Getting Started

How to

Features

Multiple Users & Roles

Payment Gateways

Cloudflare

Allow POS to Connect Through Cloudflare

Learn how to create a simple Cloudflare Page Rule so your site’s POS API can communicate without being blocked or cached.

If you are using the POS and notice that the POS cannot sync, load products, or send requests to your site, Cloudflare is likely blocking or inspecting the POS API route.

Cloud POS communicates with your WooCommerce store using a specific REST API path. Cloudflare sometimes treats these requests as nonstandard traffic and may block them, challenge them, or try to cache them. Any of these behaviors can break the connection.

To fix this, you need to create a Cloudflare Page Rule that bypasses security checks and caching for the POS API route.

This guide will walk you through the process step by step.

Check if Your Site Is Using Cloudflare

If you are unsure whether Cloudflare is active on your site, you can check by entering your domain here:
https://checkforcloudflare.selesti.com/

If the checker shows Cloudflare is in use, continue with the steps below. If not, the connection issue is coming from another layer of your hosting or security setup.

Why This Rule Is Required

Cloud POS relies on real time API communication. If Cloudflare inspects or caches these requests:

• The POS may not load products
• Orders may fail to sync
• You may see timeout or 403 errors
• The device may appear unable to connect

A Page Rule tells Cloudflare not to interfere with the POS API endpoint.

Important Note About Cloudflare’s Deprecated Setting

Cloudflare recently deprecated the “Disable Security” Page Rule setting. This does not affect the steps in this guide.
We only use Security Level: Essentially Off, which is still supported.
The rule below continues to work correctly and remains the recommended setup for Cloud POS.

Step by Step Instructions

Follow these steps in Cloudflare:

Log into Cloudflare

Go to https://dash.cloudflare.com and sign in.

Choose your website

Select the domain where WooCommerce is installed.

Go to Rules

Open Rules in the left menu.

Select Page Rules

Choose Page Rules from the submenu.

Create a new Page Rule

Click Create Page Rule.

Enter the URL Pattern

In the URL field, enter:

https://yourdomain.com/wp-json/wc-pos/*
https://yourdomain.com/wp-json/wc-pos-cloud/*

Replace yourdomain.com with your actual site URL.

This pattern matches all requests sent by Cloud POS to your store.

Add the required settings

Set the following:

Security Level: Essentially Off
Cache Level: Bypass

These settings prevent Cloudflare from challenging, blocking, or caching POS traffic.

Save and enable the rule

Click Save and Deploy to activate it.

Confirming the Rule Is Working

After saving the rule:

• Try loading the POS again
• Products should load normally
• Orders should send and sync without delays
• No Cloudflare errors should appear

If the POS still cannot connect, check that:

• The URL pattern exactly matches your domain
• There are no extra slashes or missing characters
• The rule is at the top of your Page Rules list

Common Mistakes to Avoid

• Using http instead of https
• Forgetting the final wildcard /*
• Applying the rule to the wrong domain
• Using Cloudflare Cache Rules instead of Page Rules

When to Contact Support

If the POS still fails to connect, your Cloudflare firewall may also be inspecting requests. Review:

• WAF logs for blocked paths
• Bot Fight Mode settings
• Super Bot Fight Mode managed challenges

Temporarily disabling these can help identify the cause.