403 Error on FULL encryption

after setting SSL/TLS encryption to FULL (or FULL STRICT) i receive an 403 Error calling my site.

I already whitelisted all Cloudflare IPs (basically all IPs on Port 80 / 443 are allowed),
installed Cloudflare’s authenticated origin pulls cert (some recommend this to fix the Error 403 problem), and do not block any IP via the .htaccess file.

what else can i do to solve that problem?



Would you feel comfortable (temporarily) sharing your server IP address here?

not really
which checks would you perform? Can i do them on my own?

Well, that error seems to come straight from your server.

If you want (instead of posting it publicly) you can run a check with the IP address at sitemeer.com instead and post here when you ran the check, so I can dig it out.

sandro, ive ran the check at sitemeer :slight_smile:

You ran a check with the domain I am afraid, not the IP address. I presume the IP address does not end in 50, right?

sorry, my fault :slight_smile:
ok,i put in my ip

Could it be that your server is requiring client SSL authentication? Though that shouldnt necessarily explain a 403.

yes, client SSL authentication is required.
read, that you have to enable it if you want use “Authenticated Origin Pulls”

…disabled client ssl auth for a minute… makes no difference
getting same 403 error

Good point.

Can you still disable it for the time being?

Right now your servers seems to be down.

What I’d suggest is to pause Cloudflare, so that DNS records resolve straight to your server (keep in mind, this will expose your IP address), by which can verify whether your server actually works or not. Though, even if it does there is still a chance it might simply block requests from Cloudflare’s proxies with a 403, but thats something you will need to debug in your server logs.

403s typically (meaning never) do not originate from Cloudflare but from the origin.

I restarted the server and got a new ip - so there was a short downtime. As you mentioned, I have to check the logs. Hopefully I get an idea of which rule blocks cloudflare requests.
Thanks for your help sandro.

heres the solution:
got a lot of rewrite errors.
added Options All in the .htaccess file.
Now everythinkg works fine :slight_smile:

This topic was automatically closed after 30 days. New replies are no longer allowed.