For the firewall on my site, I have “Known Bots” as allow.
But, everything else was set to JS challenge.
A few weeks ago, I noticed recurring payments from stripe had stopped being processed completely (using membermouse wordpress plugin for recurring payment processing).
Upon disabling the JS challenge, the payments would resume (granted I had to re-process them manually).
I’m curious if there is a set of IP’s or criteria that can be set for Stripe to bypass the JS Challenge within Cloudflare.
Also, if there is a list of “Known Bots”, to see if stripe is included.