Getting 403 forbidden from the API for all requests

[patfair]

Hi,

I have a scouting app running on EC2 with the public IP 35.90.30.167. I am finding that all requests to the Statbotics API are resulting in a 403 response:

$ curl -v https://api.statbotics.io/v3/
*   Trying 216.239.34.21:443...
* Connected to api.statbotics.io (216.239.34.21) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: /etc/ssl/certs
* TLSv1.0 (OUT), TLS header, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS header, Finished (20):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.2 (OUT), TLS header, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use h2
* Server certificate:
*  subject: CN=api.statbotics.io
*  start date: Jan 18 01:53:13 2024 GMT
*  expire date: Apr 17 01:53:12 2024 GMT
*  subjectAltName: host "api.statbotics.io" matched cert's "api.statbotics.io"
*  issuer: C=US; O=Let's Encrypt; CN=R3
*  SSL certificate verify ok.
* Using HTTP2, server supports multiplexing
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* Using Stream ID: 1 (easy handle 0x563d02375e90)
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
> GET /v3/ HTTP/2
> Host: api.statbotics.io
> user-agent: curl/7.81.0
> accept: */*
>
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
< HTTP/2 403
< content-length: 235
< content-type: text/html; charset=UTF-8
< date: Thu, 07 Mar 2024 04:01:15 GMT
<
* TLSv1.2 (IN), TLS header, Supplemental data (23):

<html><head>
<meta http-equiv="content-type" content="text/html;charset=utf-8">
<title>403 Forbidden</title>
</head>
<body text=#000000 bgcolor=#ffffff>
<h1>Error: Forbidden</h1>
<h2>Access is forbidden.</h2>
<h2></h2>
</body></html>
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* Connection #0 to host api.statbotics.io left intact

However, the same request works from pretty much any other computer that I try. Has this IP address been banned or something? I don't think our usage was particularly heavy.

Thanks,

- Pat from Team 254

[avgupta456]

Hi, I did ban that IP address due to a ton of requests during the offseason. Based on the requests, people hypothesized someone was trying to scout the Mukwonago off-season event. Would it be difficult to connect from a different IP address? Otherwise I can look into other ways to disable that particular scouting app.

[patfair]

Hmm, weird. I think our EC2 instance has had that IP address since January 2023, but our scouting app only calls team_events and never team_year.

I will check how easily we can swap out the IP address.

[patfair]

Okay, I've changed our IP address and it's working now.