laravel guzzle 403 forbidden

Question

i use guzzle to send datas to my api and i'm getting an exception. here is the code in my controller

public function Connecter(Request $request){
    $parametre =$request->all();
    $client = new Client();

    $r = $client->post('http://myapiurl.com/login',['body'=>$parametre]);



    $user = json_decode($r->getBody(),true);

     if ($user) {
        $sis = $user['user'];
        Session::put('id', $sis['id']);
        Session::put('nom', $sis['name']);
        Session::put('role', $sis['id_roles']);
        Session::put('email', $sis['email']);
        return redirect()->route('home');
    }else{
        return redirect()->back();
    }

}

and when i see the log, i found this

[2017-09-11 16:31:25] production.ERROR: GuzzleHttp\Exception\ClientException: Client error response [url] http://myapiurl.com/login [status code] 403 [reason phrase] Forbidden in /home/vol2_6/myserver.com/username/htdocs/laravel/vendor/guzzlehttp/guzzle/src/Exception/RequestException.php:89 Stack trace:

when i do

dd($r = $client->post('http://myapiurl.com/login',['body'=>$parametre]);
 );

i get 403 Forbidden

Answer 1

Just in case this helps anyone else. I landed on this question a few hours back as I've been getting '403 Forbidden' errors from an API on a staging site.

This problem has been driving me mad all day. It turns out the issue was caused by the staging site being previously restricted to only allow certain IP addresses. These were added to the Nginx config file, and I was very much not aware of this.

I very much am now.

Answer 2

If your API domain is using CloudFlare, try to change the "Security Level" setting to low or lower. You can find this under the Firewall settings section.

Be warned however that this will expose your site to potential security vulnerabilities.