It’s Monday today and I wanted to provide a quick update. I can confirm that Cloudflare appears to have been the issue — everything seems to be working fine after disabling proxying via Cloudflare.
Now, you previously mentioned that “Yes, we have seen reports in the past where Cloudflare’s proxy interfered with API communication.” Could you please confirm what the recommended solution was in those cases?
Unfortunately, PayFast tends to take quite a while to get back — sometimes it takes 10 days to get a respond from them. In the meantime, I wanted to give you an update on what I’ve tried on my side — the site is being proxied through Cloudflare, so I disabled the proxying this morning. Since then, I haven’t experienced any issues. I’m going to leave it this way over the next few days — likely until Monday — to monitor the behavior. If the issue doesn’t resurface, I’ll be able to conclude that it is likely related to Cloudflare.
However, just out of curiosity, have you perhaps come across similar issues involving Cloudflare before on your end?
I wanted to provide an update. I set up a UAT environment as promised and pointed it to the PayFast Sandbox. I ran six transactions through the Sandbox and didn’t encounter any issues.
However, the moment I switched to the PayFast Production environment, the issue resurfaced.
During testing on the Sandbox, ModSecurity was enabled, and all plugins were active — yet no issues occurred.
On my live site, even with ModSecurity disabled, I am still experiencing the same issues. Screenshot attached here.
Also I wanted to ask if another troubleshooting idea I have might work. I’m considering setting the Instant Transaction Notification (ITN) to point to an Azure Webhook URL, and then have Azure handle the communication with the website instead of PayFast speaking to the website directly. Would this approach work? Also, does the PayFast plugin perform any IP validation on the incoming notifications that might prevent this from working?
This reply was modified 1 year, 1 month ago by babavemwana.
This reply was modified 1 year, 1 month ago by babavemwana.
Thanks @doublezed2 for the reply. I’ll definitely read up more on ModSecurity and check if I have access to its configuration via cPanel. In the meantime, I thought I’d add a bit more context while I work on this:
Even though your hosting provider confirmed nothing is blocked, check for any ModSecurity, firewall, or WAF rules that may interfere with the POST body of the first request. The second request may be a retry from Payfast because it didn’t detect a proper 200 OK response from the first.
Yes, you’re right. PayFast they are saying they’re retrying because they didn’t detect a proper 200 OK response from my server. But what’s strange to me are three things: First, why does this sometimes work and other times not? It used to work perfectly, and suddenly I’m starting to experience this issue. Second, every time this happens, the PayFast second attempt seems to succeed, but it doesn’t trigger my notifications to the customer or shop manager. Third, if you look at the WooCommerce Notes screenshot I shared, you’ll notice that WooCommerce actually records two ITNs for the same order. Which seem to imply that it is acknowledging the ITNs. It’s an interesting issue, and it’s forcing me to dig deeper and learn more about how this whole flow works.
Regarding your perspective below, I’m considering setting up a DEV environment because it’s not happening consistently; it occurs now and then, and then point to the PayFast DEV environment. I am not sure if this is a good idea.
To rule out interference from other plugins, temporarily switch to a default theme (like Twenty Twenty-Five) and disable all plugins except WooCommerce and Payfast. Then, test a transaction to see if the issue persists.
Thank you for the prompt response. I want to make sure, are you saying that if I get the Pro version, then I can be able to directly load FAQ questions.
In simple terms, will I be able to customise the chatbot to look exactly like this. With the starter version?
