I am using a local payment gateway in my website, called Payfast. I do an API call to them to enable clients to update payment details and cancel subscriptions. This is done through cURL. This feature used to work but has recently stopped working. I have checked with my hosting provider, all good on their side, I have checked with the payment gateway provider, they did not change anything, when I perform a test on postman (ping) it works. On my side it is like an infinate loop.
I suspect it is because of the proxy. Is there a way to fix this? I have checked all settings that I thought could influence this:
- Managed Challenge Threat Score greater than 10
- Block Threat Score greater than 50
I have also disabled Bot Fight Mode to test.
If this is done through cURL, you should be able to see the difference in response by setting extra flags to see how responses differs when proxied and not proxied.
Adding the flag
-D- in the command will print response headers in stdout for you check.
Apologies. It is PHP cURL. The issue is that the page load infinitely until time out or the page is killed. There is not response on the page. It shows a time out error by Cloudflare.
Thanks for your response.
This shouldn’t change how you would approach the problem. You should reason from first principles and examine the entire request flow then review each of the request and response to see where the request is stalled or failing.
From what you described, the request is initiated from your hosting server to a payment gateway (Payfast) which suggests the request should never be proxied through Cloudflare.
Starting with your server where the request is initiated, you’d want to log the verbose output to tell if the request was sent out successfully. From what I can find PHP cURL sets them using curl_setopt.
If the request is sent out, then you should follow up with the payment gateway to confirm if the request is received and if they responded to the request from your server*.
* I’m not entirely sure (and this is where you need to confirm yourself) if the response from the payment gateway is set to respond to the website hostname or the server’s IP that initiated the request.
If it is the former then it would reach Cloudflare when the hostname is proxied and you or the payment provider need to review if there’s any issue in the response from Cloudflare.
If it’s the latter then you would need to review if your server received the response from the payment provider as mentioned before.