When using CloudFlare with Memberium, you may run into issues.
HTTP POSTs Failing
CloudFlare’s security options may block HTTP POSTs from your Infusionsoft app. This will result in actions such as password generation failing to succeed.
Memberium is designed to deliver personalized content to each individual logged in visitor on your site. CloudFlare’s goal is to deliver the same content to all visitors on your site. CloudFlare may deliver private content intended for a logged in visitor, to another logged in visitor, or to a random user on your site.
Configuring The CloudFlare Firewall
Unfortunately CloudFlare has not created a consistent user interface that we could document which would then evolve over time. Instead they’e repeatedly completely redesigned it, making it impossible for us to track it accurately and keep the documentation matching.
In order to best support you, we’ll provide the information we know you’ll need. We recommend using that to configure the site based on the current settings they provide, or work with CloudFlare customer support to get things properly setup. This same information may be useful for other caching services as well.
The following are the IP Address ranges of Infusionsoft’s servers which should be white listed:
Infusionsoft no longer send HTTP posts from their static IP address. Previously, it was possible to whitelist traffic from this IP Address knowing it was coming from Infusionsoft. Currently, HTTP POST’s can be sent from a wide range of IP’s, which is why whitelisting IP won’t work.
Instead of using IP Addresses for the whitelist, you should use the User-Agent to check for Infusionsoft. Basically, check if HTTP POST header data has “Infusionsoft” (without quotes) as the User-agent.
You want to setup rules in Cloudflare controlling which pages should bypass the caches:
The URL pattern should look like http://yourdomain.com/?operation=* where yourdomain.com should be changed to your domain.
- Forwarding should be turned off
- Always Online should be turned off
- Security Level should be Essentially off
- Performance should be off.
TEST! TEST! TEST!
Test the various HTTP POST operations from your Infusionsoft app and ensure that they are reaching your Memberium site.