I am using a free Cloudflare plan for my wordpress/Woocommerce online store. For this I use an external shipping software solution: Billbee. Recently I noticed that Billbee can’t connect to my site anymore and I was able to trace the problem back to Cloudflare’s botfight mode.
As described in this post, I’ve already tried whitelisting the Billbee IP or User-Agent but without success.
(ip.src eq 159.69.228.174)
It seems as if the botfight mode would take effect before the firewall rules do.
In the picture above you can see the activity log with the bot fight mode turned off (9:41) as well as in the activated mode (10:07).
The firewall rule only takes effect when botfight mode is turned off.
Is there any other way i can whitelist my API connection and keep bot fight mode running?
It knows to happen due to the WordPress using HTTP/1.0 and empty user-agent, therefore while executing WP-Cron or some other related JSON/REST API request via plugin.
would be IP Access Rules 