Firewall blocking payment gate messages

The firewall is blocking PayU payment gate messages. Currently my paid orders need to be updated manually to paid because payment status messages are getting blocked. I whitelisted IPs and added a rule to allow user agent as follows below, but messages are still getting b.ocked.

Rule added:

Error message:
[measureId=N5;timestamp=1650955339197;requestUUID=7a7f8a94-1def-459d-b99e-c2fcaaec026a;senderId=CHECKOUT;recordId=LMW4Q732PX220425GUEST000P01;recordOrder=1650911540170;recordType=ORDER;receiverId=3605586;recordStatus=ORDER_STATUS_COMPLETE;attemptsCount=1;partition=88;url=https://nayavita.com/?wc-api=WC_Gateway_PayuStandard;isSent=false;statusCode=403;statusMessage=Forbidden;responseBody=error code: 1010]

Is it the rule value I need to change or how do I make sure the messages are getting through?

You’d need to take a screenshot of the block from the Firewall Activity Log to find out what security feature blocked it.

I checked the Activity Log, but it is completely empty. Any ideas?

Looks like it’s Browser Integrity Check related - https://support.cloudflare.com/hc/en-us/articles/360029779472-Troubleshooting-Cloudflare-1XXX-errors#error1010

Is your firewall rule set to Bypass with Browser Integrity Check included?

The user agent firewall rule is set to Allow - (http.user_agent eq “Jakarta Commons-HttpClient/3.1”)

Do you mean I should change that to Bypass and add with Browser Integrity Check?

Or shall I set up a new rule?

Allow only exempts it from challenges and other firewall rules - Bypass should work fine when you add Browser Integrity Check to it.

https://developers.cloudflare.com/firewall/cf-firewall-rules/actions/

1 Like

Ok, so I updated the rule as follows. Hopefully there is a new order soon so I can check if that works. Thanks alot for now.

Hi all, so I have tested this new setup and payment messages still getting blocked. Although the firewall activity log shows nothing: No firewall events found .

Any ideas?

Do you have the error message like you did before? See below.

Hi,
Yes, it is exactly the same:

code (ERROR): 403, Response: "error code: 1010"

Hi, I have also reached out to the payment gate and they provided the following:

You server is still blocking traffic from our server. We have resend notification to last transaction :

09/05/2022
09:12:47.069 [measureId=N5;timestamp=1652080367069;requestUUID=bd0a4897-b000-406f-95a5-91f88fef1561;senderId=CHECKOUT;recordId=LMW4Q732PX220425GUEST000P01;recordOrder=1650911540170;recordType=ORDER;receiverId=3605586;recordStatus=ORDER_STATUS_COMPLETE;attemptsCount=5;partition=88;url=https://nayavita.com/?wc-api=WC_Gateway_PayuStandard;isSent=false;statusCode=403;statusMessage=Forbidden;responseBody=error code: 1010]

Log of notification which is sent:

2022-05-09 09:02:38,966 INFO Create [requestUUID=bd0a4897-b000-406f-95a5-91f88fef1561,senderId=CHECKOUT,recordId=LMW4Q732PX220425GUEST000P01,recordOrder=1650911540170,recordType=ORDER,receiverId=3605586,url=https://nayavita.com/?wc-api=WC_Gateway_PayuStandard,format=JSON,protocol=HTTP_1_1,encoding=UTF-8,forceSend=true,email=null,responseVerifierType=HTTP_CODE_200, transAuthorizationDate=null,historyDescription=ORDER_STATUS_COMPLETE,headers=[Authorization=Basic MzYwNTU4Njo0MGViYTdlZDQ2MzMyNzEzMTRlZjgzNTM1YWUzYjU0Mw==,X-OpenPayU-Signature=sender=checkout;signature=457195982c9378d0c594fdf1a5b906d3;algorithm=MD5;content=DOCUMENT,OpenPayu-Signature=sender=checkout;signature=457195982c9378d0c594fdf1a5b906d3;algorithm=MD5;content=DOCUMENT,User-Agent=Jakarta Commons-HttpClient/3.1,],content={“order”:{“orderId”:“LMW4Q732PX220425GUEST000P01”,“extOrderId”:“3852_6266e8e7b67946.15464433”,“orderCreateDate”:“2022-04-25T20:31:03.956+02:00”,“notifyUrl”:“https://nayavita.com/?wc-api=WC_Gateway_PayuStandard",“customerIp”:“37.48.16.47”,“merchantPosId”:“3605586”,“description”:"NAYAVITA #3852”,“currencyCode”:“CZK”,“totalAmount”:“356400”,“buyer”:{“customerId”:“guest”,“email”:“xxxxxxxx”,“phone”:“723468417”,“firstName”:“Jana”,“lastName”:“Petrů”,“language”:“cs”},“payMethod”:{“type”:“CARD_TOKEN”},“status”:“COMPLETED”,“products”:[{“name”:“NAYAVITA #3852”,“unitPrice”:“356400”,“quantity”:“1”}]},“localReceiptDateTime”:“2022-04-25T20:32:20.152+02:00”,“properties”:[{“name”:“PAYMENT_ID”,“value”:“2601848909”}]}]

Do note that IP addresses on production from which notification is sent are :

185.68.12.10, 185.68.12.11, 185.68.12.12, 185.68.12.26, 185.68.12.27, 185.68.12.28

Base on this log administrators of cloudflate should give you information why despite configuration of Cloudflare the traffic is still blocked.

Hope this is helpful.
Marcela