Access denied Error 1020 for a specific client of mine

Hello, I have a specific person that is visiting my website and getting the Access Denied Error 1020 on my website. He has shared his Ray ID code with me and I’ve even went into my Firewall events section of Cloudflare but I do not see any blocks? Is there any way I can unblock him by manually adding his Ray ID somewhere?

Would be one of your Firewall Rules blocked his request/access to your Website.

If that Ray ID cannot be filtered in past 24 hours or so, you’d have to monitor this for next 24-72 horus until he/she appears again by using the filte for the service “Firewall Rules” and/or action “Block”.

Might be you’re having a Firewall Rule which is blocking some country or TOR, or something else like “user-agent”, which was triggered as expected behaviour from this kind of a security feature.

You could create a new Firewall Rule with the action “allow”, make sure it is the 1st from above on the Firewall Rules list, and then decide if it’s his/her user-agent, or IP address, or his country, or something other which you should allow/bypass to have the access to your Website.

1 Like

Thanks so much for that info. Yes, currently I don’t see any blocks in the last 24 hours, so I may ask them to attempt again to visit the page this way there could be an attempt I could see him.

Alternatively, is there a way I could use their Ray ID to create this Firewall Rule or do I absolutely need their IP if I wanted to do this exclusively for them?

I am afraid their IP would change as it changes every XX hours if we’re using DHCP from our local ISP and in that case, we’d have to use some different approach, except if it’s static IP provided to them by their ISP :thinking:

Maybe once you’ve catch it, double-check what could it be in your existing Firewall Rule so we could troubleshoot and modify it to suite that particular person. Hopefully, once “allowed”, the person wouldn’t do some harm to your Website in the meantime.

1 Like

Oh boy… in that case I guess the best option would be to have them visit the page and attempt to spot them in the logs and unblock them?

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.