Customer asks
We have just gone live with section.io and we have noticed that we are getting a lot of failed transations in ur eway portal, which is our payments gateway. This frequency of this has greatly increased since we went live. Can you help?
This is typically caused by an incorrectly configured payment gateway. Most payment gateways by default detect the connecting IP address of the downstream browser and uses that IP address to assess whether it is fraudulent.
Once you have setup section.io or any other CDN service to sit in front of the payment gateway, the connecting IP address will always be from section.io. This may trigger some logic within the fraud detection, with the most common trap being rate limiting. As all your customers are now served over the section.io network, it will appear to the payment gate way that only a small number of section.io IP addresses are making lots of transaction requests, and it may chose to block some of these requests.
To solve this issue you will need to configure the payment gateway to look at the user’s IP address, not section.io’s IP address. To facilitate this, section.io sends the IP address of the user with every request that goes to the origin in the form of a custom header True-Client-IP
. For example:
True-Client-IP: 203.104.2.25
The payment gateway service should be able to be configured to examine this True-Client-IP
header instead of client IP
. section.io will also send an x-forwarded-for
header containing any intermediate IP addresses to the origin. For example:
x-forwarded-for: 203.104.2.25, 102.43.55.100, 63.45.198.252
You will notice that the left most value of this is the same value as True-Client-IP
.