CloudFlare blocks IP addresses known or perceived to be sources of malware or spam. The CloudFlare Firewall also detects web activity that be harmful to your site and blocks IP addresses linked to such activity.
Very often, HTTP POST's without a referrer originating from the site itself can be considered illicit and result in the posting IP addresses being blocked. ActiveCampaign webhooks fall under the HTTP POST rules. Another "gotcha" are unknown or missing user agents where CloudFlare expects to see the name of the most common web browsers.
CloudFlare provides a mean to establish a so-called "Trust List", enabling HTTP POST and webhooks originating from ActiveCampaign to be "whitelisted", enabling them to reach your site and be processed by ActiveMember360. In addition, CloudFlare lets one define so-called "Page Rules" which would allow ActiveCampaign HTTP POST/Webhooks to get past the security scans.
To add ActiveCampaign IP addresses to the CloudFlare "Trust List":
(1) Go to your CloudFalre Firewall settings and click on the "Trust/Block IP List" tab.
(2) In the input field next to the green "Trust" submit button, enter the following IP addresses and press the "Trust" button:
Next, go to your "CloudFlare Page Rules" settings. There, you will create a new rule for your site:
- Dynamic Pattern -> http://yoursite.com?mbr=*
- Additional settings:
- Always Online -> Off
- Browser Integrity Check (BIC) -> Off
- Browser Cache TTL -> 300
- Custom Caching -> Bypass Caching
- Forwarding -> Off
- Performance -> Off
- Security Level -> Lowest
- SSL -> Off