Keap HTTP POST and restHooks with CloudFlare
CloudFlare blocks IP addresses known or perceived to be sources of malware or spam. The CloudFlare Firewall also detects web activity that may be harmful to your site and blocks IP addresses linked to such activity.
Very often, HTTP POSTs without a referrer originating from the site itself can be considered illicit and result in the posting IP addresses being blocked. Keap restHooks fall under the HTTP POST rules. Another "gotcha" are unknown or missing user agents where CloudFlare expects to see the name of the most common web browsers.
CloudFlare provides a means to establish a so-called "Trust List", enabling HTTP POST and restHooks originating from Keap to be "whitelisted", enabling them to reach your site and be processed by iMember360. In addition, CloudFlare lets you define so-called "Page Rules" which would allow Keap HTTP POST/Webhooks to get past the security scans.
Add Keap IP addresses to the CloudFlare Trust List
- Go to your CloudFlare Firewall settings and click on the Trust/Block IP List tab.
- In the input field next to the green "Trust" submit button, enter
208.76.24.0/22and press the "Trust" button. Note: the /22 is important.
Configure CloudFlare Page Rules
Next, go to your CloudFlare Page Rules settings. There, you will create a new rule for your site:
- Dynamic Pattern:
http://yoursite.com?i4w_genpass=* - Additional settings:
- Always Online → Off
- Browser Integrity Check (BIC) → Off
- Browser Cache TTL → 300
- Custom Caching → Bypass Caching
- Forwarding → Off
- Performance → Off
- Security Level → Lowest
- SSL → Off