Allowlist Bot (Payment Gateway)

Website, Application, Performance Security
1

What is the name of the domain?

www.dampfi.ch

What is the error number?

What is the error message?

What is the issue you’re encountering

Payment Gateway blocked

What steps have you taken to resolve the issue?

All the IPs used by the Payment Gateway are allowlisted. I also see, that the WAF rule does work as expected. However, when enabling the Basic Default Bot Blocking options, no payment confirmation can received anymore

Was the site working with SSL prior to adding it to Cloudflare?

Yes

What is the current SSL/TLS setting?

Full

What are the steps to reproduce the issue?

Screenshot of the error

blocked.png
blocked.png1515×863 70.8 KB

2

WAF Rule (IP allowlist) seems to work:

waf-rule
waf-rule1540×864 65 KB

3

If that domain in on a Free Plan, you can’t skip Bot Fight settings.

https://developers.cloudflare.com/bots/get-started/free/#limitations

4

Thank you for your reply.
But it is a paid plan and I would like to enable the bot blocking feature.

5

If that’s the case, your Skip may not have the right features ticked for skipping.

Can you post a screenshot of all the features your Skip rule has enabled for skipping?

6

I don’t see a lot of features to enable/disable.
That’s how it looks like:

image
image1585×1291 114 KB

7

Ah, it looks like you’re trying to skip within Managed Rules, instead of Custom Rules. Managed Rule exceptions are only for skipping Managed Rules. Custom Rules would look like this:

Screenshot 2025-03-18 at 6.01.54 AM
Screenshot 2025-03-18 at 6.01.54 AM2974×1956 393 KB

1 Like
8

Ahaaa :wink:
Thank you very much!

1 Like
9

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.