Cloudflare Challenge on all the sites I visit

One of the errors you shared shows an issue with speed and you indicated with a faster connection the error went away.

Thank you for all the details, they are helpful. I am going to phone a friend to get some @MVP eyes on your feedback. Can you share images of the errors in the browser you are using? The dev console is helpful, but seeing the error is a browser is also helpful as we can attempt to reproduce those. Errors with 3rd party apps and devices are difficult to troubleshoot, but even images of those errors in the apps would be helpful.

Only you can confirm that, can you scan all the devices for malware?

I agree, I do not think this is related to IP, it may be related to one of the other dozen or so selectors a site owner can use to block traffic. But, as I commented, I do not think that every site owner implemented rules that end up blocking you overnight. That seems more like an effect of malware, not WAF rules.

A 403 error with Cloudflare shown in the error is always returned directly from the origin web server, not Cloudflare, and is generally related to permission rules on the origin server. The top reasons for this error are:

  1. Permission rules the site owners have set or an error in the .htaccess rules they have set
  2. Mod_security rules.
  3. IP Deny rules

If you are seeing the 403 on sites you visit, note that since Cloudflare can not access our customers servers, the site owners need to contact their hosting provider for assistance with resolving 403 errors and fixing rules. They should make sure that Cloudflare’s IPs aren’t being blocked. I do see the dash login was successful so it does not appear to have prevented login.

ring.com doesn’t use Cloudflare, so that’s interesting you’re having a similar error there.

2 Likes

Funny! I haven’t actually tested it in my browser. But yeah, no challenge when I go to their website. My bad, then this will be another issue. Just funny it happened at the same time.

VPN is not a faster connection, it just relays all through them. But once I have VPN activated everything works. Your dash is also presenting these issues. As I showed on the pictures. It works everytime I try login with VPN activated. But once I disconnect from VPN it breaks the page.

When I first did experience this, I tried to go to the different external source by looking through the web console and opening each resource in a new tab. After waiting through the challenge then more of the external resources loaded successfully. But some still fails due to some policy. But why would it not get same error with VPN as without?
Dash not working was preventing me to login. But by connecting through VPN, I was able to login with no error. Don’t want to have a VPN running all the time on all devices unless it’s the only way. But I know it would be much better if I could get some answers regarding why I’m flagged. And take action accordingly.

000000.883|   OKAY| Requesting config from /api/v1/config/public?region=NA&os=windows&app=Riot%20Client&version=48.0.0.4342439&patchline=KeystoneFoundationLiveWin&namespace=keystone.self_update
000000.994|   WARN| HttpEventSender: Error sending 1 events to data. riotgames. com/collector/v2/events: 0 (HTTP response code 403, retry count 0) - 
000001.147|  ERROR| CheckForSelfUpdate failed.: Self update query config failed.: Request of URL "/api/v1/config/public?region=NA&os=windows&app=Riot%20Client&version=48.0.0.4342439&patchline=KeystoneFoundationLiveWin&namespace=keystone.self_update" failed with code:0, error:""

Log from Riot Client application, only happen when I use my home network. But using VPN connection or mobile data it does not fail. Opening this url in a web browser presents me with the Cloudflare verification before showing me the page content.

Only I can confirm, and all the devices I have tested report healthy and no malware or virus found. No way to test the IoT stuff, but I do assume they are healthy.

They do as far as I am concerned.
The main domain itself does not, but the subdomains they redirect to do:
ring.com:
image

de-de.ring.com:
image

So may he is facing this issue on a subdomain he automatically got redirected to.

4 Likes

Can you show us the certificates that the browser reports while you run into issues with the dashboard?

1 Like

Good point. That’s an interesting twist: Amazon using Cloudflare.

As it’s the mobile app and IoT device, it’s extremely likely that it’s using a subdomain also proxied by Cloudflare.

1 Like

Do you think Jeff got rich by wasting traffic?

1 Like


Will this do?

Yup, that works. I thought that maybe the connection was being intercepted, but the certificate seems to be okay.

Does the error occur on incognito as well?

3 posts were split to a new topic: Some issue with my network

Same behaviour in incognito and also on other computers. Which indicates not a broken setup on browser. Unless all browsers have the same error with, but fixed when I use vpn :see_no_evil:

I only have a workaround. VPN. Have you checked the work IP on projecthoneypot, spamhaus or talosintelligence?

You have a lot of exposed services running on your home IP address, including an old Apache server and phpMyAdmin

That could be why. But I still think you should make a ticket; send an email to support @ cloudflare.com with all the details you’ve described, even link this thread in the ticket, and reply here with the ticket number

Yeah. I have got a tips about my reverse proxy box. Did turn it off yesterday. Doing some checks on it as I types. Didn’t find anything when I just had a quick look at it earlier.

I’ve already attempted to make a ticket when this first happened. But got rejected since I dont as a non enterprise customer dont have access to such nice things. :slight_smile:

I can make a new request if that is better.

#2436662

I’ve escalated the ticket for you, but it’s the weekend now :stuck_out_tongue:

Could you also please send an example of a resource on dash.cloudflare.com that 403’s for you? With the cf-ray header, you can find it in the chrome network tab

Make sure you click the “Preserve log” checkbox to show requests that happened before form submission

It should look like this:

image

Just make sure you only share the cf-ray, and nothing else as requests to dash.cloudflare.com will probably contain sensitive information

1 Like

Thanks! And yeah, weekend doesn’t make a difference for mye experienced issues :see_no_evil: but don’t expect much to happen over a weekend support-wise.

I will make a comment on the case for it. Or did you want it here?

Both :slight_smile:


This is the cf-ray header from dash page :slight_smile:

Tried to send email with the same picture.
But it then got classified as SPAM.

Remote Server returned ‘554 5.0.0 < #5.0.0 smtp; Your email to group support – cloudflare.com was rejected due to spam classification. The owner of the group can choose to enable message moderation instead of bouncing these emails. More information can be found here: https://support.google.com/a/answer/168383.>’

This is when sending from my email account. The email is not sending from my IP address, it is going from Microsoft Office365 Outlook service.

Support should have created a ticket for you to discuss this. From what they told me they asked for some more details :slight_smile:

Ticket number #2450781.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.