Hey, i have the problem that after a while (not immediately after flushing Cache) i get a 403 on the request of a Plugin. I tested all i thought about but dont find a solution Hope you have an idea…Thx!
You should be able to see the challenged or blocked event under the Security tab → Events at Cloudflare dashboard for your zone and know exactly which security option was triggered.
Once you find them, click on a particular one to find more details about it (user-agent, IP, HTTP version …). If yes, could you share some details which service was triggered that blocked you?
It knows to happen due to the WordPress using HTTP/1.0 and empty user-agent, therefore while executing WP-Cron or some other related JSON/REST API request via plugin which triggers the WAF rules (as it should normally).
You might see your server IP address then being blocked there in the Security Events
If so, might be Bot Fight Mode or Managed Rules on the Security Events list
@fritex thx a lot for yoiur reply :)) I did what you said and found that:
In WAF i see:
“Not mitigated” for all those 403 errors and all are from origin.
Interesting is that about 1/3 is from origin with error, 2/3 is w/o the error. (so imo WAF isnt doing anything “wrong” here and reason is s.w. behind?)
Under IP Rules i couldnt find any of my IPs under IP Access Rules
i learned that it may be connected with wp-nonces, as it seems APO is caching the HTML files for a longer period that those nonces, may this be a reason?
Hope you have an idea…Thx!
