Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

PayFast ITN breaking after Cloudflare is activated #130

Open
marcperel opened this issue Apr 3, 2023 · 4 comments
Open

PayFast ITN breaking after Cloudflare is activated #130

marcperel opened this issue Apr 3, 2023 · 4 comments
Labels
priority: high The issue/PR is high priority—it affects lots of customers substantially, but not critically. type: bug The issue is a confirmed bug.

Comments

@marcperel
Copy link

Describe the Bug

We have an issue with our site with PayFast ITN breaking when Cloudflare is active.

Customers place their order, and orders get stuck in a Pending Payment state.

To Reproduce

  1. Activate Cloudflare on a site
  2. Complete a payment on PayFast
  3. Your order status will change to Pending Payment
  4. The order will never move to Pending
  5. An excerpt from our PayFast logs via WooCommerce > Status:

04-03-2023 @ 05:43:20 - Verify security signature
04-03-2023 @ 05:43:20 - Signature = valid
04-03-2023 @ 05:43:20 - Verify source IP
04-03-2023 @ 05:43:20 - Valid IPs:
Array
(
[0] => 34.107.176.71
[1] => 34.120.184.229
[2] => 41.74.179.195
[3] => 41.74.179.200
[4] => 41.74.179.211
[5] => 41.74.179.196
[6] => 144.126.193.139
[7] => 41.74.179.212
[8] => 41.74.179.193
[9] => 41.74.179.197
[10] => 41.74.179.201
[11] => 41.74.179.204
[12] => 41.74.179.203
[13] => 197.97.145.156
[14] => 41.74.179.210
[15] => 41.74.179.217
[16] => 41.74.179.218
[17] => 41.74.179.194
[18] => 197.97.145.150
[19] => 197.97.145.149
[20] => 197.97.145.145
)

Expected Behavior

ITN should pass and orders should move to Pending state.

Actual Behavior

ITN does not pass and orders are set to Pending Payment state.

Environment

WooCommerce version: 7.5.1
WooCommerce REST API package: 7.5.1
WooCommerce Blocks package: 9.6.6
Action Scheduler package: 3.5.4
WordPress version: 6.1.1
@marcperel marcperel added the type: bug The issue is a confirmed bug. label Apr 3, 2023
@vikrampm1 vikrampm1 added the priority: high The issue/PR is high priority—it affects lots of customers substantially, but not critically. label Apr 3, 2023
@nicdwilson
Copy link

@marcperel There is a filter that can be used in this circumstance. Not ideal, but woocommerce_gateway_payfast_is_valid_ip can be used to return true if the originating IP is being obscured. While we will continue to look at this, please let us know if that helps.

@shady786
Copy link

Is a fix planned for this in the near future ?

@nicdwilson
Copy link

Hi @shady786 I'm not sure that it can be regarded as a true bug, although the developers might want to chime in here. Update calls from PayFast are checked against the originating IP. This is good security practice and is recommended by PayFast.
The error occurs because the free level of CloudFlare does not pass the original IP address in the request. Paid levels of CloudFlare do offer the option of passing the originating IP.
The filter woocommerce_gateway_payfast_is_valid_ip was added after we experienced this issue, and using the filter works well.

@nicdwilson
Copy link

nicdwilson commented Feb 22, 2024
edited
Loading

The filter is used as follows and can be deployed in your functions.php or using Code Snippets.

add_filter( 'woocommerce_gateway_payfast_is_valid_ip', '__return_true' );

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
priority: high The issue/PR is high priority—it affects lots of customers substantially, but not critically. type: bug The issue is a confirmed bug.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@marcperel @nicdwilson @shady786 @vikrampm1