403 Forbidden. How to fix

I have the dreaded 403 Forbidden on my most used domain. I am only a newby with my DNS settings. I need to get this fixed ASAP.

What’s the domain and did you verify this is actually Cloudflare related?

NameTrader.com I wouldn’t know if it is Cloudflare related or not. All my GMail accounts working in Cloudflare. None of my non-GMail domains are working in Cloudflare. Here is my DNS settings.

A autoconfig 104.21.49.95 Proxied

A ftp 104.21.49.95 Proxied

A nametrader.com 104.21.49.95 Proxied

A webmail 104.21.49.95 Proxied

AAAA nametrader.com 2606:4700:3034::6815:315f Proxied

CNAME mail nametrader.com Proxied

CNAME www nametrader.com Proxied

HTTPS nametrader.com 0 nametrader.com. DNS only

MX nametrader.com amir.mx.cloudflare.net 99 DNS only

MX nametrader.com linda.mx.cloudflare.net 30 DNS only

MX nametrader.com isaac.mx.cloudflare.net 14 DNS only

TXT default._domainkey v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3K0oRbtHUkXBL024CZprnTQrIEaCWbSAQRQfvXHuR1g3oXvrXN7PI4O99ATyp0km9Pd9fwemdXWj4X10HJDNichW+pG4opkMmX1CdO5YMVKzq95MdN6zIAdZDb1G2pEx+Wt76XKdQKFaIkp777t1NndVl6dXHnUqjMCQCWEM4KtW1iNd5VKBvQex+PtC4nfww+WAfi4qoc8H1qdD75sEOFpWGpoopFhdZpGNJ9MhZpBvTz9k9Mn7Pyb7TpF1tO/6l70wQDi1+LRNyvwF+dmRKAyoJi3mXnshk0hOAw80SRjcyCFZCltlIlzOYxk6ViFHU/ksNSYLWiFejIMZ8JUoKwIDAQAB; DNS only

TXT _dmarc v=DMARC1; p=none; “rua=mailto:[email protected];” fo=1 DNS only

TXT nametrader.com “v=spf1 include:_spf.mx.cloudflare.net ~all” DNS only

TXT nametrader.com v=DMARC1; p=quarantine; rua=mailto:[email protected] DNS only

You do not have the correct IP addresses configured. Pause Cloudflare and contact your host to clarify which DNS entries you need.

It might be that your IP address should be 146.x.x.x but you still need to clarify this with your host.

At my registrar they are set as vita.ns./arc.ns.cloudflare.com. Is104.21.49.95 not for nametrader.com?

I am talking about the IP address, not nameservers. Your domain is still not paused.

To be clear. I haven’t really understood your last 2 posts. I’m not exactly sure what you mean by “your domain is still not paused”. I thought 104.21.49.95 was given to me by Cloudflare for NameTrader.com. One of two addresses. I’m also not sure what you mean by “it might be that my IP address should be 146.x.x.x” I’ve no idea where that come from? I think we should take things slowly. It’s nearly 10pm here. This is going to be my last post for today. Probably be back here in about 10hrs time.

See the linked article.

Cloudflare uses that address for the proxies, but you need to configure your actual server IP address. Hence why I said you need to contact your host.

Presumably from your host.

1 Like

You definitely mean my host and not my registrar? Yes

Absolutely, your registrar is not involved here, unless of course your registrar is your host.

Bottom line, you need to configure the correct IP address on Cloudflare and need to clarify this with your host. I believe mentioned IP address will be the right one, but only your host can tell you that.

OK. I got that. I’ve got plenty to play around with until the morning :slight_smile:

OK. I managed to get my websites back. But I still haven’t got my non-gmail emails back yet. These are:

{redacted, please don’t share email addresses on public forums}

These are all the accounts I have, 100% of my non-gmail email accounts. Any ideas what I need to do get these working?

rgds
Stu

There probably zero emails in comsales.com. But the other 5 accounts are critical.

coolsubic.com has 2 SPF records (not allowed), DMARC set under the apex domain and under _dmarc. The subdomain mail is proxied, if used for the mail clients needs to be “DNS only”.
https://cf.sjr.org.uk/tools/check?5aab1ff35f7f4040b0a1309f5a709f79#dns-mail

nametrader.com has the DMARC set under the apex domain as well, and an invalid one set under _dmarc. mail is again proxied…
https://cf.sjr.org.uk/tools/check?777f8beeeb0f40b1923d90c93b229700#dns-mail

comsales.com also has DMARC at the apex and _dmarc and mail is proxied.
https://cf.sjr.org.uk/tools/check?877494823075435391276c2f82ab2958#dns-mail

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.