Bot Fight Mode challenging ShipStation

I had Bot Fight Mode turned on in front a domain that is running a WooCommerce e-store that exports orders to ShipStation for fulfillment.

We have had this exact configuration as long as Bot Fight Mode has existed (and in fact have the same configuration for other domains with no issue).

This morning Bot Fight Mode started challenging ShipStation’s agent which polls an API on the store for new orders for this one particular domain, making it impossible for them to access the API and download new orders.

The IP addresses of the ShipStation agents are transient AWS addresses, so I can’t whitelist them. These are not bad bots. Is there anything I can do to make Bot Fight Mode ignore these requests other than turning it off altogether?

Hello, @pjv. Did you ever find a solution to this matter? ShipStation is giving me the same problem. When I turn off the Bot Fight Mode, ShipStation gives me a 500 error. When I enable the Bot Fight Mode, it renders a 503 error. On or off seems to not work, which is quite strange.

I haven’t found any solution other than disabling Bot Fight Mode for the domain that it’s challenging the shipstation bots on. Again it’s strange that I have other domains configured identically that also have the same shipstation bots consuming the same API without getting challenged.

As far as I know, if you are receiving a 500 error with Bot Fight Mode turned off, that is an actual server error that has nothing to do with Cloudflare. With Bot Fight Mode turned off, you may want to look at your server’s logs to determine what is causing it to throw a 500 error.

@pjv My developer and I figured out the above issue. It was my Cloudflare workers causing the problem. Once I deleted the workers, it allowed Shipstation to sync and upload Woocommerce orders. I still whitelisted ShipStations 4-5 IP addresses to make sure it allowed them through my firewall.

1 Like

I’ve had this same issue and despite not having any workers and writing some firewall rules, this doesn’t appear to fix the issue.

I believe it’s because Bot Fight Mode isn’t following the rules and has it’s own. Either that or I’m writing them long, would be interested if anyone else found a way around this. I’ve written user agent and IP rules to allow the traffic but it still gets blocked.

We are having the same issue – orders are unable to refresh in Shipstation when Bot Fight Mode is enabled. We tried everything mentioned and do not have workers set up. There must be a way to have Bot Fight Mode work with Shipstation?

Having the same issue, even with bot fight mode disabled entirely. What could be causing this?