random 403 errors on workers outgoing fetch requests
We've been investigating a big issue on our platform for a few weeks. We're integrating with multiple accounting systems and sending a lot of data out to them. With our most popular integration
quickbooks
, we've been starting to receive a lot of 403 responses, seemingly randomly, since start of may.
Randomly means, we perform the request multiple times, 4x it fails with 403, then it just works with 200.
We've escalated the issue up to their internal tech team, but they assure us that our requests are not hitting their API. They've checked logs on multiple parts of their infrastructure.
This is how a response looks like. They say they don't use cloudflare services, so it must be our outbound request made from a cloudflare worker failing.
The server: https://quickbooks.api.intuit.com
Are we somehow hitting a limitation of cloudflare workers? Does someone have an advice on how we can further debug this? I've tried looking for the cf-ray in the security events with no avail. I'm pretty lost with this issue.1 Reply
It looks like CF DNS is on Amazon Route 53
we use these products
- WAF (disabled all rules now)
- sentry integration tail worker
- opentracing with baselime (added after the issue occured for better debugging)