HI Sean, 

WHat are the steps to whitelist square on CloudFlare (WP site hosted by BlueHost using Woo commerce)? Thanks.Laura

Hi Sean,

Thank you for the information!  Can you please verify if it is still current?  Also, I am no sure if you can help with this, but what do you recommened for whitelisiting rules to allow for the necessary iOS updates/paches.  Any help would be grealy appreciated!

Hello @earodriquez, Helen here stepping in for Sean - the URLs shared in this thread are still correct.

As for your second quesiton you might want to ask your organization's IT department or network specialist. Are you having trouble updating the app?

This reply was created from merging an existing thread: “Firewall blocking some square image servers.”

Check out Sean's Best Answer above @ReedArt-Imaging. If you need more information let me know!

I believe the OP of the thread this was moved to was asking about whitlisting for the POS software.  My concerne is with the image servers for your client's websites.  Their sites load, but the image servers are sometimes blocked and our firewall logs show that those servers have a low trust reputation score. Hence the need to whitelist them.

Hi @ReedArt-Imaging

Are you simply running into images on your website appearing as broken/not loading?

If so, was this happening for multiple customers, and do your images load for you when you visit your website yourself? 

Hello @EJ_ . Thank you for your response. 

We are fine-art printmakers and don't personally have a Square website.  The issue arises when attempting to visit the sites of several of our customers and occaisional prospects who use Square for their websites.

Thanks for clarifying @ReedArt-Imaging

It sounds like this might be a web browser issue. The following tips usually help with this, so let me know if any of them do the trick for you: 

• Make sure your browser is up to date. If you’re using Internet Explorer, please note that the minimum requirement is Internet Explorer 11. Versions before this may cause you to see errors on our website.
• Clear the cache on your browser. Access the Help menu of your browser to locate step-by-step instructions.
• Switch to a supported browser, like Google Chrome.

That is what I thought at first and I attempted cache clearing as well as fresh browser installs i.e. chrome installed on a machine that never had chrome on it. 

Two things:

• Repeatable on all machines in our network regardless of browser or OS
• Firewall logs show the denials. 

We can quickly put this to bed if I can get either a list of image servers by FQDN or a list of the ip address blocks to whitelist.

Thanks for clarifying @ReedArt-Imaging

Reach out to our Support Team directly with screenshots and we'll get you in contact with the right team to get this resolved for you. 

I will reach out directly to support with this, but I want to post this here for completeness.  The issue as it turns out is not related to our firewall at all. It has to do with CORS protocols on the squarespace servers and https not being forced on domain calls. CORS requires cross-domain scripts to be served via https and squarespace apparently does not canonical domain calls to force https.  Soooooo if a domain name is entered into an adress bar without specifying https, a non-scure version of the client site is served and CORS blocks the scripts required to feed images to the user's browser. 

As mentioned, I will contact the support team directly with this.  Thanks for eveyrone's time

Thanks for updating us @ReedArt-Imaging!

We too are having similar problems making firewall rules for our Square POS. We went through whitelisting about a dozen domains and it kept getting blocked at another. The application would not launch until we left it fully open. It would be nice to have a list of ALL FQDN necessary for Square POS to run. We added rules for *.squareup.com and it kept hanging trying to hit google and AWS etc and we gave up.