Shopventory is being blocked by Cloudflare to access our inventory information

Shopventory is being blocked by Cloudflare to access our inventory information. When looking into the error codes it appears to me from reading through the error messages like Shopventory is getting a 520 error from Cloudflare when trying to access our site. We don’t want to revoke the current API key’s access, because if we do, we will need to re-import our inventory and start the process from scratch there, which is a whole ordeal.

WooCommerce shows that the last time the API key was accessed was yesterday at 1:31pm. It still has Read/Write permissions, and so does the associated user. Here is the Cloudflare Ray ID: 751f4938e9c462d6 we received from the error.

Despite 520 error on WordPress, there were recently topics which I remember and would like to ask few questions and suggest few things just to double-check if it’s co-related thing or someting else in between.

There are topics where 520 is seen on wlwmanivest, xmlrpc, admin-ajax file and similar.

Before moving to Cloudflare, was your Website working over HTTPS connection?

If you temporary enable the “Pause Cloudflare for this site” option from the CF dashboard bottom-right corner, does it work then or still shows the same warning/error?
Does your Website work fine over HTTPS when Paused?

May I ask have you tried navigating to the “Network” tab of Developer Tools (F12) to see what is the response of the request which shows you 520 error? :thinking:
Is it Ajax request as I assume due to the WooCommerce?

Furthermore, I wonder if any of Cloudflare security & protection settings like Bot Fight Mode or Browser Integrity Check challenged or blocked the request :thinking:

Kindly could you provide some more details about which service did it trigger and got that result in the Cloudflare dashboard → Security → Overview for the past 24hours or so. Once you find them, click on a particular one to find more details about it (user-agent, IP, HTTP version …).

Nevertheless, I am not sure if that request to the admin-ajax.php was made via WordPress itself or via some plugin?

Can you ask them to provide you with their IP addresses or IP range they use? You could try to allow them/whitelist as follows from my below suggestion.

Just in case, related to the WordPress, I’d suggest you to whitelist your origin host / server / hosting IP address by navigating to the Security → WAF → Tools → IP Access Rules with the action “allow” for your Website and try again.

It knows to happen due to the WordPress using HTTP/1.0 and empty user-agent, therefore while executing WP-Cron or some other related JSON/REST API request via plugin.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.