Assistance Required for PCI Compliance Issue – TCP Source Port Pass Firewall

sujith.d · February 25, 2025, 7:43pm

What is the name of the domain?

What is the error number?

PCI Compliance Issue – TCP Source Port Pass Firewall

What is the error message?

TCP Source Port Pass Firewall 104.26.3.16

What is the issue you’re encountering

Hi Cloudflare Community, I recently ran a PCI compliance scan and encountered an issue related to TCP source port passing through the firewall. The flagged IP is 104.26.3.16. Has anyone else faced a similar issue? I’d appreciate guidance on how to resolve this while ensuring our firewall settings remain compliant with PCI standards. Are there specific configurations or rules I should apply in Cloudflare to mitigate this? Thanks in advance for your help!

Was the site working with SSL prior to adding it to Cloudflare?

Yes

What is the current SSL/TLS setting?

Off

sjr · February 25, 2025, 7:48pm

Remember that Cloudflare is a proxy and although the proxy anycast IP address may respond on different ports, this traffic won’t get to your site. See…

For PCI compliance you should scan against your origin.

system · March 12, 2025, 7:48pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How to solve pci compliant on cloudfare Security	16	12347	August 5, 2022
TCP Source Port Pass Firewall PCI DSS fails Access	5	10060	August 22, 2022
Inquiry Regarding "TCP Source Port Pass Firewall" Behavior on IP 188.114.97.12 Security	2	42	February 25, 2025
The host responded Security	2	2402	May 27, 2023
PCI scan fail due to TCP source port Security	2	576	May 31, 2024