Jump to content

Can't use REST API or / GraphQL - no response after uploading .htaccess file

Recommended Posts

Downloaded the htaccess file, uploaded it to /api folder and renamed it .htaccess - logging into my ACP and hit continue = nada!

Loging out 

...cleaning cookies, browser cache and disable cloudflare. 

Loging in and clearing system caches

Changed the premissions on the API .htaccess file from 644 to 775 - hitting Continue = nothing

Disable root .htaccess and push Continue = nope!

Cheking init.php and the API settings showing me the obvious  'NEXUS_LKEY_API_DISABLE'  => TRUE, 

Manually edit from TRUE to FALSE 

// Commerce license key API settings
                // See https://remoteservices.invisionpower.com/docs/licenseapi
                'NEXUS_LKEY_API_DISABLE'                => FALSE,    
                'NEXUS_LKEY_API_CHECK_IP'                => TRUE,    

I did got the API menu (forgot to screenshot it) and could brows the tabs but as soon as I hit Continue it went back to the "default" screen as seen below.


Could contain: File, Webpage, Page, Text


Link to comment
Share on other sites

2 hours ago, Cyberg Studio AS said:

As far as I can see, those two mod's are enabled over at my hostingprovider - I have sendt them an suport ticket too just to clarify this.



I got a reply from the folks at Namecheap. 



Thank you for replying.

According to our check, both mod_setenvif and mod_rewrite are installed and active on the server in question.

To ensure the proper quality of the investigation, we will need to trigger the error (or the absence of certain elements on a page that should be enabled by the functionality that should be implemented).

For us to do that, please describe the actions it takes to see the consequences of unfunctional modules you try to implement in a list format.

If any login procedures and/or credentials are involved in the process, please share the information.......

...I wish there was an GRTFM option to this. 

Link to comment
Share on other sites

Jim M
This post was recognized by Jim M!

"Thanks for following up with what you found!"

Cyberg Studio AS was awarded the badge 'Helpful' and 3 points.


I have found the problem and solved it. 

It was a feature in CloudFlare that apparently conflicted with the API-call settings -- "Super Bot Fight Mode" was enabled and set to: Definitely automated (definitely automated traffic typically consists of bad bots) 

Selected action for this traffic was set to BLOCK. (mistakingly) blocking the access to /api MENU page.

NB!!!  In case you get any of these support requests in the future.

- WAF rules do not override the settings of the Bot Fight Mode, so if you whitelist i.e. Hosting IP or URL/FULL URL it still get's blocked. 

- This feature does not get disabled when "Pause Cloudflare on Site" under Advanced Settings is enabled either.

Could contain: File, Page, Text, Webpage

Link to comment
Share on other sites

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...