Get started
Customization
Troubleshooting
- Embedded checkouts in WooCommerce
- Checkout blocks in WooCommerce
- Error codes
- Compatible plugins and themes
- Known compatibility issues
- Files to exclude from optimization
- Shipping Methods in iframe
- FAQ
- Optimizing your checkout when using an Iframe-based checkout
- Callbacks
- Troubleshooting the checkout flow
- Troubleshooting the Pay for order/Hosted Payment Page flow
- Troubleshooting WooCommerce Subscriptions and KCO
- Kustom Developer logs
- Pending payment orders and held stock
Additional related plugins
Callbacks
As Klarna Checkout transitions to Kustom Checkout, please note that parts of this documentation are still being updated. You may come across references to Klarna, outdated screenshots, or broken links.
We’re working continuously to revise all content, and we appreciate your patience during this process.
After the order has been placed in WooCommerce and with Kustom, there are a number of http requests back and forth to keep WooCommerce and Kustom in sync. It’s important that these requests can be executed without being blocked, otherwise the customer will not be able to create an order in WooCommerce.
This article specifically addresses measures regarding Kustom Checkout. For a general overview of what you might need to do to prevent callback issues, please see this Krokedil general support info: Callbacks article.
Be aware of firewalls and security plugins
If you have a firewall solution or a security plugin installed those could block access to the WC-API endpoints and by that making the callbacks to fail. If you are using Cloudflare CDN and their WAF Firewall (or other WAF/CDN too like Sucuri or similar server hosting firewalls) you need to create a specific Page Rule to whitelist the API-calls that is needed for the Kustom plugin to work properly.
We recommend (if possible) to whitelist:
https://domain.topdomain/wc-api/*
But if you want to specify what URLs to whitelist you can use these:
https://domain.topdomain/wc-api/KCO_WC_Push/*
https://domain.topdomain/wc-api/KCO_WC_Notification/*
https://domain.topdomain/wc-api/KCO_WC_Shipping_Option_Update/*
https://domain.topdomain/wc-api/KCO_WC_Validation/*
ModSecurity firewall blocking push notifications from Kustom
Unacknowledged orders in the Kustom Merchant Portal showing 403 errors from the Klarna Order Management API when looking in the Kustom Portal logs.
The order in WooCommerce are in Pending Payment status and have the note payment has not been finalized with Kustom.
This is triggered by a rule in the web hosting servers WAF (Web Application Firewall) called ModSecurity as Kustom does not send a regular User-agent (they send APIs-Kustom) when calling this request URL, which triggers the rule 211180 Comodo WAF Litespeed.
COMODO WAF: Session Fixation: SessionID Parameter Name with No Referer
request_path:
https://yourdomain.com/wc-api/KCO_WC_Push/?kco-action=push&kco_wc_order_id=THE-ORDER-ID&kco_session_id=THE-SESSION-ID
Important: If the Kustom push notification callback has been used, it indicates that the NORMAL checkout flow have had some problems. This callback is only there as a backup function if something goes wrong.
Investigate why the order has deviated from the regular checkout flow.
Solution:
Disable the rule 211180 temporary and then get in touch with Kustom Merchant support so they are aware of this issue.
Please note that this is one solution to a problem reported by a merchant to our support team. There may be other similar problems and/or solutions as well.
Retrieve more info in Kustom Merchant Portal
To troubleshoot this you have the possibility to look closer in the logs that are available in your Kustom Merchant Portal. Here is a screenshot displaying the response from a validation callback, where the request is blocked (with a 503 HTTP response) by the security plugin Wordfence:
Another common response header if the request is being blocked by a security/firewall application is 403 (forbidden). See a list of http status codes here.