Cloudflare is overriding my IP rules and can't figure out why

Hi! We have a firewall rule that allows inbound traffic from two specific IP addresses. This IP addresses belong to the servers of our payment platform, which are in charge of letting us know (through a webhook) when a customer has completed a payment so that his or her order it’s processed.

For some reason that I can’t figure out, I can see in the firewall Dashboard that the rule in question is permitting the traffic but a “Browser integrity check” is blocking it. This integrity check seems to override our rule and hence our application does not get notified of new purchases and we are not processing them.

Would anyone know why that is? I’ve tried to find a “disable integrity check” option without success.

May I ask is this Firewall Rule the 1st from above on the Firewall Rules list and with the action “allow”?

Furthermore, may I suggest you to try by adding the two specific IP addresses of your payment platform to Firewall → Tools → IP Access Rules → add each with the action “allow”.

Otherwise, maybe by using a Page Rule to disable the Browser Integrity Check feature for the specific URL which the IPs (server) of the API is hitting?

May I ask what else did it triggered and showed as “blocked” or “challenged” then at Firewall Events?
An empty user-agent, or maybe an old HTTP/1.0 request from that IP addresses?

Yes it is :smiley:

I’ll try it right away!

I’m sorry but I don’t understand what this question is referring to.

Try adding those two IP addresses as Allows at Firewall → Tools.

1 Like

Thanks a lot for both replies! After adding the IP addresses in IP Access Rules the requests started getting through.

Since you both suggested the same but @fritex did it earlier I’ve marked his answer as the solution :blush:


This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.