By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

API Gateway REST API endpoint response 403 error

0

I have created an API Gateway REST API endpoint that connects to a website utilizing Cloudflare services. Up until about two months ago, everything was functioning correctly when I made requests to my API gateway. However, recently I have been encountering a 403 error, indicating that the target website has blocked AWS IP addresses. Interestingly, when I use API gateway testing tools to test my API, everything works as expected.

I am seeking assistance with this issue, as the testing tools indicate proper functionality, yet when I attempt to make a request, I receive a 403 error. The response HTML includes the message "Enable JavaScript and cookies to continue." Any advice or guidance on resolving this discrepancy would be greatly appreciated.

Topics
ServerlessFront-End Web & MobileNetworking & Content Delivery
Tags
Amazon API GatewayAmazon CloudFront
Language
English
Sherwin
asked 24 days ago235 views
1 Answer
2
Accepted Answer

As you mentioned, when you send a request using local test tools, it goes through, but when you send a request from your laptop, you are getting 403 errors. This might be because Cloudflare has some firewall rules blocking your request. I suggest checking with their support to assist you with troubleshooting. You can enable API Gateway access logging to identify your request ID and public IP. You can also reach out to the AWS Support team for further assistance.

To address the issue you're encountering, here are a few steps and suggestions that might help resolve the discrepancy:

  • Check Cloudflare Firewall Rules: The target website may have Cloudflare firewall rules that block requests from certain IP ranges, including AWS IP addresses. Contact the website's administrator or Cloudflare support to review and adjust these firewall rules if necessary.

  • Enable API Gateway Access Logging: Enable logging in API Gateway to get detailed information about the requests being made. This can help identify specific issues such as the exact IP addresses being blocked.

  • Modify Request Headers: The message "Enable JavaScript and cookies to continue" suggests that the target website might be using Cloudflare's bot protection features, which can block requests that do not resemble those from a typical browser. Try modifying your request headers to mimic a real browser, including User-Agent, Accept, and other relevant headers.

  • Use a Proxy: Consider routing your API requests through a proxy server that is not blocked by Cloudflare. This can help bypass any IP-based restrictions.

  • Check for JavaScript and Cookies Requirement: Since the response mentions enabling JavaScript and cookies, it might be necessary to use a headless browser or a tool like Puppeteer to handle the request, which can process JavaScript and cookies.

  • Contact AWS Support: Reach out to AWS Support for assistance. They might provide additional insights or solutions for dealing with this issue.

  • Rate Limiting and CAPTCHA: Verify if the website has rate limiting or CAPTCHA challenges that are preventing your API requests. Implementing delays between requests or solving CAPTCHA challenges programmatically (if allowed) might be necessary.

profile pictureAWS
AWS-User-kaidin
answered 24 days ago
profile picture
EXPERT
Oleksii Bebych
reviewed 23 days ago
  • Sherwin
    23 days ago

    Your answer is great. I did some thing. I made a Lambda function and pass my request through this lambda function using fetch. I know it is not a good way as I have to use API gateway. However in this case I have no 403 Error and .... and it is work fine. I completely confuse what is going wrong.

  • Sherwin
    22 days ago

    I solved my problem with changing the user-agent headers. Thanks for your helps.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content