Hello,
For some reason, sometimes many people (including myself) are experiencing issues visiting any of my websites. The issue happens intermittently. Sometimes everything works fine, other times it doesn’t.
At first I thought that the server is sometimes blocking legitimate requests. But after discussing the issue with my host provider and doing traceroute from my end, my requests are not even reaching the server and always timeout in the middle of the way. See the following image which shows traceroute result:
allowlisting my IP address through Dashboard/Security/WAF/Tools did not solve the problem. The only way to fix the problem is by switching to DNS only which is not the perfect solution as need to benefit from CF services.
I followed the guide that you sent but still no luck fixing the issue. I’ve discussed the issue with my hosting provider. We allowlisted all Cloudflare IPs (We actually have done this step long time ago but I double checked that all CF IPv4 and IPv6 are allowlisted). Again my hosting provider said that there is nothing that can be done since the packets are not even reaching their server and the fact that I can access the website when not proxied by Cloudflare means that the issue could be with Cloudflare.
I’ve done Trace route comparison when the website is proxied and not proxied in case it help with anything. Sadly I cannot upload screenshots for the comparison since I’m allowed to upload just one image per post. But in short, when Proxied, I get lots of timeout as shown in my first post. While in case of DNS only version, the packets reach my hosting provider server with no issue.
Is there anything I can do besides disabling CF? Any help is highly appreciated.
It looks like the traffic did not reach Cloudflare’s edge, and your local DNS or ISP may be blocking Cloudflare’s IP. Which makes the situation trickier.
When your domain is proxied by Cloudflare, we assign it IP addresses from a shared pool in the Cloudflare network. Unfortunately, we are not able to guarantee that your assigned IP addresses are not blocked by any country or ISP.
You can try moving to a new account to get a different pair of name servers, but there are no guarantee.
