I need to allow AJAX access to the site via various location

I use the site to license WordPress plugins and use an AJAX call from my plugin to the site to activate the license.

The URL of the ajax call is https://somesite.com/wp-ajax.php (custom PHP AJAX file)

The problem is when I try to call the site via CURL through my API server.

Instead of a valid JSON format, I get a Cloudflare validation wall in HTML instead of JSON response.

I need this url to bypass Cloudflare checks as much as possible.

How to do it?
Thanks!

Assuming the domain that is being called is yours, look in your security event log for the reason why the request was challenged and set a WAF rule to skip whatever rule/feature is triggering it, or set a rule to skip for your IP address.
https://dash.cloudflare.com/?to=/:account/:zone/security/settings

Or, if the call is from the same domain/server that serves the request, then call it by using localhost, the server’s IP address, or set the domain to the origin IP directly in your local DNS or hosts file so the request doesn’t go through Cloudflare.

I tried this and still have the problem. There is no way I can turn off that “Please wait” splash screen from the AJAX call and it totally crashes my app. I’ve added IP addresses, excluded URLs, even tried shutting down the entire CDN and I still get that splash screen from Cloudflare.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.