HashimAziz | Stripe Developers | Page 1

cunning cairnBOT Apr 4, 2023, 9:25 PM

#

thorn forge Apr 4, 2023, 9:36 PM

#

It sounds like the permissions on the file might be disallowing Stripe from accessing it. I, for example, cannot get to it via either a cURL command, nor by visiting that site.

I noticed that the URL has www.example.co.uk. Is that a URL that you own and do you have administrator privileges for it?

light osprey Apr 4, 2023, 9:38 PM

#

No, I replaced the URL with an example domain, I'll message you the error with the original domain.

thorn forge Apr 4, 2023, 9:42 PM

#

Alright, will circle back in a couple minutes

light osprey Apr 4, 2023, 9:43 PM

#

No problem

#

Sorry, that should have been Cloudflare, it's been a long day

thorn forge Apr 4, 2023, 9:54 PM

#

No worries! For what it's worth: me too.

So it looks like the file is correct and it's in the right location (presumably) based on the error you received. The error you're getting is 403 FORBIDDEN, so that leads me to believe that your server is blocking the request for one reason or another. A couple things to check:
(1) are you attempting to redirect from the URL you gave Stripe?
(2) have you confirmed that you have not disallowed any of the IP addresses that Stripe (https://stripe.com/docs/ips#webhook-notifications) and Apple (https://developer.apple.com/documentation/apple_pay_on_the_web/setting_up_your_server#3172426) use to access the file?

light osprey Apr 4, 2023, 10:09 PM

#

I have several domains but all of them redirect and resolve to the domain I'm attempting to verify. All IPs are permitted in either DO or Cloudflare, although I do have Cloudflare's Bot Fight Mode enabled as well as User Agent Blocking for a few user agents, and Web Application Firewall blocking bots with a high threat score. I can try disabling these although they are very specific and I doubt that Stripe's scrapers would be targeted by them.

thorn forge Apr 4, 2023, 10:10 PM

#

Cloudflare's Bot Fight Mode enabled as well
This could also be the culprit. Unfortunately, the way Apple makes the HTTP request to your server can look strange and some servers will incorrectly reject it or respond strangely.

#

Also, it might be worth dumping the network logs to see if a redirect happened, because if it did then the request will always fail.

light osprey Apr 4, 2023, 10:19 PM

#

Okay, it turns out it was a Cloudflare WAF rule that was blocking traffic from AWS. It was initially put in place to prevent scrapers, but I wasn't expecting Stripe/Apple to be using it.

#

I have now managed to verify the domain, thank you.

#

I'll try once again to get Apple Pay to show with the newly verified domain, and if I run into any more problems, I'll return here.

#

Thanks for your help and for confirming the email support was leading me down the wrong path.

thorn forge Apr 4, 2023, 10:26 PM

#

Amazing! Glad I could help

#HashimAziz