Skip to main content
Skip table of contents

Payrix Pro Web Application Firewall Guidelines

Worldpay for Platforms uses a Web Application Firewall (WAF) to protect its production and sandbox environments, including the Payrix Pro portal and API. There are specific guidelines that might impose limitations on the types of interactions permitted with the Payrix Pro platform due to the WAF. This guide provides important rules to consider when attempting to access the Payrix Pro platform and its resources.

General Security Rules

Worldpay for Platforms uses a comprehensive set of environment-specific rules to block any detected attacks that match known attack patterns published by reputable industry sources, including The Open Worldwide Application Security Project (OWASP). These rules evaluate requests for correlations with various attack patterns frequently employed by spammers, abusive bots, crawlers, and similar fraudsters.

Worldpay for Platforms might make WAF configuration changes to adapt to observed threats and coordinate any changes with Partners as needed. In certain situations, implementing a change might be essential to counteract a detected attack without prior coordination. If you or your users encounter any difficulties accessing the Payrix Pro platform and suspect it might be related to a WAF issue, contact Payrix Pro Support.

Office of Foreign Assets Control Rules

The Office of Foreign Assets Control (OFAC) maintains a list of countries with various administered sanctions programs. Worldpay for Platforms maintains country-wide IP address blocks for these countries to prevent any activity on the platform. The table below lists the countries currently sanctioned by OFAC and blocked by the Payrix Pro platform:

Country

Two-digit ISO Code

Three-digit ISO Code

Belarus

BY

BLR

Burundi

BI

BDI

Central African Republic

CF

CAF

Cuba

CU

CUB

Democratic Republic of the Congo

CD

COD

Iran

IR

IRN

Iraq

IQ

IRQ

North Korea

KP

PRK

Lebanon

LB

LBN

Libya

LY

LBY

Mali

ML

MLI

Myanmar (Burma)

MM

MMR

Nicaragua

NI

NIC

Republic of the Congo

CG

CDG

Russia

RU

RUS

Somalia

SO

SOM

Sudan

SD

SDN

Syria

SY

SYR

Ukraine

UA

UKR

Venezuela

VE

VEN

Yemen

YE

YEM

Zimbabwe

ZW

ZWE

Rate Limiting

Worldpay for Platforms enforces specific rate-limiting rules designed to protect certain pages and maintain optimal performance of the API server. See the established rate-limiting rules below:

Impacted Page

Request Threshold

Period

Block

portal.payrix.com

10 requests

10 seconds

30 minutes

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.