Some Cloudflare features may need adjustments for compatibility.

Cloudflare compatibility

If your site uses Cloudflare, some Cloudflare settings including “bot fight mode” can prevent your site from reaching itself, which affects WordPress cron jobs, Wordfence scans, and other features. On the Diagnostics tab of the Wordfence Tools page, the “Connecting back to this site” and “Connecting back to this site via IPv6” tests can show if the site is blocked from reaching itself.

To set up Cloudflare to allow connections from your site’s server back to itself, you can add your server’s IP(s) to Cloudflare’s “IP Access Rules”, following the steps below:

  1. Log in to Cloudflare
  2. Select your site
  3. On the left menu, click “Security”
  4. On the Security menu, select “WAF”
  5. Click the “Tools” tab
  6. In the “IP Access Rules” section, enter your server’s IP address in the field that says “IP, IP range, country name, or ASN”
  7. Change the “Block” option to “Allow”
  8. Change the “This website” option to “All websites in account” if you have more than one site on the same server
  9. In the “Add a note” field, type “My server IP” so you remember why the IP was allowed
  10. Click the “Add” button
  11. If your server has a public IPv6 address, repeat steps 6 through 10 for that address

If you don’t know your server’s public IP address, or if outbound requests from your host have a different public IP than the server itself, you may need your host’s help. Alternately, you may be able to find the IP address that is being blocked by going back to the left side menu on Cloudflare, clicking “Security”, and then scrolling down to the “Activity log” to find recently blocked IPs. Be sure to only allow IPs that you know are legitimate, as this list can also show blocks of malicious traffic.