Error 403 when accessing to our website

Hi,

I need some help!

Since monday, we get a 403 error when accessing to our website from our network.
If we use another network like our mobile phone for exemple, there is no problems.

Our website is www.activeo.com

here what I get from wget :

C:\Users\rorcier\Downloads>wget -v --debug WEBSITE

DEBUG output created by Wget 1.19.4 on mingw32.

Reading HSTS entries from [1]/.wget-hsts

URI encoding = ‘CP1252’

converted ‘WEBSITE’ (CP1252) -> ‘WEBSITE’ (UTF-8)

Converted file name ‘index.html’ (UTF-8) -> ‘index.html’ (CP1252)

–2018-10-16 17:59:27-- WEBSITE

Resolving WEBSITE(WEBSITE) … seconds 0,00, 104.28.14.60, 104.28.15.60

Caching WEBSITE => 104.28.14.60 104.28.15.60

Connecting to WEBSITE (WEBSITE)|104.28.14.60|:443](WEBSITE)|104.28.14.60|:443)… seconds 0,00, connected.

Created socket 3.

Releasing 0x0000000002e07b10 (new refcount 1).

Initiating SSL handshake.

seconds 900,00, Winsock error: 0

Handshake successful; connected socket 3 to SSL handle 0x0000000002e148d0

certificate:

subject: CN = sni27831. Cloudflaressl. com,OU=PositiveSSL Multi-Domain,OU=Domain Control Validated

issuer: CN=COMODO ECC Domain Validation Secure Server CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

X509 certificate successfully verified and matches host WEBSITE

—request begin—

GET /en/ HTTP/1.1

User-Agent: Wget/1.19.4 (mingw32)

Accept: /

Accept-Encoding: identity

Host: WEBSITE

Connection: Keep-Alive

—request end—

HTTP request sent, awaiting response… seconds 900,00, Winsock error: 0

seconds 900,00, Winsock error: 0

seconds 900,00, Winsock error: 0

seconds 900,00, Winsock error: 0

seconds 900,00, Winsock error: 0

seconds 900,00, Winsock error: 0

—response begin—

HTTP/1.1 403 Forbidden

Date: Tue, 16 Oct 2018 15:59:28 GMT

Content-Type: text/html; charset=UTF-8

Transfer-Encoding: chunked

Connection: keep-alive

Set-Cookie: __cfduid=df4e6e5bbdfa89b518fa1348998db95651539705567; expires=Wed, 16-Oct-19 15:59:27 GMT; path=/; domain=.WEBSITE; HttpOnly

Vary: Accept-Encoding

Set-Cookie: PHPSESSID=crkq0ddda5kif5hpahbgab2sp2; path=/

Set-Cookie: wordpress_3c2685f2ec11c1e89fd9c35adea43070=+; expires=Mon, 16-Oct-2017 15:59:28 GMT; Max-Age=0; path=/wp-admin

Set-Cookie: wordpress_sec_3c2685f2ec11c1e89fd9c35adea43070=+; expires=Mon, 16-Oct-2017 15:59:28 GMT; Max-Age=0; path=/wp-admin

Set-Cookie: wordpress_3c2685f2ec11c1e89fd9c35adea43070=+; expires=Mon, 16-Oct-2017 15:59:28 GMT; Max-Age=0; path=/wp-content/plugins

Set-Cookie: wordpress_sec_3c2685f2ec11c1e89fd9c35adea43070=+; expires=Mon, 16-Oct-2017 15:59:28 GMT; Max-Age=0; path=/wp-content/plugins

Set-Cookie: wordpress_logged_in_3c2685f2ec11c1e89fd9c35adea43070=+; expires=Mon, 16-Oct-2017 15:59:28 GMT; Max-Age=0; path=/

Set-Cookie: wordpress_logged_in_3c2685f2ec11c1e89fd9c35adea43070=+; expires=Mon, 16-Oct-2017 15:59:28 GMT; Max-Age=0; path=/

Set-Cookie: wp-settings-0=+; expires=Mon, 16-Oct-2017 15:59:28 GMT; Max-Age=0; path=/

Set-Cookie: wp-settings-time-0=+; expires=Mon, 16-Oct-2017 15:59:28 GMT; Max-Age=0; path=/

Set-Cookie: wordpress_3c2685f2ec11c1e89fd9c35adea43070=+; expires=Mon, 16-Oct-2017 15:59:28 GMT; Max-Age=0; path=/

Set-Cookie: wordpress_3c2685f2ec11c1e89fd9c35adea43070=+; expires=Mon, 16-Oct-2017 15:59:28 GMT; Max-Age=0; path=/

Set-Cookie: wordpress_sec_3c2685f2ec11c1e89fd9c35adea43070=+; expires=Mon, 16-Oct-2017 15:59:28 GMT; Max-Age=0; path=/

Set-Cookie: wordpress_sec_3c2685f2ec11c1e89fd9c35adea43070=+; expires=Mon, 16-Oct-2017 15:59:28 GMT; Max-Age=0; path=/

Set-Cookie: wordpressuser_3c2685f2ec11c1e89fd9c35adea43070=+; expires=Mon, 16-Oct-2017 15:59:28 GMT; Max-Age=0; path=/

Set-Cookie: wordpresspass_3c2685f2ec11c1e89fd9c35adea43070=+; expires=Mon, 16-Oct-2017 15:59:28 GMT; Max-Age=0; path=/

Set-Cookie: wordpressuser_3c2685f2ec11c1e89fd9c35adea43070=+; expires=Mon, 16-Oct-2017 15:59:28 GMT; Max-Age=0; path=/

Set-Cookie: wordpresspass_3c2685f2ec11c1e89fd9c35adea43070=+; expires=Mon, 16-Oct-2017 15:59:28 GMT; Max-Age=0; path=/

Set-Cookie: wp-postpass_3c2685f2ec11c1e89fd9c35adea43070=+; expires=Mon, 16-Oct-2017 15:59:28 GMT; Max-Age=0; path=/

Set-Cookie: wp_woocommerce_session_3c2685f2ec11c1e89fd9c35adea43070=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/

Cache-Control: no-cache, must-revalidate, max-age=0

Expires: Thu, 22 Jun 1978 00:28:00 GMT

Pragma: no-cache

Expect-CT: max-age=604800, report-uri="https:// report-uri.Cloudflare .com/cdn-cgi/beacon/expect-ct"

Server: Cloudflare

CF-RAY: 46abbb97c81b3c65-CDG

—response end—

403 Forbidden

cdm: 2

cdm: 3

cdm: 4

cdm: 5

cdm: 6

cdm: 7

cdm: 8

Stored cookie WEBSITE -1 (ANY) / <permanent> <insecure> [expiry 2019-10-16 17:59:27] __cfduid df4e6e5bbdfa89b518fa1348998db95651539705567

Stored cookie WEBSITE -1 (ANY) / <session> <insecure> [expiry none] PHPSESSID crkq0ddda5kif5hpahbgab2sp2

Attempt to fake the path: /wp-admin, /en/

Attempt to fake the path: /wp-admin, /en/

Attempt to fake the path: /wp-content/plugins, /en/

Attempt to fake the path: /wp-content/plugins, /en/

Registered socket 3 for persistent reuse.

URI content encoding = ‘UTF-8’

seconds 900,00, Winsock error: 0

Skipping 6 bytes of body: [seconds 900,00, Winsock error: 0

seconds 900,00, Winsock error: 0

Erreurseconds 900,00, Winsock error: 0

seconds 900,00, Winsock error: 0

] done.

2018-10-16 17:59:28 ERROR 403: Forbidden.

We didn’t change anything
Do you have an idea?

You are probably running into one of the security measure of Cloudflare with your IP address.

Is there a way to correct this on my side?

First you could try to whitelist your IP address in the firewall settings.

Your website is accessible at my end. Maybe your IP is blocked by firewall, copy your IP address from https://whatismyip.live and contact either with Cloudflare support or your hosting company,

Thanks for replying
I added our ip address to the white list but we still have the same error

I also tried to add an allow entry, no progress

What is the exact error message? Can you post a screenshot?

1909_8711.png1909×871 55.4 KB

1903_8091.png1903×809 59.9 KB

We just have a white screen with “erreur”/“error”
I see the 403 error when i inspect the network request

Considering it returns an access denied, respectively error, message in French it would indicate that error comes straight from your server. You probably have some block there in place.

If the rule (access block) is enforced by CF, then it would be applied to all the websites on CF which is about 10% of world traffic. In that case you will be blocked by one out of ten websites.
As @sandro said your hosting/server/app is the source of this error.

Ok we find it !

In fact it’s the website that though that he received a lot of request from our ip address so it blacklisted it in the .htaccess

now we have to find a way to stop that

Thanks a lot for your help !

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.