FunnelKit
FunnelKit Documentation
Get unstuck with our helpful reference material

FunnelKit Automations

Whitelist FunnelKit Automations Endpoints in Cloudflare

When using Cloudflare or other firewall services, FunnelKit Automations endpoints may encounter a 403 Forbidden error due to the security challenges these services impose. 

This can prevent successful API requests to the endpoints.

In this guide, we’ll walk you through the steps needed to whitelist these endpoints and configure your firewall to avoid caching issues.

Whitelisting FunnelKit Automations Endpoints in Cloudflare

Taking Cloudflare as an example, follow these steps:

Step 1: Access the Cloudflare dashboard

Log in to your Cloudflare account and navigate to the domain where FunnelKit Automations is set up.

Log in to cloudflare

You’ll be directed to the Cloudflare dashboard.

Step 2: Configure page rules

Make sure you’ve added your website to Cloudflare.

Next, navigate to Rules ⇨ Page Rules and click on the Create Page Rule button.

Create page rule

Enter the endpoint URL with (*) and configure the following options:

  • Disable browser integrity check
  • Bypass the cache level
page rule configured

Make sure to hit the Save and Deploy Page Rule button when done.

Here are a few more endpoints to add:

*example.com/wp-json/autonami-app/*
*example.com/wp-json/woofunnels/*
*example.com/wp-json/autonami/*
*example.com/wp-json/funnelkit-automations/*

👉 Replace example.com with your domain name.


Once done, Cloudflare should no longer block or cache requests to FunnelKit Automations endpoints.

Step 3: Configure security rules 

In the Security Rules tab, to create a new rule, hit the + Create Rule option. 

Next, set the Rule name and provide the endpoints for “When incoming requests match”

You can also use the Expression shown below:

(http.request.uri.path contains "/wp-json/woofunnels/") or (http.request.uri.path contains " /wp-json/autonami-app/") or (http.request.uri.path contains "/wp-json/autonami/") or (http.request.uri.path contains "/wp-json/funnelkit-automations/")

Next, for Choose Action, select “Skip” 

For WAF components to skip check the following options

  • All remaining custom rules
  • All rate limiting rules
  • All manadod rules.
  • All Super Bot Fight Mode Rules
  • User Agent Blocking
  • Browser Integrity Check
  • Hotlink Protection
  • Security Level

You can keep the “Place at”  setting as it is. 

Make sure to hit Save.

Step 4: Configure Caching Rules

To set up Cache rules, navigate to Caching ⇒ Cache Rules and hit + Create Rule.

new rule for cache

Next, provide a name. 

For the Incoming Request Match, select the field URI Path and set the condition to contains. Then, create four alternative fields using the OR operator, and add the corresponding entry points.

Here are the endpoints

  • /wp-json/autonami-app/
  • /wp-json/woofunnels/
  • /wp-json/autonami/
  • /wp-json/funnelkit-automations/

You can also use the Expression preview shown below 

(http.request.uri.path contains "/wp-json/autonami-app/") or (http.request.uri.path contains "/wp-json/woofunnels/") or (http.request.uri.path contains "/wp-json/autonami/") or (http.request.uri.path contains "/wp-json/funnelkit-automations/")

Next, for Cache eligibility, select “Bypass Cache”

Finally hit Deploy. 

Additional Firewall Plugins

If you’re using other firewall plugins (e.g., Wordfence, Sucuri, Jetpack, etc.), similar whitelisting may be necessary to avoid the 403 errors. 

Each firewall plugin has its own method of whitelisting URLs, so consult their documentation. 

You may want to whitelist these specific FunnelKit Automations endpoints individually if full wildcard whitelisting isn’t desirable.

Exclude Pages from Caching

Some FunnelKit pages, like confirmation or subscribe pages, may require separate caching rules. 

For that, you need to exclude these pages from caching:

  • Create a separate Cloudflare Page Rule for specific URLs like https://example.com/subscribe-page/ and set Cache Level to No Cache.
  • Save the rule to ensure these pages remain uncached and always display the most up-to-date content.

Test your FunnelKit Automations endpoints after applying these changes to confirm they’re no longer blocked or cached by Cloudflare or firewall plugins.

Repeat similar steps for any additional firewall plugins by whitelisting specific endpoints.

Ready to Transform Your Store?
Join 38,315+ successful store owners who trust FunnelKit to power their businesses.
Conversion Optimized Checkout Pages
Increase Revenue with Smart Upsells
Capture Emails & Recover Abandoned Carts
Automate Winbacks & Repeat Sales
939+ 5 star reviews on WordPress.org
Transform your store to power your business with FunnelKit
🚀 Maximize Your Profit with FunnelKit – Highest Rated with 939+ 5-Star Reviews
Get Started