Tips to use cloudflare with e-Commerce Sites

Cloudflare Payplans Oversight

Garima Agal , 05 December, 2014


Hundreds of Joomla sites are using Cloudflare to make their site faster with free CDN services and increase effective security with some cool features like Threat Control, Page Rule etc. Recently some of our customers face high priority issue related to payment system with our product PayPlans. The issue was that after successfully completion of payment, subscription didn't get activated.

PayPlans process the notification sent by payment gateway and activate subscription on basis of received response. And in this case we didn’t get any notification.

With debugging this for few days, we get to know that due to some confusing settings done at Cloudflare between Page Rule and Threat Control this issue arises.

So, today’s blog is about to set up Cloudflare properly with PayPlans or services you are using.

cloudflare
CloudFlare

What is Page Rule and When to use it ?

Page Rule is a powerful tool which provides site owner to control or change CloudFlare CDN and feature behaviors on a URL / page-by-page basis. Common usage are toggling between http or https, port, redirect visitor to another URL, cache policy etc.

Page Rule is mostly used to Disable Performance, Security or CloudFlare Apps to a specific URL.

You can access Page Rules in your CloudFlare 'Settings' options.

adding cloudflare page rules
Adding CloudFlare Page Rules

Example :

  • yoursitedomain.com/index.php/subscribe
  • yoursitedomain.com/index.php/mydashboard
  • yoursitedomain.com/index.php/membership
page rules example
Page Rules Example

If you do not want to have caching function on these specific URLs, then it's recommend setting to create a Page Rule to Bypass Cache for these URLs.

So user has created a page rule in which he has excluded all the above URL of payplans. But still it didn’t work.

Reason behind this - Page Rule is used for above mentioned functionality while here user need to Add IP address of used services (Payment Gateway IP Address) in Cloudflare Threat Control Panel.

Add IP Address in Trust List of Threat Control Panel

CloudFlare Threat Control Panel allows to manage all banning, unbanning, and clearing of IP addresses across your entire CloudFlare account. By default CloudFlare and Firewall block IP address with high threat or some services, so it may prevent your required services to access your backend and perform its task.

Go to your CloudFlare Threat Control panel and whitelist IP addresses of your desired services or from which you want traffic. In general, you must whitelist the IP of services which you are using like :-

  • Payment Gateway IP used to send notifications
  • APIs you’re pulling requests
  • Security services
  • Search Engine or Social Media Crawlers

Like we have added IP address of our Payment Gateway from where we are receiving IPN response i.e. PayPal Live and Sandbox PayPal.

cloudflare trust list
CloudFlare Trust List

Important : If you are using any such service then make sure that requests are not being blocked at CloudFlare and properly added to whitelisted on Trust List section. This will save your site

If you have a website, do you use a CDN, or having any other experience ? Please chime in below. Our team is welcome to comment, too

/
Posted In - PayPlans
blog comments powered by Disqus