403 error, help

www.callahan.info, DNS records were changed on the host. Not sure what’s going on

This error is coming from the origin server. You should check the error logs there to see what is causing this error.

got you, do these look correct to you?

here are the name servers I was told to assign

going out on a limb here but the only thing that may interfere with this, I believe, is the ssl

Your origin answers HTTP with 403 forbidden. HTTPS is giving an SSL error.

Accessing via Cloudflare gives the 403 response for both HTTP and HTTPS so you will need to change your SSL/TLS settings to Full (strict) to ensure a secure connection to your origin (it will be currently set to Flexible).

But you need to fix the 2 issues at your origin to get that working.

curl -I -H "host: www.callahan.info"
HTTP/1.1 403 Forbidden
Content-Type: text/html
Connection: keep-alive
Keep-Alive: timeout=15
Date: Sun, 26 Nov 2023 12:05:54 GMT
curl -Ivv -H "host: www.callahan.info"
*   Trying
* Connected to ( port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: /etc/ssl/certs
* TLSv1.0 (OUT), TLS header, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS header, Unknown (21):
* TLSv1.3 (IN), TLS alert, internal error (592):
* error:0A000438:SSL routines::tlsv1 alert internal error
* Closing connection 0

TY both of you for helping. you really have done a lot. @sjr Ya, I have simply given it to the techs at ionos, dont feel like dealing with there can of worms. Before your reply I was like this is not making sense, they can figure this ■■■■ out, thats why im paying them.

update: ionos has basically said the ssl is not compatible with Cloudflare. In order to correct that, im thinking I would have to disable ssl on ionos. Will I have ssl on Cloudflare?

https:// www .cloudflare. com/ application-services/ products/ssl/ ?

I was connecting directly to the origin and got an SSL error, so it’s not a Cloudflare issue (add: the 525 error you get from Cloudflare is for the same reason).

I use Cloudflare with a number of Ionos VPSs, although none with an Ionos generated certificate - all are Letsencrpyt. I can’t think of any reason why an Ionos certificate that works for a direct connection wouldn’t work for Cloudflare as the client instead unless it doesn’t include a wildcard for the domain.

You can get your own certificate from Letsencrypt or other CA to use instead, or download the Cloudflare origin certificate for use on your server. That is only trusted by Cloudflare so will give a warning if accessing the origin server without passing through Cloudflare.

ok, that makes sense

The free one doesn’t include wildcard. So in fact that was a major error on their behalf I think. Trust me, im not pointing blame at you guys. Im pointing blame at their incompetence. This is stressful for someone who hasn’t touched a website in 10+ years :laughing:.

so [Certbot](htt ps: //certbot. eff. org/) from here https:// letsen crypt .org/ getting-started/ is what you are saying to do? Connect to site threw ssh and do this?

got it I think, all let ya know after im all done

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.