FlareGuard is a security module for OpenCart that integrates directly into the site's entry point and acts as a guard against DDoS activity, HTTP flooding, and malicious bots. When traffic becomes suspicious, the module doesn't shut down the store, but rather gently redirects visitors to Cloudflare Turnstile for verification or blocks clearly malicious sources.
Why do you need FlareGuard?
If a site experiences a sudden surge in requests (from bots, parsers, crawlers, or attempts to overwhelm the server), genuine customers and conversion suffer. FlareGuard addresses this in a targeted manner: it doesn't interfere with legitimate users, but quickly filters out suspicious IP addresses and aggressive User Agents.
How does protection work?
Rate limiting of IP requests within a time window.
"I'm under attack" mode - forced checking for everyone except the whitelist.
Human verification via Cloudflare Turnstile (no annoying images, as gentle as possible for the visitor).
Automatic blocking during HTTP flooding with recording of IP addresses in a separate blocking file.
Manual lists whitelist (allow) and blacklist (block) by IP, CIDR ranges and User-Agent fragments.
Page exclusions – you can disable checks for individual URLs (e.g. robots.txt, sitemap, checkout).
What data is analyzed
Visitor's IP address ( REMOTE_ADDR )
Browser/bot User-Agent
Requested URL ( REQUEST_URI )
Request method (GET/POST), including AJAX request handling
Manual blocking - IP/CIDR/User-Agent that should be denied access.
HTTP flood
flood threshold per minute
fast flood: time window (sec.)
fast flood: number of requests
list of automatically blocked IPs with the ability to delete (unblock)
Logging and dynamic adaptation – recording events and enhancing response to abnormal activity.
Excluded pages are URLs/URL parts that are not checked.
Log size limitation - if the specified volume is exceeded, the traffic.log file is automatically cleared.
Important: For verification to work, you must first create Cloudflare Turnstile keys and specify them in the settings. Without this configuration, the module will report an error and will not be able to properly enable protection.
Recommendations for setting up
To find the right balance between security and convenience, start with moderate values and gradually adjust them to your actual traffic.
Normal mode the request threshold is 80–150/min per IP (depending on the traffic and complexity of the pages).
If you notice an "attack" turn on the "I'm under attack" mode - this will quickly block most automated requests.
Don't block useful stuff whitelist search bots and monitoring services (by User-Agent or IP).
Be careful with checkout it's best to add the checkout page to the exceptions list to avoid disrupting payments and redirects.
Check the logs traffic.log is a great way to figure out who's pushing your site and tighten up your manual rules.
Application examples
If your online store is experiencing a slowdown in the evening due to parser bots, you can enable HTTP flooding and add suspicious User-Agents to manual blocking.
Your site is under attack from multiple IP addresses. Activate "I'm under attack" mode, and the whitelist allows access to search engines and your services.
To maintain SEO accessibility, exclude robots.txt and sitemap from checks so that robots don't encounter captchas.
Leave your review about this product