403 error: Cloudflare’s bot protection is blocking requests from Adalo to supabase

What is the name of the domain?

What is the error number?

403

What is the error message?

Attention Required! | Cloudflare

What is the issue you’re encountering

I’m encountering a 403 error due to Cloudflare’s bot protection, which is blocking requests to my Supabase Edge Function endpoint. This issue primarily arises when attempting to integrate the Edge Function with Adalo using custom actions

What steps have you taken to resolve the issue?

Verified Edge Function works correctly via direct curl requests and Postman (both successful).
Adjusted headers in Adalo to mimic a browser request, including adding User-Agent.
Tried accessing the Edge Function URL from various IPs and VPN locations.
Attempted to clear Cloudflare’s cache.
Tested using Adalo’s Custom Action feature with additional parameters in the URL.

Was the site working with SSL prior to adding it to Cloudflare?

No

What is the current SSL/TLS setting?

Off

What are the steps to reproduce the issue?

Attempt to access the Edge Function endpoint from Adalo’s Custom Action feature.
The endpoint returns a Cloudflare block page with a 403 error.
Direct requests from Postman and curl do not trigger this block.

Screenshot of the error

The particular event was logged and is available to you by checking the Security tab → Events for your zone at Cloudflare dashboard, or via the link https://dash.cloudflare.com/?to=/:account/:zone/security/events.

  1. Click on the particular Event to find more details about it e.g. IP address, user-agent, etc.
  2. Allowlist the IP address which was blocked at Security tab → WAF → Tools and under the section “IP Access Rules” add the IP address with the action “allow” for your domain, or via link https://dash.cloudflare.com/?to=/:account/:zone/security/waf/tools/.
  3. Retry with the request again after few minutes and see if this works for your case.
1 Like

Bro, Thanks for the reply, but i havent even registered a domain in cloudflare, so these settings https://dash.cloudflare.com/?to=/:account/:zone/security/waf/tools/, you mentioned are not available and applicable for me, my issue is i want to integrate a supabase edge function to adalo frontend through custom actions in adalo, somehow cloudflares bot protection is interfering in the midddle and blocking the integraation and giving me a 403 error, previously i have deployed a cloudflare worker for the same function instead of supabase edge functions and integrated with the adalo front end without any issues like bot protection or anything. i dont know why this is happening when i am trying with supabase edge funcction, this cloudflare bot protection is interfering as i havent even refgistered a domain in cloudflare, so most of the settings you mentioned are not available for me.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.