We are running a wordpress site that uses a Quickbooks Plugin to sync with Quickbooks. Cloudflare is blocking the POST request to our endpoint and I do not know why. When “Pausing” cloudflare, everything works. We are not using WAF, but even after adding a rule to explicitly allow the endpoint it still fails.
Any help in the right direction would be much appreciated.
Visit your website and perform the action that would normally result in a request being blocked…
Wait a few minutes
Go to Dashboard > Security > Events. If the request was in fact blocked by Cloudflare, you should find an event related to that block action. Depending on your site traffic, you may need to filter by IP address, User Agent, URI Path, etc. to find it. Check the “Service” that blocked it.
If this was
a) Bot Fight Mode, disable this feature.
b) Super Block Fight Mode, create a WAF Custom Rule to Skip it for the specific situation, with relevant conditions such as the URI Path and the visitor’s IP, for example;
c) WAF Managed Rule, you need to create a WAF Exception for that rule. See: Add a WAF exception in the dashboard · Cloudflare Web Application Firewall (WAF) docs
d) WAF Custom Rule, you need to edit it accordingly.
That indicates that perhaps the requests are not being blocked, but not completed due to a 5XX error. If you do not find any Security Events related to these requests, please go to Analytics & Logs, then filter by
We were not using any WAF rules; however, in an attempt to solve this, I implemented a WAF rule to explicitly allow the endpoint && request method. After that was implemented I do see the matched security event - although the request still fails (443 - unauthorized). The action that I have is “Skip” and I’ve selected to skip everything possible.
I am looking at Cloudflare because of the response packet from the endpoint:
The request status is actually 200, not 443 (which is probably a reference to the default port number used by HTTPS connections.)
This response as “Not Authorized” apparently comes from the WordPress endpoint itself, and it seems to be related to authentication: But that’s odd, as a non-authorized request would normally get one of 400 Bad Request, 401 Unauthorized, 405 Method Not Allowed, or 403 Forbidden status codes.
Somehow your origin seems to be expecting something that is not being passed on by Cloudflare. Perhaps a cookie? Or a different IP address…Have you set your origin server to restore original IPs?