Getting 403 from CloudFront WAF

[krazkidd]

It seems the API services are hosted on CloudFront because today I am getting a 403 with a text/html response rather than the expected application/json response. CloudFront is mentioned in the response body.

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML><HEAD><META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<TITLE>ERROR: The request could not be satisfied</TITLE>
</HEAD><BODY>
<H1>403 ERROR</H1>
<H2>The request could not be satisfied.</H2>
<HR noshade size="1px">
Request blocked.
We can't connect to the server for this app or website at this time. There might be too much traffic or a configuration error. Try again later, or contact the app or website owner.
<BR clear="all">
If you provide content to customers through CloudFront, you can find steps to troubleshoot and help prevent this error by reviewing the CloudFront documentation.
<BR clear="all">
<HR noshade size="1px">
<PRE>
Generated by cloudfront (CloudFront)
Request ID: 69qECI1MEwrGCiPCkj_oWQUbxRDNjKG2WBW0A50GNG715O7HvYwFlA==
</PRE>
<ADDRESS>
</ADDRESS>
</BODY></HTML>

Debug builds were working as of yesterday and my test REST client (Thunder Client) is not reproducing the issue. This suggests some WAF rule has identified my app for abuse and is blocking requests.

[krazkidd]

I am still looking into this issue. My first reaction is that maybe we should add some kind of agent signature. That should help CloudFront distinguish from other traffic.

[krazkidd]

I was able to get the login working again by adding a User-Agent header, as expected. However, some other calls are still failing (e.g. GetPositions), I believe due to supplying GET request parameters as JSON rather than query params. This was working before but now these requests are getting the same 304 HTML response. A quick refactor will fix this but I'm creating a branch now.