We use the WordPress REST API (previously known as the WP API V2 plugin) which has been built into WP since 4.7. With the 4.7.1 upgrade or some other security enhancement around January 25-26, we get a "403 Forbidden, Request forbidden by administrative rules" error when accessing the API. Has something changed in WordPress or is the GoDaddy Firewall blocking requests to the API?
We were using the Basic Authentication module but I hot wired around that, changed the .htaccess back to the default, and yet still getting the 403 when I try to access the API endpoints (e.g. www.domain.com/wp-json/wp/v2/posts).
I have also since tested the API on another server hosted by a different ISP and I am able to access all functions on the WP REST API on WordPress 4.7.2.
It's either a GoDaddy problem or it is fixed by 4.7.2
Just tested the WP REST API on a WP 4.7.2 system on another ISP and no problems querying simple endpoints. Sounds like GoDaddy is blocking access to the API - kudos to them for providing protection against attacks but sometimes you have to dial it down!