WHMCS pages do not work properly and IP address recorded is the IP of the WordPress installation

I've spent the whole weekend and some trying to get this to work and I'm getting frustrated already. Fix one issue another pops up. This plugin does not work out of the box.

So I've finally manage to get it not to get into an infinite redirect loop by reinstalling the whole WordPress installation of my website and restoring from backup using Snapshot Pro. It worked at restoring everything except many pictures and CSS. So I had to manually fix that. I gotta complain about that one because it took three reinstallations to figure out that wp_options import will cause me to be locked out as admin, and failure to import that table causes many missing css. It also failed to import and restore the media files so I had to upload it again. But I digress.

Then I installed the WHMCS WP Integration plugin again and got the whmcs-page/endpoint/ to work (previously before reinstalling the website everything I click goes on infinite loop according to apache logs, that's why I get an Error 500 Internal Server Error, and hence after many hours of debugging decided to start with a fresh WP install).

Now if I click on anything in whmcs-page/endpoint/cart.php it will show whmcs-page/endpoint/cart.php?gid=8 etc but it doesn't really show that. It shows the default option of cart.php as defined in WHMCS. The IP address logged for security also shows the IP address of the WordPress installation and not the visitor IP.

Logging in is possible, but again, whmcs-page/endpoint/clientarea.php only shows the default after logging in no matter what you click.

I am using the template Six for WHMCS frontend and template Boxes for the cart. Changing the cart template does not seem to resolve the issue.

I am at my wits end here, and would appreciate help. I can't work on this anymore because I have to work on something else and this has taken too many hours for me.

Help, please.


Addendum: my site uses SSL, it also uses MaxCDN and CloudFlare. It's a WordPress installation on a cPanel account with its own dedicated IP. I run, maintain and pay for this server so have all access if you need me to hunt for some logs. The CloudFlare plugin is installed and active on the site. The WHMCS installation is on a separate server which I also run, maintain and pay for, and it also uses the same wildcard SSL and is on CloudFlare. mod_cloudflare has been installed on the apache on that server to restore true-visitor IP.