Hundreds of Joomla sites are using Cloudflare to make their site
faster with free CDN services and increase effective security with some
cool features like Threat Control, Page Rule etc. Recently some of our
customers face high priority issue related to payment system with our
product PayPlans. The issue was that after successfully completion of
payment, subscription didn't get activated.
PayPlans process the notification sent by payment gateway and
activate subscription on basis of received response. And in this case
we didnât get any notification.
With debugging this for few days, we get to know that due to some
confusing settings done at Cloudflare between Page Rule and Threat
Control this issue arises.
So, todayâs blog is about to set up Cloudflare properly with
PayPlans or services you are using.
What is Page Rule and When to use it ?
Page Rule is a powerful tool which provides site owner to control
or change CloudFlare CDN and feature behaviors on a URL / page-by-page
basis. Common usage are toggling between http or https, port, redirect
visitor to another URL, cache policy etc.
Page Rule is mostly used to Disable Performance, Security or
CloudFlare Apps to a specific URL.
You can access Page Rules in your CloudFlare 'Settings' options.
If you do not want to have caching function on these specific
URLs, then it's recommend setting to create a Page Rule to Bypass Cache
for these URLs.
So user has created a page rule in which he has excluded all the
above URL of payplans. But still it didnât work.
Reason behind this - Page Rule is used for above mentioned
functionality while here user need to Add IP address of used services
(Payment Gateway IP Address) in Cloudflare Threat Control Panel.
Add IP Address in Trust List of Threat Control Panel
CloudFlare Threat Control Panel allows to manage all banning,
unbanning, and clearing of IP addresses across your entire CloudFlare
account. By default CloudFlare and Firewall block IP address with high
threat or some services, so it may prevent your required services to
access your backend and perform its task.
Go to your CloudFlare Threat Control panel and whitelist IP
addresses of your desired services or from which you want traffic. In
general, you must whitelist the IP of services which you are using like
Payment Gateway IP used to send notifications
APIs youâre pulling requests
Search Engine or Social Media Crawlers
Like we have added IP address of our Payment Gateway from where we are receiving IPN
response i.e. PayPal Live and Sandbox PayPal.
Important : If you are using any such service then
make sure that requests are not being blocked at CloudFlare and
properly added to whitelisted on Trust List section. This will save
If you have a website, do you use a CDN, or having any other
experience ? Please chime in below. Our team is welcome to comment, too