403 Forbidden ever since using cloudflare


I’m on GoDaddy. Tried to follow a walkthough (https://jonnyjordan.com/blog/how-to-setup-cloudflare-flexible-ssl-for-wordpress/) to install a cloudflare ssl. Immediately started getting 403. Backed out the plugins, reverted changes, disabled the cloudflare service and still get 403.

I have rebuilt the whole site. Created a new database. Made a new htaccess. Checked permissions. Everything is ok but still getting 403. Been down for 3 days and it is driving me crazy! I’ve researched everything I can find but nothing seems to work. Anyone have any ideas?




That tutorial looks pretty old.

For now, revert to your old non-Cloudflare setup without SSL.

When you’re ready to try again, the only change I’d recommend for your site is that Flexible SSL plugin. Then set Cloudflare to Flexible SSL. That should get you most of the way there.

I also have to add: Is GoDaddy still not letting people install SSL for free? That’s needlessly putting their customers’ website security at risk, even with Flexible SSL.

Maybe this will work for you once you’re ready for a followup challenge:



Thanks for the reply. That is my problem, I did revert to old non-cloudflare setup and still get 403. I have restored everything to the original settings, built a completely new DB and still can’t get into it.

No, GoDaddy still wants you to pay for their SSL.



So you don’t have SSL. Is something still trying to use SSL and causing the 403?

Can you recover a site backup? I believe cPanel lets you do this.



I restored a backup from February and still can’t get in. That is what has me completely confused. I’ve been in IT for 30 years and have used every trick I can think of.



Now would be a good time to contact GoDaddy support.



Believe it or not I got with them early on thinking that would be the easy route. They had no clue what the problem could be. They offered to escalate my issue to the next tier for $50 if I wanted them to look into it lol. As clueless as the first tier was, I hastily declined.

Oh well, just thought someone here might have fought the same fight at one time or another and would throw something out that I hadn’t thought of. I’ll keep plugging away and post back if I ever solve it (which i hope I can as it is a business site that has been up for about 5 years and I need it back up!).

Note to others, they also make you pay for backups, and SSL, and just about everything else, so might not be the best choice for you…



Can you look at your server logs to see the reason for the 403?

1 Like


I’m not sure if I can get at those or not but that is a great idea.

1 Like


So the logs were a great idea, that is exactly why I posted here. I was so busy digging into files and databases I neglected the obvious first place I should have started. For some reason my site is using an incorrect directory all of a sudden. I moved my files there and it isn’t pretty but at least no more 403. Not sure why (or where) the directories changed but at least people can contact the business now. Thanks sdayman!

1 Like


That’ll be $50, please. :smiley:



You sound just like the godaddy guys! At least you give the ideas upfront and THEN ask for the money haha.

1 Like

closed #13

This topic was automatically closed after 14 days. New replies are no longer allowed.