Cloudflare blocks API request's to custom React Application
Hi there !
We have custom built React application hosted on the same server as this website https://www.ispartnersllc.com/
That custom application is located in the iFrame of that website, the problem that we are facing is that API request’s aren’t reaching that Application, they are blocked by Cloudflare.
The backend server of that applications is https://compliancechecker.ispartnersllc.com:5000/
Any ideas on what should we do ? Thanks in advance 😊
I.S. Partners
IT Audit and Security Compliance Services - I.S. Partners
I.S. Partners helps small, medium and large businesses across the globe meet regulatory compliance requirements through IT audit and security compliance services. Learn More
11 Replies
Have you checked your WAF events in Cloudflare to see why they are being blocked?
We don't have that add-on on our account.
Every account gets WAF
?waf-logs
You can view the rule that caused a block or challenge page to be presented at https://dash.cloudflare.com/?to=/:account/:zone/security
you don't have managed rules, you still have the WAF as a whole though, just not all the features. For example under the "Custom Rules" tab there are custom rules you might have created to challenge people/bypass/etc
check under Security -> Events
I don't see an event regarding that issue 🤔
The thing is, my Backend server of that application is on the same server as the Website, even if the custom app is not placed inside original website, the request's to that backend server aren't comming in.
hmm that's different from being blocked
https://compliancechecker.ispartnersllc.com:5000/ that's meant to be your backend, proxied by Cloudflare?
Cloudflare only supports a few alternative ports other then 443, and 5000 isn't one of them: https://developers.cloudflare.com/fundamentals/reference/network-ports/Yup, I have the same backend application on another server and it works just fine 🙂
MAYBE THAT'S THE PROBLEM !
That's a very good point @Chaika
If your application doesn't absolutely need port 5000, you could use an Origin Rule in Cloudflare to overwrite the dest. port (so users connect on 443 and get connected to 5000 on your backend), or just change the port on the server itself
Yes ! I'll update you guys once I try this.
@Chaika I want to thank you, that was the problem to this ! Thanks for helping out 🥳