Cloudflare is blocking API calls from NextJS build script

bledar · June 2, 2023, 10:12am

Hello,
I have a NexJs application (https://theboat-db.netlify.app/) that has a lot of statically generated pages (300+). When those pages are generated, they need to call some API to get page data. Since my API is protected by Cloudflare sometime those API requests get blocked by WAF since they are bot requests (NextJS build script).
Allowlisting the IP of the bot (NextJS CI/CD server) is not possible since I am using Netlify and this IP changes all the time.

Is there any recommended way to fix this problem?
Can I get the dynamic IP on the build time so I can add this IP to whitelist of Cloudflare with API?

Thanks

SamO · June 2, 2023, 7:30pm

Hi @bledar thanks for reaching out and welcome to the forums!

Since Netlify is a CDN which constantly keeps on adjusting traffic on different nodes, it’s not possible to provide a list of static IPs. There’s no static list of CDN servers, we keep adding and removing nodes many times, thus, any list we provide now would soon be outdated. I recommend trying to use VPNs or proxies which can provide you static IPs to access the site.

Hope this helps!