cancel
Showing results for 
Search instead for 
Did you mean: 

Shipstation doesn't work with CloudFlare?!

dailce
First-timer

Shipstation doesn't work with CloudFlare?!  Whenever we enable bot mode on  CloudFlare shipstation can't  connect to our woocommerce/wordpress  website....

I asked chat for the ip's shipstation uses  but they provided amazons json file https://ip-ranges.amazonaws.com/ip-ranges.json which contains over 500 ip's - this is not the solution.

Are there a set of ip's we can use with cloudflare that will work?

BUT  more importantly why hasn't shipstation submitted their bot/app to cloudflare to be added to their safelist.....

Has any one had success getting this to  work?

3 REPLIES 3

Hey there @dailce

 

Its great to see that you've reached out to our support team. That is definitely the right thing to do! I would recommend returning to the support thread if that solution did not resolve your issue. 

 

Otherwise, I think we would both love to hear from other members about what they are personally doing for their setups. 

From Moderator Davis, May the force be with you!

aldin
New Contributor

Been having this issue as well. I had to disable Proxy DNS for the subdomain where Shipstation is integrated, thus removing the security benefit that Cloudflare has to offer. Were you able to find a workaround for Shipstation to work with Cloudflare? I'm still waiting for support to respond to this inquiry.

Thanks

Guillemot
First-timer

I have had this problem. Currently it’s fixed. I don’t know that the fix is permanent.

I found the bot attack event in CloudFlare under Security/Events. Then under Security/WAF/Tools we entered the IP addresses supplied by ShipStation. Enter the IP addresses in Cloudflare was weird. We entered the address in the IP, IP range, country name, or ASN field, and hit , then selected Allow in the Action field before clicking on ADD.
The IP addresses ShipStation suggested whitelisting are below. We were unable to include the range “/32” information and it didn’t like the URLs so we just added the IPs without the range.