API is returning 403-Forbidden on a large number of our requests..??

angelleye
Advisor
Advisor
Posted on
‎Jun-07-2022 02:09 AM

We are running AWS services to handle 3rd party onboarding for merchants into our PayPal for WooCommerce plugin.  

 

For some reason we are getting a bunch of 403-Forbidden replies from the API instead of proper responses.  We have tried assigning different dedicated IP addresses to our AWS configuration, but we're still having the same problem no matter what we try.

 

I have MTS ticket #10758076 open with more details, but have not had a reply there since 5/18.  If anybody here can help get some eyes on that ticket it would be greatly appreciated.  

 

Thanks!

Angell EYE - www.angelleye.com
PayPal Partner and Certified Developer - Kudos are Greatly Appreciated!
Login to Me Too
0 Kudos
Login to Reply or Kudo
5 REPLIES 5

PayPal_Olivia
Moderator
Moderator
‎Jun-09-2022 07:07 AM

Hi @angelleye,

 

Thanks for your post. Always great to see you around! Sorry that it's under unfortunate circumstances this time. The merchant tech side of things isn't my forte, but I asked someone to look into your ticket and my understanding is that the cause of the issue has been resolved at this point. Are you still experiencing the problem?

 

Olivia

 

If this post or any other was helpful, please enrich the Community by giving kudos to its author, accepting it as a solution, and/or coming back to assist others. Members make this Community great!
Login to Me Too
0 Kudos
Login to Reply or Kudo

angelleye
Advisor
Advisor
‎Jun-09-2022 01:11 PM

Hi @PayPal_Olivia ,

 

Thanks for helping get some eyes on that ticket.  We are still experiencing the problem, but we found a way to work-around it for now.  

 

The PayPal API endpoint is https://api-m.paypal.com.  This seems to be hosted by a Microsoft Azure cloud system, so it will resolve to a variety of IP addresses for different PayPal servers on this system.

 

What we have found is that if the domain resolves to 192.229.210.155 specifically, those are all being blocked.  If it resolves to any other IP address then it works fine.

 

To get around this, we updated our script to use one of the IP's we know works directly instead of using the api-m.paypal.com domain, effecitively filtering out the bad IP address.  Since we've done this we haven't seen any more failures, but this is not an ideal solution.

 

I do see a response in MTS today that they made an adjustment they're hoping will solve the problem.  I'm about to run some more tests to see if that IP is accepting our requests now.  I'll update accordingly.

 

Thanks again!

Angell EYE - www.angelleye.com
PayPal Partner and Certified Developer - Kudos are Greatly Appreciated!
Login to Me Too
0 Kudos
Login to Reply or Kudo

angelleye
Advisor
Advisor
‎Jun-10-2022 08:44 AM

Just providing an update here.  It turns out there was an issue on PayPal's side that the MTS team has now resolved.  

 

They said there was a firewall rule that was blocking us, so I'm hoping for some more details about what that rule was, why we were the only ones being blocked...or were we..??

 

As of now the crisis is averted, but I'll update again as I get more info just in case somebody searches for this sort of thing in the future.

Angell EYE - www.angelleye.com
PayPal Partner and Certified Developer - Kudos are Greatly Appreciated!
Login to Me Too
0 Kudos
Login to Reply or Kudo

PayPal_Olivia
Moderator
Moderator
‎Jun-10-2022 08:50 AM

Hi @angelleye,

 

Thank you for the updates! You're always looking out for others and that's very appreciated!

 

Olivia

 

If this post or any other was helpful, please enrich the Community by giving kudos to its author, accepting it as a solution, and/or coming back to assist others. Members make this Community great!
Login to Me Too
0 Kudos
Login to Reply or Kudo

rapsuk
Contributor
Contributor
‎Aug-15-2022 12:44 AM

This error indicates that the server has determined that you are not allowed access to the thing you've requested, either on purpose or due to a misconfiguration . It's probably because the site owner has limited access to it and you don't have permission to view it. The vast majority of the time, there's not much you can do to fix things on your (*client) end. There are four common causes for 403 Forbidden error (server side) . Here they are listed from most likely to least likely:

 

  • An empty website directory
  • No index page
  • Incorrect settings in the .htaccess file
  • Permission / Ownership error

 

If authentication credentials were provided in the request, the server considers them insufficient to grant access. The client SHOULD NOT automatically repeat the request with the same credentials. The client MAY repeat the request with new or different credentials. However, a request might be forbidden for reasons unrelated to the credentials.

 

Login to Me Too
0 Kudos
Login to Reply or Kudo

Haven't Found your Answer?

It happens. Hit the "Login to Ask the community" button to create a question for the PayPal community.