search

trakt / api-help

Trakt API docs at https://trakt.docs.apiary.io
186 stars 7 forks source link

Cloudflare blocking calls to the API :( #478

Closed sconaty closed 1 month ago

sconaty commented 2 months ago

Earlier today calls to the API started being blocked by Cloudflare for my machine. The following GET...

...now results in Cloudflare returning a HTML page with the following message:

This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.

You can email the site owner to let them know you were blocked. Please include what you were doing when this page came up and the Cloudflare Ray ID found at the bottom of this page.

I haven't changed my code in months so I'm not sure why this has been triggered now. Any feedback you could provide would be appreciated. The referenced id is:

Thanks

rectifyer commented 2 months ago

What region are you accessing the API from? That URL works for me, so Cloudflare seems to be blocking your access based on some sort of threat detection.

sconaty commented 2 months ago

The call is being made from California, USA.

I'm sure the URL works generally for others and for some reason Cloudflare has taken umbrage to my calls :(. It is my understanding the Cloudflare Ray ID can be used to help determine why the request is being blocked, via the Cloudflare UI.

sconaty commented 2 months ago

Cloudflare now appears to be letting my requests through - which is great. So the issue is resolved.

If you have more information, based on the Cloudflare Ray ID: 8c5308a1ea1c072b it would be great. If at all possible I'd like to be able to avoid this in future, so any details would be fantastic. Thanks!

sconaty commented 2 months ago

Unfortunately, today the same API call is back to failing again, with a 403 response code. Cloudflare is interceding and mitigated these requests with the same response as before.

I have new Cloudflare Ray IDs for the failing calls. I picked one at random:

Could you please check the Cloudflare Security Events Activity Log to help determine why Cloudflare has decided to sporadically block my requests. Thanks.

ubsys commented 2 months ago

Hi! After running my app for over a year in the same region 'Brazil' and on the same PCs, it started returning this Cloudflare page instead of the classic JSON response. I tested the same call with the same headers on the same PC using 'Postman' and it worked perfectly. What could be causing this error?

ubsys commented 1 month ago

Hi! After running my app for over a year in the same region 'Brazil' and on the same PCs, it started returning this Cloudflare page instead of the classic JSON response. I tested the same call with the same headers on the same PC using 'Postman' and it worked perfectly. What could be causing this error?

Same code, same pc, etc. Starts work again now! ..??

sconaty commented 1 month ago

Mine has also started working today. So I will close the ticket again - but I do think it would be a good idea for someone, on the Trakt side, to check the Cloudflare Ray IDs. This problem is just going to happen again without more information - or an update to the Cloudflare configuration.

rectifyer commented 1 month ago

@sconaty Looks like Cloudflare blocked it since it detected your script as an AI bot. It appears to be a built in rule from what I can tell.

sconaty commented 1 month ago

Thanks for the detail @rectifyer. It is what I asked for, but now I have it I'm not sure what to do it :). For reference my application is written in Rust, uses the Restson crate to make calls - all hand rolled code (was a great way to learn Rust). No AI anywhere.

I do see CloudFlare has implemented logic to block AI web scrapers but I don't understand why that would block APIs rest calls.