Troubleshooting Guide

This guide covers common issues you may encounter with WebDecoy and how to resolve them.

Domain Verification Issues

Problem: DNS Record Not Found

Symptoms:

Domain verification fails
“DNS record not found” error
Status remains “Pending Verification”

Causes:

DNS changes not propagated yet
Incorrect record type (A vs CNAME)
Typo in record value
Wrong DNS provider zone

Solutions:

Wait for propagation
- DNS changes can take 5 minutes to 48 hours
- Most propagate within 15-30 minutes

Verify your DNS record

# Check A record
dig yourdomain.com A

# Check CNAME record
dig yourdomain.com CNAME

# Check with specific DNS server
dig @8.8.8.8 yourdomain.com A

Check for typos
- Verify IP address is exactly 3.130.2.51
- Verify CNAME target is correct
- Check subdomain name spelling
Use online tools
- whatsmydns.net - Global DNS propagation
- dnschecker.org - Multi-location check

Problem: Wrong Record Type

Symptoms:

Verification passes but SSL fails
Unexpected behavior with domain

Solutions:

Confirm record type matches WebDecoy configuration
A record: Should point to IP address
CNAME record: Should point to domain name
Delete old record, create correct type

Problem: Cloudflare Proxy Interference

Symptoms:

SSL certificate won’t provision
ACME challenge fails
“Connection refused” errors

Cause: Cloudflare proxy (orange cloud) interferes with Let’s Encrypt.

Solution:

Go to Cloudflare DNS settings
Find your domain record
Click the orange cloud to make it grey (DNS only)
Wait for propagation
Retry SSL verification

SSL Certificate Issues

Problem: SSL Certificate Not Issuing

Symptoms:

Certificate request fails
SSL status stuck on “Pending”

Solutions:

Verify domain is verified first
- Domain must pass DNS verification before SSL
- Check domain status shows “Verified”
Check domain is reachable
- WebDecoy must be able to reach your domain
- Ensure Cloudflare proxy is disabled (grey cloud)
Wait and retry
- Certificate issuance typically takes 1-5 minutes
- Try clicking “Setup SSL” again
Check Let’s Encrypt rate limits
- 5 certificates per domain per week
- Wait if rate limited

Problem: Certificate Expired

Symptoms:

Browser shows security warning
“Certificate expired” in SSL status

Solutions:

Trigger renewal
- Go to Settings → Domains
- Click “Renew SSL” on the domain
Check automatic renewal
- Renewals happen 30 days before expiry
- If auto-renewal failed, try manual renewal

No Detections Appearing

Problem: Decoys Not Recording Detections

Symptoms:

Decoys created but no detections
Zero click count
Detection list is empty

Causes and Solutions:

Decoy not deployed
- Creating a decoy in WebDecoy is only half the setup
- You must add a link to the decoy on your website
- See Deploying Decoy Links
Custom domain not verified
- Domain must be verified for decoys to work
- Check domain status in Settings → Domains
SSL not active
- HTTPS decoys require valid SSL
- Complete SSL certificate setup
Wrong property selected
- Detections are property-scoped
- Make sure you’re viewing the correct property
Test the decoy manually
- Open the decoy URL directly in browser
- Should create a detection (from your IP)

Problem: Bot Scanner Not Recording

Symptoms:

Bot scanner created and snippet installed
No detections from bot_scanner source

Solutions:

Verify snippet is loaded
- Open browser Developer Tools (F12)
- Network tab: Look for scanner.js request
- Console: Check for errors
Check scanner is enabled
- Go to Bot Scanners
- Verify toggle is ON
Clear cache
- Page cache may serve old content
- Clear browser cache
- Clear CDN/server cache
Test in incognito mode
- Browser extensions may interfere
- Test in incognito/private window

Integration Not Working

Problem: Cloudflare Integration Fails

Symptoms:

“Authentication failed” error
IPs not being blocked
Rules not creating

Solutions:

Verify API token
- Token may be expired or revoked
- Create new token with required permissions:
  - Zone > Firewall Services > Edit
  - Zone > Zone Settings > Read
  - Zone > Zone > Read
Check zone ID
- Zone ID must match your domain
- Find in Cloudflare Dashboard > Overview (right sidebar)
Verify account permissions
- Your Cloudflare account must have access to the zone
- Check account membership

Problem: Webhook Not Receiving Events

Symptoms:

Webhook created but not firing
Test webhook fails
No requests to your endpoint

Solutions:

Verify endpoint is reachable
- Must be HTTPS
- Must return 200 OK
- No authentication blocking the request
Check firewall/security
- Allow requests from WebDecoy IPs
- Check WAF not blocking
Verify URL is correct
- No typos in endpoint URL
- Include full path

Test endpoint manually

curl -X POST https://your-endpoint.com/webhook \
  -H "Content-Type: application/json" \
  -d '{"test": true}'

Problem: Slack Messages Not Arriving

Symptoms:

Slack integration configured
No messages in channel

Solutions:

Test the integration
- Use “Test” button in WebDecoy
- Check if test message arrives
Verify webhook URL
- Slack webhook URLs expire if unused
- Create new webhook in Slack
Check Slack channel settings
- Channel may restrict app messages
- Verify webhook has permission

WordPress Plugin Issues

Problem: API Status “Inactive”

Symptoms:

Plugin shows “API Status: Inactive”
Red indicator on settings page

Solutions:

Verify API key
- Check key is complete (no truncation)
- Regenerate key if unsure
Check server connectivity
- Server may block outbound connections
- Test:
  Terminal window
```
curl https://api.webdecoy.com/health
```
Check for hosting restrictions
- Some hosts block external API calls
- Contact hosting support

Problem: Scanner Not Loading

Symptoms:

JavaScript console shows errors
Scanner.js not loading
No client-side detections

Solutions:

Check for JavaScript errors
- Open browser console (F12)
- Look for errors related to webdecoy
Check caching plugins
- Exclude scanner.js from minification
- Exclude from cache
Check security plugins
- Some security plugins block inline scripts
- Whitelist WebDecoy scripts

Problem: Too Many False Positives

Symptoms:

Legitimate users being blocked
High detection volume from normal traffic

Solutions:

Lower sensitivity
- Settings → Detection → Sensitivity
- Try “Low” or “Medium”
Increase block threshold
- Raise minimum score to block (try 80-85)
Add bots to allowlist
- Settings → Good Bots
- Add legitimate bot user agents
Temporarily switch to “Log Only”
- Observe detections without blocking
- Tune settings, then re-enable blocking

General Troubleshooting Steps

Check System Status

Visit status.webdecoy.com for service status
Check for ongoing incidents or maintenance

Clear Caches

Browser cache
CDN cache (Cloudflare, etc.)
WordPress cache plugins
Server-side cache

Check Browser Console

Open Developer Tools (F12)
Go to Console tab
Look for error messages
Screenshot errors for support

Enable Debug Logging

WordPress:

define('WEBDECOY_DEBUG', true);
define('WP_DEBUG', true);
define('WP_DEBUG_LOG', true);

Check /wp-content/debug.log for entries.

Contact Support

If issues persist:

Gather:
- Error messages
- Screenshots
- Debug logs
- Steps to reproduce
Email: support@webdecoy.com