Enabling proxy on the * CNAME (for custom domains) breaks Barclays ePDQ POSTs

Enabling proxy on the * CNAME (for custom hostnames) breaks Barclays ePDQ POSTs.

We are attempting to enable custom hostnames for our platform (SaaS for multiple clients who currently use a subdomain and are now wanting custom hostnames). We enabled the proxy for the wildcard CNAME and that, somehow, broke the POSTs from Barclays ePDQ.

How it broke … I don’t know … but it seems Cloudflare is returning a 403 rather than passing the request to our servers.

Strangely enough, the rest of our application (i.e. the current customer facing pages and resources determined by subdomain) which uses POSTs … all working fine.

Is there a way to trace a single request through Cloudflare services such that we can see what interacted with it?

Unfortunately, the Cloudflare setup existed before I joined the company and there’s a LOT of things in here which have not been translated to Terraform (Infrastructure as Code - IaC) which would help a LOT. Is there a way to get ALL of the Cloudflare setup in a single file of pretty much ANY description so we can translate the various settings to Terraform?

If it was blocked, you will see the request in https://dash.cloudflare.com/?to=/:account/:zone/security - there’s an event log towards the bottom.

All responses will have a CF-Ray header which you can use to search in that event log.

Not quite everything, but cf-terraforming exists for this purpose.

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.