Cloudflare blocks Printful WooCommerce integration

Our business is using the Pro plan, meaning we are paying for this service and we could ask for improvements correct?

Here is the deal:

Currently and obviously, Printful is considered as a threat by Cloudflare when Bot fight mode is enabled. I have requested several times if there is a workaround to this, and support keeps telling me to “Allow” or UPGRADE. I do not wish to pay more nor open my site to threats. I know I could create a firewall rule to block most of these bad bots, but I do think Cloudflare could do better and at least consider Printful as a trustable source, not a bot.

Looking forward to any resolution sometime soon!

Thanks.

Greetings,

Thank you for asking.

May I ask have you tried creating a Firewall Rule with “User agent” which “conatins” a part “Printful” with the action “allow” and make sure it’s the 1st on the list (from above)? :thinking:

My best guess could be as unfortunately a lot of bad requests comes from AMAZON-02 and “sister” AS numbers of the Amazon in terms related to the “bad bots” and “scrappers” on a daily basis :frowning:

I already created a Firewall rule which is allowing Printful containing its name for the user agent and getting hits. Still, as soon I enable Fight Bots mode back, Printful syncing issues start. I read is because rulesets of this bot fighting mode takes precedence over Firewall rules…

So…any ideas or feedback??

I’m having the same issue. The rest of the integration works fine (importing orders etc), but syncing new products no longer connects. I also have a firewall rule in place with no improvement. I should also note that I do not have bot fight mode enabled as it blocked all traffic to and from printful’s services.

You’d need to add their bot IPs to Firewall » Tools » IP Access Rules with an Allow action. Take a look through your firewall log and allow associated IPs.

1 Like

This later solution is simply not viable. I have contacted Printful support and with enough reason they shared they cannot give a list of IPs to whitelist them since it constantly changes…So, back to square one…

Again, same way Cloudflare has worked on a list of Known Bots (Pinterest, Google, Yandex, etc), only thing they can do imo is simply communicate with Printful, figure out a way to add them to such list, and stop asking customers to simply Allow traffic for Bots Fighting Mode (even reading this sounds absurd)…

I’ve had the same problem, and same conversations with Printful. I just searched my firewall log for any blocked Printful bot IPs, added the access rules for them, and it worked. ¯_(ツ)_/¯ I had to check now-and-again for newly blocked IPs to add access rules for them too, but eventually, I’ve not seen any more blocked and it’s working fine. That’s the only way you’ll make them work together as-it-is now.

1 Like

Would you mind sharing all of these IPs addresses so we all can add those to our lists?

@user8639 → This:

From your screenshot I can see 13.52.116.110 (is on the list from below too).

If you contact support, they should provide you with a list to give to the Firewall company (Cloudflare in this case?, or rather to you directly)

Add them to Firewall → IP Access Rules:

54.177.225.102
52.52.119.124
50.18.64.151
54.215.174.245
54.241.116.141
52.8.69.106
54.176.188.234
54.219.154.50
52.52.7.48
54.183.112.22
52.52.136.16
54.177.8.183
52.52.37.39
52.52.93.29
13.52.116.110

I’ve, actually, only had to add 3 IPs for Printful thus far myself. But, it would likely be a good idea to add the entire list that @fritex provided above though. The 3 IPs I’ve made access rules for are contained within his list.

1 Like

I thank you all for providing this information. I still think this is a very mild approach to security…what happens if those IPs change overnight and some hacker now that read them here takes them and that’s it, website security breach.

I know very well this could be easily fixed by just adding Printful as Known Bot. Of course, Cloudflare can think otherwise so I guess I’ll be leaving this by just making my point clear on this forum for anyone who crosses this issue. Let’s hope at some point the fix doesn’t involve paying more month over month…

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.