Tips to use cloudflare with e-Commerce Sites
Cloudflare Payplans Oversight
PayPlans process the notification sent by payment gateway and
activate subscription on basis of received response. And in this case
we didnt get any notification.
With debugging this for few days, we get to know that due to some
confusing settings done at Cloudflare between Page Rule and Threat
Control this issue arises.
So, todays blog is about to set up Cloudflare properly with
PayPlans or services you are using.
CloudFlare### What is Page Rule and When to use it?
Page Rule is a powerful tool which provides site owner to control
or change CloudFlare CDN and feature behaviors on a URL / page-by-page
basis. Common usage are toggling between http or https, port, redirect
visitor to another URL, cache policy etc.
Page Rule is mostly used to Disable Performance, Security or
CloudFlare Apps to a specific URL.
You can access Page Rules in your CloudFlare 'Settings' options.
Adding CloudFlare Page Rules### Example:
- yoursitedomain.com/index.php/subscribe
- yoursitedomain.com/index.php/mydashboard
- yoursitedomain.com/index.php/membership
Page Rules Example
If you do not want to have caching function on these specific
URLs, then it's recommend setting to create a Page Rule to Bypass Cache
for these URLs.
So user has created a page rule in which he has excluded all the
above URL of payplans. But still it didnt work.
Reason behind this - Page Rule is used for above mentioned
functionality while here user need to Add IP address of used services
(Payment Gateway IP Address) in Cloudflare Threat Control Panel.
Add IP Address in Trust List of Threat Control Panel
CloudFlare Threat Control Panel allows to manage all banning,
unbanning, and clearing of IP addresses across your entire CloudFlare
account. By default CloudFlare and Firewall block IP address with high
threat or some services, so it may prevent your required services to
access your backend and perform its task.
Go to your CloudFlare Threat Control panel and whitelist IP
addresses of your desired services or from which you want traffic. In
general, you must whitelist the IP of services which you are using like:-
- Payment Gateway IP used to send notifications
- APIs youre pulling requests
- Security services
- Search Engine or Social Media Crawlers
Like we have added IP address of our Payment Gateway from where we are receiving IPN
response i.e. PayPal Live and Sandbox PayPal.
CloudFlare Trust List
**Important**: If you are using any such service then
make sure that requests are not being blocked at CloudFlare and
properly added to**whitelisted on Trust List section**. This will save
your site
If you have a website, do you use a CDN, or having any other
experience? Please chime in below. Our team is welcome to comment, too
Shyam Verma
Full Stack Developer & Founder
Shyam Verma is a seasoned full stack developer and the founder of Ready Bytes Software Labs. With over 13 years of experience in software development, he specializes in building scalable web applications using modern technologies like React, Next.js, Node.js, and cloud platforms. His passion for technology extends beyond coding—he's committed to sharing knowledge through blog posts, mentoring junior developers, and contributing to open-source projects.
