Hello everyone, I am working on a Magento 2 site for a client. We recently had an issue with spam accounts flooding the /customer endpoints, so we enabled an IP-based region blocking plugin to stop people from a certain area from registering accounts. This plugin has since been removed from the staging site, but is still enabled on the live site.
Ever since this happened, we have been unable to upload data files. Even using Magento’s sample files returns a 403 forbidden error in the dev tools, but the page content never changes or redirects to anything. We attempt to upload any file, and the request returns a 403 error and then that’s it. No errors in any Magento logs, nothing else to go off of other than the dev tools request response. Even after removing the previously mentioned plugin from the staging site, the issue persists there as well.
The only exception to this is if we remove most of the product data and only attempt to upload ONE individual product sku. This isn’t useful to us as there’s no way to turn this into a workaround, but it might be contextually important to someone who knows more than me.
Admin privileges are correct to allow for data uploads, file and folder permissions are set correctly, and we are hosting through AWS. We’ve uploaded hundreds of data files up until a month ago, when this started seemingly out of the blue.
Any insights or suggestions? Thanks in advance.
submitted by /u/khalkhalash
[link] [comments]