Webhook not receiving requests from specific production IP — works from test IP only

Need help
1

I’ve been troubleshooting a webhook issue for a while and have finally narrowed it down to what I believe is an IP-level blocking issue on ActivePieces’ end.

The setup:

  • I have a Catch Webhook trigger in my flow
  • My CRM (LawRuler) sends webhook POST requests when lead statuses change
  • Content-type is application/x-www-form-urlencoded

The problem:

  • When I click the TEST button in LawRuler, the request reaches ActivePieces perfectly and the flow runs
  • When a REAL production status change occurs, ActivePieces receives nothing — no run appears in history
  • LawRuler reports HTTP-Code: 0 on all real production triggers

What I’ve tried:

  • Adding /sync to the webhook URL
  • Creating brand new flows with fresh webhook URLs
  • Adding a Return Response step to immediately send 200 OK
  • Verified the payload format is identical between test and production

The smoking gun:
Using webhook.site I captured both request types and found the IPs are completely different:

  • TEST button fires from: 52.224.64.10 → ActivePieces receives it :white_check_mark:
  • REAL production triggers fire from: 172.191.37.167 → ActivePieces receives nothing :cross_mark:

Both requests use identical headers, same content-type (application/x-www-form-urlencoded), same user-agent (RestSharp/105.2.3.0), same payload structure. The ONLY difference is the source IP.

This strongly suggests that ActivePieces (or Cloudflare in front of it) is blocking or dropping requests from 172.191.37.167 while allowing requests from 52.224.64.10.

Has anyone experienced this before? Is there a way to whitelist a specific IP on ActivePieces cloud? Or is this something that needs to be investigated on the ActivePieces infrastructure side?

2

HTTP-Code: 0 usually means the connection itself is being refused or timed out before any HTTP response comes back. That points to Cloudflare dropping the request at the edge rather than ActivePieces rejecting it at the app level.

A few things worth checking:

First, try hitting the webhook URL directly from the production IP using curl. If you can SSH into whatever box LawRuler runs on (or a server on the same network), run something like curl -v -X POST https://your-webhook-url -H "Content-Type: application/x-www-form-urlencoded" -d "test=1". If you get a Cloudflare challenge page (403 with a captcha body) or a connection reset, that confirms it.

Second, 172.191.37.167 is an Azure IP. Cloudflare’s bot management sometimes flags requests from cloud provider IPs differently than requests from other ranges. The test button on LawRuler might route through a different Azure region or a non-flagged range, which would explain why it works.

If it is a Cloudflare block, you probably need to reach out to the ActivePieces team directly on this one since they control the Cloudflare config. There’s no user-facing IP whitelist in the cloud version. You could also try self-hosting as a workaround if you need this running ASAP, since you’d control the ingress rules yourself.