When hosting API projects, you may encounter an unexpected issue where you receive an HTML page instead of the expected API response. This is often due to LiteSpeed Server's DDoS protection configuration, which is designed to safeguard our servers from malicious attacks.
To resolve this issue, the best thing to do is open a ticket.
We restrict all other user agents other than the mentioned below list.
axios
PostmanRuntime
Node.js
node-fetch
Mozilla
curl
Wget
Guzzle
python-requests
Go-http-client
AppleWebKitHowever, you can override the default DDoS protection settings by adding a simple configuration to your .htaccess file. Follow these steps:
- Log in to your Direct Admin and navigate to your website's root directory using the File Manager. Alternatively, you can use FTP or SSH to access your files.
- Create a new
.htaccessfile if it doesn't already exist. - Identify the API endpoint routes that are being blocked by the DDoS protection. Take note of the specific URL patterns or routes that your API uses.
- Append the following lines to your
.htaccessfile, replacing/api/with the actual API endpoint route you identified in step 3:
<IfModule LiteSpeed> RewriteEngine On RewriteCond %{REQUEST_URI} ^/api/ [NC] RewriteRule .* - [E=verifycaptcha:off] </IfModule> - Save the changes to your
.htaccessfile. - Test your API endpoints by sending requests to verify that the captcha verification has been successfully disabled.
Need Help?
If you're unsure about setting up this configuration or need further assistance, don't hesitate to contact our Tech Support team. We're here to help you resolve any issues and ensure your API projects run smoothly.
