Recently, I had a team enable Cloudflare’s Automatic Platform Optimization for WordPress on: bartholomew.foundation website. However, shortly after that, I noticed two different websites’s images (which are linking content from there) disappear and now display 403 Forbidden errors.
If you visit: archons.org, scroll halfway down the page under the section, “The Ecumenical Patriarch Bartholomew Foundation”, only the headlines appear, and no images.
I noticed that “Hotlink Protection” is not currently enabled either.
I thought that perhaps a Firewall Rule needed to be established on archons.org site to permit, but I’m uncertain how to establish this, if in fact this is the solution.
I am not a developer, so I am trying my best to get this rectified by opening a ticket on my own with hopes a solution can be proposed in the simplest terms I would be able to understand. Thank you everyone!
I’m not seeing a cache HIT for your homepage. Are you sure you have APO enabled? It looks like you’re also using WP CF Super Cache, which pretty much does the same thing as APO. Still no HIT, though.
It is, but seems not to be at Cloudflare. On your backend, or other service behind Cloudflare there is a setting, that does prohibit the call to it’s pictures from another domains, or more specific if your referrer does not match “https://bartholomew.foundation”
Also Cloudflares cache at https://bartholomew.foundation is configured to bypass images.
If the page the image is getting called from does not match https://bartholomew.foundation the service behind https://bartholomew.foundation refuses to serve the image and instead fires a 403 error.
Ok, I deactivated APO last night to see if this helped. I just re-enabled APO and can see “HIT”. I de-activated WP CF Super Cache. I can now see images appearing on members URL. However, I have not seen the images appear on archons site.
The WP CF Super Cache was enabled PRIOR to enabling the APO. Until sdayman mentioned it, I forgot we had this enabled. Would having Hummingbird plugin enabled also affect/help results?
Due to cache issues, I am afraid it all can have some weird impact while using them in a combination. Just my opinion as far as users reported having some issues using multiple cache plugins (with or without APO) while using Cloudflare. So, if I may suggest please take it with a caution when troubleshooting the issue.
Basically, the features that those plugins offer, all of them Cloudflare has already implemented and Cloudflare can reduce the work at the origin server so no need to install and use all those plugins alongside it - but, only my opinion, again, cannot say it in general but rather from what I’ve seen from the other topics.
It could. If the config of the plugin allows to activate/deactivate certain parts modularly please disable the “Cache” option, the optimization options you can keep activated.
Disable all other caching plugin aswell, since APO is taking over that part.
It also would be important that we know what website you are talking about when you say you have done something:
I remember I saw x-frame-options HTTP header, but unsure on which domain.
If that could have impact, as your plugin is using “RSS feed” to fetch the items and display them in a “carousel” style?
It would be good to “fetch and download” them to your server, somehow, and then display it from your server - if possible.
But, I am afraid that requires some programming work as I assume plugin does not offer that kind of displaying 3rd-party content from external domain that way.
The issue about the images is, I am afriad because:
If the plugin reads the feed:
As far as I see from the feed link you provided, the RSS feed item does not contain any images and media tag like:
<media:content medium="image"
Only I see it’s image added inside:
<content:encoded><
