Blockonomics

TABLE OF CONTENTS

• Problem
• Diagnosis
• Solution
• CloudFlare
  • Add Page Rule
  • Add WAF Custom rule
  • Add IP Access rule
• WordFence/Others
• EndNote

Problem

The Blockonomics plugin will automatically update the order status when a bitcoin payment sent by your customer is confirmed. This works in all our ecommerce plugins. This article addresses how to troubleshoot the issue if this is not happening for you.

Diagnosis

To confirm the issue please check Test Bench > Callback Logs. If the Callback Status is green "200" (at the end as shown in image below), then everything is ok. e.g:

If the Callback Status is in red (number at the end), then that means you have this issue and we cannot cannot send callbacks to your server. 

Solution

Please check if you any of the following apply to you. 

1. You are using localhost or unreachable test server:  We cannot send callbacks to your localhost server. This is expected behaviour and is OK.
2. You are getting SSLError in Test Bench > Callback Logs: If you site doesn't have an SSL certificate change the callback URL to start with http:// . If you site is SSL enabled, check validity of your SSL certificate. We don't support self signed certificates. If your site is shown SSL validated in browser, make sure intermediate certificates are not missing (This is because we use curl for callbacks). You can diagnose by testing your site on https://www.ssllabs.com/ssltest/
3. You have DDOS protection:  You need to identify the DDoS mechanism and follow the steps mentioned below.

CloudFlare

Add Page Rule

Please follow the steps mentioned below to Create a Page Rule and allow blockonomics callbacks:

1. Go to "Rules" > "Page rules" and click on "Create Page Rule".
   • 
2. Make following changes:
   1. In URL field and Callback URL for your store with parth after "?secret" remove and '*' at the end
      • e.g: for WordPress store, if your callback URL is https://example.com/wc-api/WC_Gateway_Blockonomics/?secret=abc123, add URL like: https://example.com/wc-api/WC_Gateway_Blockonomics*
      • e.g: for WHMCS store, if your callback URL is https://example.com//modules/gateways/callback/blockonomics.php?secret=abc123, add URL like: https://example.com//modules/gateways/callback/blockonomics.php*
   2. From "Pick a Setting (required)" option select "Browser Cache TTL" and then from "Enter Browser Cache TTL (required)" option select "30 minutes".
   3. Click on "+ Add a Setting" and from "Pick a Setting (required)" select "Cache Level" and then from "Select Cache Level (required)" option select "Bypass".
   4. Click on "+ Add a Setting" and from "Pick a Setting (required)" select "Disable Apps".
   5. Click on "+ Add a Setting" and from "Pick a Setting (required)" select "Disable Performance".
   6. Click on "+ Add a Setting" and from "Pick a Setting (required)" select "Disable Security".
   7. Once you are done with all the changes, it should look like this:
      • 
3. After making changes click on "Save an Deploy Page Rule" at the end. Now in Page Rules, you should have a Page Rule like shown below:
   • 

Add WAF Custom rule

Please follow the steps mentioned below to add WAF custom rule:

1. In CloudFlare Dashboard, go to "Security" > "WAF" > "Custom rules" and click on "+ Create rule" button to create a new rule:
   • 
   • 
2. Click on Dropdown below "Field" and select "IP Source Address". In Dropdown below "Operator" make sure the value is set to "equals". In text field below Value, add the IP you want to whitelist. To add more IPs, add more rows by clicking on "Or" button at the end of row.
3. Add following IPs:
   1. 44.241.250.59: BTC callback server 
   2. 44.225.81.126: BCH callback server (If you are using BCH payment method)
4. This custom rule now should look like this:
   • 
5. Make sure action is set to "Skip", Log matching request is enabled and all rules are checked to be skipped.
6. Click on "Deploy" at the end of screen to Deploy this rule.
7. Make sure that the new firewall rule is above any blocking rules:
   • 

Add IP Access rule

Please follow the steps mentioned below to add IP Access rule:

1. Go to "Security" > "WAF" > "Tools"
   • 
2. Under "IP, IP range, country name, or ASN" type in "44.241.250.59". An option with this same IP will appear below. Click on this option. Please make sure to click on the option. Otherwise it won't be entered correctly.
   • 
3. Next, From "Action" option select "Allow":
   • 
4. Next, from "Zone" option select "All websites in account":
   • 
5. Next, under Notes and something like "Blockonomics" to note that this IP is being whitelisted for Blockonomics. 
   • 
6. Once you have made all these changes, please click on "Add" button.
   • 
7. Now, you should see this IP Access Rule added in the list below.
   • 
8. If you are using BCH, please make sure to add another IP Access Rule following the same steps for 44.225.81.126.

WordFence/Others

If you are using any other DDOS protection mechanism you can whitelist the IP of our callback server [44.241.250.59] and BCH callback server [44.225.81.126]

End Note

1. After bypassing the DDOS protection, try to generate multiple test callbacks (Using Test Bench > Callback Logs) within a minute / less period and make sure if you get 200 status.
2. You have a programmed/custom API endpoint: Make sure that the callback endpoint has no errors and returns clean with 200 HTTP status.