Image not shown and cannot reach to xml feed url

hi
i have problem when i enable cloudflare by enable Proxied on ip
image not shown on pdf invoice shown me red X (look at picture - invoice-after-enable-cloudflare.png)
invoice-after-enable-cloudflare

and after i disable cloudflare image it’s enable on pdf!!
invoice-after-disable-cloudflare


also i have problem with xml feed file … i have plugin help to create products feed
but when i enable cloudflare the file dose not generate (tested with two plugins) and when i disable cloudflare it’s work normally!!
while i create page rule for feed folder - cache level bypass and also disable firewall

** i am using new woocommerce with wp rocket and imagify in cloudways hosting**
my domain: kamilha.com

thanks

Could you re-check in case if you have got the Hotlink Protection enabled under the Scrape Shield tab at Cloudflare dashboard for your domain name?

Does any request appear for Hotlink protection or some other in Firewall Events log ?

Furthermore, in terms of a PDF viewer, is the content “restricted to view/open” or did you clicked and allowed it to download and view it?

Kindly, see below:

May I ask, is the link to the image in your PDF to your domain or some other 3rd-party domain?

Is this the same plugin and related to this similar topic here?:

hi
Hotlink protectio id disabled also there is no Hotlink protectio in firewall log
about pdf … when i press button to download in my device then i can view it… there no view option in my website … but image shwon without cloudflare!

also i did all stepes in wp rocket blog

yeah same plugin

May I ask which one?
Do you have to link to it in the WordPress repository?

Have you tried writing a Topic at Support page to the developer of it?

two plugn

no i did not talk with plugin support because obviously the problem from cloudflare… the plugin and image work when i disable cloudflare

also in google shopping the products without iamges
so i think all images are securied some how?

That’s interesting behaviour why does it happen to users also on Cloudflare reported that here:

I am not familiar with this plugin and haven’t used it.

Maybe, if it’s not the Hotlink Protection, it could it be:

  1. XML parsing issue
  2. WP REST API
  3. WP JSON
  4. Security plugin for WordPress (Wordfence, etc.)
  5. HTTPS issue
  6. WP-cron issue being blocked due to HTTP/1.0 requests being sent from the origin host/server (where the website is hosted)
  7. Firewall Rules (JS challenge, country blocking) / Security Level set to High
  8. CSP policy if using it
  9. Issue of generating the feed (PHP memory_limit, etc.)

i check everything it’s working … firewall rules level low
oho memory set to 512M
i did not set cron job in server
i did not install any security plugin

and i said all my problem missing when i make snd record to dns only

WP-cron not same as cronjob at web server. It executes every few minutes by default (and uses HTTP/1.0 for the requests with user-agent WordPress/version_number, which could be blocked - as already stated):

And this plugin for product feed seems to set one and uses it.