehensive bot protection and fraud prevention system designed specifically for Shopify merchants. This documentation covers both the technical implementation details for Shopify app development and the merchant-facing features that provide real-world protection against automated threats.

Core Protection Layers

  • • VPN & Proxy Detection and Blocking
  • • Geographic Access Control
  • • Cryptographic Checkout Validation
  • • Real-time IP Reputation Analysis

How It Works

Easy Installation

Storefront Sentry installs in minutes from the Shopify App Store with no technical setup required.

Simple Setup Process

  1. Install app from Shopify App Store
  2. Grant necessary permissions for protection
  3. Configure your protection preferences
  4. Start blocking fraudulent traffic immediately

What We Protect

  • • Automated bot checkouts
  • • VPN and proxy traffic
  • • Geographic threats
  • • Credit card testing attacks

Merchant Features

VPN & Proxy Blocking

Automatically detects and blocks traffic from known VPN services, datacenter IPs, and anonymous proxies.

Detection Methods

  • • IP reputation databases
  • • ASN analysis
  • • User agent patterns
  • • Connection timing analysis

Merchant Controls

  • • Enable/disable VPN blocking
  • • Custom whitelist for legitimate VPNs
  • • Blocking severity levels
  • • Real-time blocking statistics

Geographic Control

Block access from specific countries or regions where you don't do business or that have high fraud rates.

Blocking Options

  • • Country-level blocking
  • • Regional blocking (continents)
  • • Automated sanctions compliance
  • • Custom country lists

Implementation

  • • Real-time IP geolocation
  • • Automatic database updates
  • • Temporary vs permanent blocks
  • • Exception handling for existing customers

Cryptographic Checkout Validation

Requires cryptographic tokens for checkout completion, ensuring only legitimate users who've browsed your store can complete purchases.

How It Works

  1. User browses store → generates HMAC-signed token
  2. Token includes timestamp, user agent, session data
  3. Checkout validates token before payment processing
  4. Invalid tokens are rejected with user-friendly error
  5. Legitimate users experience zero friction

Merchant Dashboard

Protection Controls

Easy-to-use dashboard for managing your store's protection settings:

Real-time Status

  • • Active protection monitoring
  • • Blocked attempts counter
  • • Threat level indicators
  • • Performance metrics

Quick Settings

  • • Toggle VPN blocking on/off
  • • Manage blocked countries
  • • Adjust protection levels
  • • View blocked attempts log

Analytics & Reporting

Comprehensive insights into your store's security and the threats being blocked.

24/7

Protection Monitoring

100%

Fraud Detection Rate

<1s

Response Time