Builds
- prod
- turns off rate limiting and add a yaml configuration option so we can have it off only if needed
Summary
A Tiburon customer (form ID 33 on tiburontraffic.org, "Del Mar Middle: purple route, AM pass") started seeing every Stripe payment fail at 9:09 PT on 2026-06-01. Failed payments do not appear in the Stripe dashboard at all — no decline, no attempt. Gravity Forms records the error:
Payment failed to be captured. Reason: We are not able to process your payment request at the moment. Please try again later.
Root cause
The Gravity Forms Stripe add-on has a per-IP rate limiter (gravityformsstripe/class-gf-stripe.php, maybe_hit_rate_limits() around line 8514). After 5 card errors from one IP within an hour, it blocks all further payments from that IP for an hour and returns the message above — without calling Stripe at all. That's why nothing shows up in the Stripe dashboard.
Looking at the entries database on the local copy of the customer DB, every visitor's IP is a private RFC1918 address from our k8s network:
| IP |
Entries since 16:00 UTC |
| 10.24.58.5 |
7 |
| 10.24.57.4 |
3 |
| 10.24.10.6 |
2 |
| 10.24.34.4 |
1 |
| 10.24.25.4 |
1 |
Every customer in the world looks like they're coming from one of ~5 internal pod/node IPs. They all share a rate-limit bucket. Once 5 card validation errors accumulate (typos, expired cards, whatever) the whole bucket is locked out for an hour and every legitimate customer behind it is blocked.
Timeline on form 33 today:
- 16:07:47 UTC — last successful payment (pi_3TdYNRK3yBBQrr5C1uLVcGPJ)
- 16:10:21 UTC — first failure (entry 2440)
- 16:10–16:34 UTC — every single submission failed
Immediate mitigation — mu-plugin
Drop this into wp-content/mu-plugins/disable-gf-stripe-rate-limit.php on tiburontraffic.org (and any other customer hitting this) to stop the bleeding. It disables the per-IP rate limiter via the supported gform_stripe_enable_rate_limits filter. Stripe Radar still applies, so we keep server-side fraud protection — we're just turning off the broken IP-based one.
```php
Builds
Summary
A Tiburon customer (form ID 33 on tiburontraffic.org, "Del Mar Middle: purple route, AM pass") started seeing every Stripe payment fail at 9:09 PT on 2026-06-01. Failed payments do not appear in the Stripe dashboard at all — no decline, no attempt. Gravity Forms records the error:
Root cause
The Gravity Forms Stripe add-on has a per-IP rate limiter (
gravityformsstripe/class-gf-stripe.php,maybe_hit_rate_limits()around line 8514). After 5 card errors from one IP within an hour, it blocks all further payments from that IP for an hour and returns the message above — without calling Stripe at all. That's why nothing shows up in the Stripe dashboard.Looking at the entries database on the local copy of the customer DB, every visitor's IP is a private RFC1918 address from our k8s network:
Every customer in the world looks like they're coming from one of ~5 internal pod/node IPs. They all share a rate-limit bucket. Once 5 card validation errors accumulate (typos, expired cards, whatever) the whole bucket is locked out for an hour and every legitimate customer behind it is blocked.
Timeline on form 33 today:
Immediate mitigation — mu-plugin
Drop this into
wp-content/mu-plugins/disable-gf-stripe-rate-limit.phpon tiburontraffic.org (and any other customer hitting this) to stop the bleeding. It disables the per-IP rate limiter via the supportedgform_stripe_enable_rate_limitsfilter. Stripe Radar still applies, so we keep server-side fraud protection — we're just turning off the broken IP-based one.```php