Whitelisting WooCommerce Payment Gateways

Hey @cedus,

You can check Wordfence -> Tools -> Live Traffic, to see if something has been blocked. If you expand the live traffic row, it should tell you which parameter is causing the block.

Let me know what it says, and I’ll guide you through on how to whitelist it.

Thanks,

Gerroald

Hi,

ok, that means if nothing is registered or blocked in live-view then the normal firewall nor the “advanced protection” interferes in any way with the action?

Hey @cedus,

Correct, if the Firewall is blocking these actions is should record it there. Did you see any entries?

Thanks,

Gerroald

Hi Gerroald,

I’m sorry for the late reply.

We’re experiencing the same issue on another site now.

Amazon Pay:
10-23-2019 @ 10:40:46 - WC_Amazon_Payments_Advanced_API::request - Error: cURL error 60: Peer's certificate issuer has been marked as not trusted by the user.

PayPal Plus just does not complete the order and stays in “Awaiting Payment”.

This issue seems to go away if advanced protection is turned off.
Logged in customers (with user accounts) can complete their purchase without problems but guests (sometimes?) get refused.
The firewall does not show any blocked entries.

Thank you,
Chris

Hey @cedus,

The error you’ve shared indicates an issue with your SSL certificate. It may be expired, or there may be a misconfiguration. Can you please share the error with your host? They’ll know what to do to fix it.

Please let me know what they say, and if it helps.

Thanks,

Gerroald

Hi Gerroald,

thank you for your response.

I already was in contact with the host (Strato Managed Server).
They told me everything seems to be alright.
According to ssllabs.com everything is fine with the certificates A Grade in all categories between 90 and 100%).
As I said it happens on two shops now.

Thank you,
Chris

Hey @cedus,

Thanks for the update.

Can you send me a Diagnostics report so I can get a better overview of your environment? Please navigate to Wordfence > Tools > Diagnostics. Here you can select SEND REPORT BY EMAIL. Please include your www.ads-software.com username and update this thread after you’ve sent it.

Thanks,

Gerroald

@wfgerald Thanks for your help, I sent the report.

Hey @cedus,

I can’t seem to find the report. Can you please try again?

Are you receiving any other emails from the site? You can test this by navigating to Tools > Diagnostics > Other Test, which is at the very bottom of the page. You’ll notice two options to send test emails.

Send a test email from this WordPress server to an email address
Send a test activity report email

Please let me know.

Thanks,

Gerroald

@wfgerald Hm, whatever this problem is. I now sent the report to my own mailbox and forwarded it to you. ??
All other mails get sent without a problem.

@wfgerald I want to add following stuff:

– *most of the time* logged in customers (that have created a customer account before) do not have a problem completing the purchase at all.

– The Plugin states these requirements in the config:
Amazon account details to integrate with WooCommerce. IPN (Instant Payment Notification) requires PHP OpenSSL support to verify the signature of the message. To process IPN, you need to set the IPN Merchant URL in your sellercentral dashboard to https://domain.tld/wc-api/WC_Gateway_Amazon_Payments_Advanced/.

OpenSSL support is available, as per Wordfence diagnostics.
The required setting is correct in the sellercentral dashboard.
Traffic on the url comes from different hosts, all ending with .amazon.com (usually something like 54-240-197-48.amazon.com)

If I visit the page manually logged in or not logged in it displays “empty post data” (I don’t think it should do something when visited manually, but maybe I can see if it works at all)

Hey @cedus,

It looks like your PHP and OpenSSL versions are up to date. SO I don’t think this is contributing to it.

Are you able to reproduce this? If so, can you reproduce it and check the browser console for any errors? Perhaps also share any relevant errors found in the PHP error logs? I’m wondering if this might be a combination of conflicts causing this.

https://www.wordfence.com/help/advanced/troubleshooting/#how-to-inspect-the-browser-console

Please let me know.

Thanks,

Gerroald

Hey @wfgerald,

I don’t think it is related in any way to Wordfence anymore.

Yesterday I tried registering WPML in the backend, with wordfence inactive, and ran into the same issue.

After this I took on a heavy talk with my hosting provider and they said they’ll look into it. This was in the afternoon (9 hours ago). Haven’t heard back yet but at least we’ve had all orders going through without problems since about 6 hours, so maybe they’ve found something.

I’ll respond again when I’ve got news.

Regarding your last post:
I am not able to reproduce this. Sometimes it works, sometimes not. Right now I placed a test order without any problems. The console had one network error regarding amazon and one jquery problem. (I closed it by accident so no detailed errors).

Hey @cedus,

I agree that it’s not likely Wordfence due to it happening randomly. If something was breaking a Firewall rule or any other rules it would happen every time. But I wanted to make sure.

Please do let me know what you find.

Thanks,

Gerroald