Yes, it means that it is on Patreon’s side of things.
What do I need to do?
As far as I recall the CloudFlare issue is known, and is because the entire Patreon website (which includes the Patreon API) is served from behind CloudFlare with the same anti-abuse settings, which are not suitable for a high-traffic API user. I believe this post was the last mention of it from a Patreon team member.
I recommend that you reach out to the Patreon team (email@example.com) and explain that you’re a high-value campaign and this is causing you significant issues and perhaps that’ll get the issue prioritised – they can determine exactly why you were blocked using the Ray ID. Alternatively, if Patreon can’t fix this for everybody, CloudFlare do provide the option to whitelist IP addresses, so your website’s IP address (
18.104.22.168) could be whitelisted to bypass the CloudFlare security system.
My understanding of the CloudFlare security service is that it can be triggered by breaching a rate limit or the content of your request. There’s a chance, albeit small, that some requests are failing because the data contains values that appear malicious, although more likely it’s that you’re hitting a rate limit and all requests fail until that limit resets. You could proxy requests through multiple servers to bypass any limits on IP address.
I recommend that next time you have reports of the issue that you log in to the server and make a request to the API endpoint to determine if you are rate limited.
$ curl https://api.patreon.com/campaigns
You would expect to see a response containing JSON if you’re not rate limited; if you receive an HTML body with a CloudFlare error then your IP is rate limited.
c/p’ing this in all relevant threads: API’s cloudflare settings were just readjusted by Patreon. Please check it out and see if you can reproduce the cloudflare-block.
There were changes made at CloudFlare to address this issue just today.
Please try to reproduce the issue and let us know if it occurs, or if you are not able to reproduce it at all. Any input is appreciated.