Nkn-sdk-js 403 failure https://mainnet-rpc-node-0001.nkn.org/mainnet/api/wallet

nknmaster · February 21, 2021, 9:17pm

https://mainnet-rpc-node-0001.nkn.org/mainnet/api/wallet
nkn-sdk-js API calls failure due to cloudflare asking for a Captcha

It is API calls not visible to my users so no way to ask them to enter a captcha . Probably thousands clients will fail on this without knowing why it fails.

Is there alternative endpoints I can use that don’t have those Cloudflare restrictions?

nkn-403

Mutsi · February 22, 2021, 9:41am

Are you sure this is not client side? Cloudflare should not be involved here for those end points as far as I’m aware, that would be the opposite of decentralisation.

nknmaster · February 22, 2021, 9:48pm

for me, mainnet-rpc-node-0001.nkn.org resolves to a Cloudflare IP

yilun · February 22, 2021, 11:52pm

mainnet-rpc-node-0001.nkn.org is using CF to provide https certificate. We don’t set up any security challenge on CF, it’s just the default CF security mechanism. Basically CF thinks your IP address might be an attacker, that’s why you are seeing this challenge.

This is very rare, we didn’t see any single challenge on all client side or our server side. What IP address are you using the sdk, is it a VPS IP?

Basically if you are calling this from client side, the CF challenge should never show up unless CF is having a false alarm. If you are calling this from server side, you should not need https at all, in which case you can use http://seed.nkn.org:30003 as seed node so CF is not involved. The (probably only) reason to use mainnet-rpc-node-0001.nkn.org is to prevent browser blocking in https context.

nknmaster · February 23, 2021, 2:16am

Hi
Well, if Cloudflare is to consider even 1% of my customers as “attacker” it means I will get 100 messages in my helpdesk every day telling me that my app is not reliable.
I need to call it client-side JS with 100% reliability

Tested IP is Tor Exit Node. I think your API should support Tor Exit Nodes.

Can I expect a fix short-term? It’s blocking dev for us.

Regards

yilun · February 23, 2021, 10:48pm

This should have been fixed now. Could you please try again and see if the problem persists?

nknmaster · February 24, 2021, 1:53am

Hi
problem still persists.

It still resolves to a CF IP, is it the desired behavior?

yilun · February 24, 2021, 3:47am

Yes, the IP should still be CF, but we have adjusted CF settings to turn off captcha on this domain.

nknmaster · February 24, 2021, 5:02am

It works now.

Did you find the solution or I’m temporarily lucky?

yilun · February 24, 2021, 6:48am

We changed the CF settings, so it should be a long term solution.

nknmaster · February 24, 2021, 6:54am

job well done brother