Hi all!
The problem is this: On the site, when choosing an online payment, there should be a transition to an external resource (bank payment gateway). So, if you clear the cache and cookies in the browser, then for the first time, in most cases, the transition to an external payment resource is normal (and this is if you do not stay long on the site, but do everything quickly). The second and subsequent times (if you do not clear the cache and cookies of the browser), there is no transition to the external resource of the payment gateway, but a redirect back to the site. This behavior only occurs in Under Attack Mode.
What can you advise to solve the problem of online payment with the included Under Attack Mode?
Meaning, currently there isn’t any via plugin or whatever way in the e-commerce CMS you’re using? And you’re having only the “normal form” for it and configured Cloudflare Page Rule with the “IUAM” mode for protection? 
How about adding Cloudflare’s Turnstile feature on the form?
Or, you can enable Rate Limiting feature on the specific URL for payment/cart/checkout/final step for example, just in case
Otherwise, put “Managed Challenge” or “JS Challenge” via Firewall Rule for the specific URI path, maybe that could help you, since IUAM would challenge each resource request too (I think).
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.