403 forbidden when calling http request of your external service

Hi,
I am trying to call my external service by IP from Cloudflare workers, but got

result  {"webSocket":null,"url":"http://IP:PORT/api/v1/source_definitions/list","redirected":false,"ok":false,"headers":{},"statusText":"Forbidden","status":403,"bodyUsed":false,"body":{"locked":false}}

executed code:

 const response = await fetch(new Request("http://IP:PORT/api/v1/source_definitions/list", {method: 'POST'}))
    console.log('result ', JSON.stringify(response))

My service is available, I can call it for example with curl, or postman.
Please give advice how to solve this problem?

Direct-IP access is currently not allowed in Cloudflare Workers for security reasons. You’ll have to create an A record pointing to the IP and use that when making requests.

2 Likes

Using the same IP address as in your Worker?

Yes. I will try to create a CNAME record.

Hi @albert,
Thanks for response.
At current time my service now available via domain name but with different port, not 443 - 8443.
Now, I am trying to call my service :
https://my-domain.xxx.com:8443/api/v1/source_definitions/list

But now I get error:

/api/v1/source_definitions/list\",\"redirected\":false,\"ok\":false,\"headers\":{},\"statusText\":\"Not Found\",\"status\":404,\"bodyUsed\":false,\"body\":{\"locked\":false}}"
      ],

What’s wrong do I do?

Another question will be how configure this DNS? I didn’t find page on Cloudflare dashboard

If your web server does Host header validation (as it should for security reasons), you need to make sure it accepts the name of your A record.

If Cloudflare is your primary DNS provider, you can create a record in the DNS tab of the Cloudflare dashboard.

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.