Too many request with an invalid API key - temporarily banned.

Hi,

I was changing the API key with a new one on our website. All was working correctly then suddenly it stopped.

Now it seems like the server ip has been banned.

We enforced an API change as we had a staff member leave, but now it's super hard to debug where/what is happening (plus, the website had to be taken down)

Please add the referrer URL that caused the ban in the XML error message, because now not only we have no idea when we'll be back online (i tried resetting the ip but to no avail. What is the ban duration? Any way for me to remove it from our administration area?) and debugging what caused it is a nightmare (all scripts have been reuploaded, but maybe something was left behind).

Thank you!

Going forward: make all requests from a single machine (or set of machines). Don't scatter scripts across multiple machines.

Also, the proper way to roll-out an API change is to create a new user, switch to that API key in your backend. Make sure that rollout is complete and no other backend components are using the "old" API key, then remove the old API key.

As far as "resetting" the temporary ban (typically only a few hours to begin with), shoot us an email giving us all the necessary details (API key in question, all IPs that have been banned, etc.).

Reply
Discard post