An application running on a DO droplet is having trouble accessing the api of boldapps.
When accessing the endpoint, I do not succeed in reaching the API server. Instead, I get a Cloudflare html response.
This has been happening for more than a month.
It works every time on my dev server or from an EC2 instance I tested it on.
A minimally reproducible example is to run
curl --get “https://ro.boldapps.net/api/auth/third_party_token?shop=3tt-coffee.myshopify.com&handle=GrowthPath”
This should result in an error from the end point, as I have not provided the header with the API key.
For example, the response from my development machine is:
tim@ubuntu:~$ curl --get “https://ro.boldapps.net/api/auth/third_party_token?shop=3tt-coffee.myshopify.com&handle=GrowthPath”
{“message”:“Unauthorized”}tim@ubuntu:~$
This is the expected response.
I have an EC2 instance running in Jakarta:
same thing: the expected response.
curl --get “https://ro.boldapps.net/api/auth/third_party_token?shop=3tt-coffee.myshopify.com&handle=GrowthPath”
{“message”:“Unauthorized”}ubuntu@ip-172-31-32-211:~$
But on the DO droplet, the response is an HTML file.
Bold support says it is not their problem, and I think they are correct.
I do not know what could cause this error, as I do not know anything about Cloudflare.
root@thieves2-2vcpu-4gb-sgp1-01:~# curl --get “https://ro.boldapps.net/api/auth/third_party_token?shop=3tt-coffee.myshopify.com&handle=GrowthPath”
Just a moment... html, body {width: 100%; height: 100%; margin: 0; padding: 0;} body {background-color: #ffffff; color: #000000; font-family:-apple-system, system-ui, BlinkMacSystemFont, "Segoe UI", Roboto, Oxygen, Ubuntu, "Helvetica Neue",Arial, sans-serif; font-size: 16px; line-height: 1.7em;-webkit-font-smoothing: antialiased;} h1 { text-align: center; font-weight:700; margin: 16px 0; font-size: 32px; color:#000000; line-height: 1.25;} p {font-size: 20px; font-weight: 400; margin: 8px 0;} p, .attribution, {text-align: center;} #spinner {margin: 0 auto 30px auto; display: block;} .attribution {margin-top: 32px;} @keyframes fader { 0% {opacity: 0.2;} 50% {opacity: 1.0;} 100% {opacity: 0.2;} } @-webkit-keyframes fader { 0% {opacity: 0.2;} 50% {opacity: 1.0;} 100% {opacity: 0.2;} } #cf-bubbles > .bubbles { animation: fader 1.6s infinite;} #cf-bubbles > .bubbles:nth-child(2) { animation-delay: .2s;} #cf-bubbles > .bubbles:nth-child(3) { animation-delay: .4s;} .bubbles { background-color: #f58220; width:20px; height: 20px; margin:2px; border-radius:100%; display:inline-block; } a { color: #2c7cb0; text-decoration: none; -moz-transition: color 0.15s ease; -o-transition: color 0.15s ease; -webkit-transition: color 0.15s ease; transition: color 0.15s ease; } a:hover{color: #f4a15d} .attribution{font-size: 16px; line-height: 1.5;} .ray_id{display: block; margin-top: 8px;} #cf-wrapper #challenge-form { padding-top:25px; padding-bottom:25px; } #cf-hcaptcha-container { text-align:center;} #cf-hcaptcha-container iframe { display: inline-block;} <meta http-equiv="refresh" content="35">
Please turn JavaScript on and reload the page.
<div id="cf-bubbles">
<div class="bubbles"></div>
<div class="bubbles"></div>
<div class="bubbles"></div>
</div>
<h1><span data-translate="checking_browser">Checking your browser before accessing</span> ro.boldapps.net.</h1>
<div id="no-cookie-warning" class="cookie-warning" data-translate="turn_on_cookies" style="display:none">
<p data-translate="turn_on_cookies" style="color:#bd2426;">Please enable Cookies and reload the page.</p>
</div>
<p data-translate="process_is_automatic">This process is automatic. Your browser will redirect to your requested content shortly.</p>
<p data-translate="allow_5_secs" id="cf-spinner-allow-5-secs" >Please allow up to 5 seconds…</p>
<p data-translate="redirecting" id="cf-spinner-redirecting" style="display:none">Redirecting…</p>
<script type="text/javascript">
//<![CDATA[
(function(){
var a = document.getElementById('cf-content');
a.style.display = 'block';
var isIE = /(MSIE|Trident\/|Edge\/)/i.test(window.navigator.userAgent);
var trkjs = isIE ? new Image() : document.createElement('img');
trkjs.setAttribute("src", "/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=6d670201cea54b62");
trkjs.id = "trk_jschal_js";
trkjs.setAttribute("alt", "");
document.body.appendChild(trkjs);
var cpo=document.createElement('script');
cpo.type='text/javascript';
cpo.src="/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=6d670201cea54b62";
window._cf_chl_opt.cOgUQuery = location.search === '' && location.href.indexOf('?') !== -1 ? '?' : location.search;
window._cf_chl_opt.cOgUHash = location.hash === '' && location.href.indexOf('#') !== -1 ? '#' : location.hash;
if (window._cf_chl_opt.cUPMDTk && window.history && window.history.replaceState) {
var ogU = location.pathname + window._cf_chl_opt.cOgUQuery + window._cf_chl_opt.cOgUHash;
history.replaceState(null, null, "\/api\/auth\/third_party_token?shop=3tt-coffee.myshopify.com&handle=GrowthPath&__cf_chl_rt_tk=RERV2dS0K0NW1sDOERwbUbKiJ49g31bEib2Vnj6gUUo-1643674762-0-gaNycGzNBz0" + window._cf_chl_opt.cOgUHash);
cpo.onload = function() {
history.replaceState(null, null, ogU);
};
}
document.getElementsByTagName('head')[0].appendChild(cpo);
}());
//]]>
</script>
<div class="attribution">
DDoS protection by <a rel="noopener noreferrer" href="https://www.cloudflare.com/5xx-error-landing/" target="_blank">Cloudflare</a>
<br />
<span class="ray_id">Ray ID: <code>6d670201cea54b62</code></span>
</div>
</td>
</tr>