HTTP/2 403 - Cloudfare is blocking Sitemap XML

Google is unable to read the XML sitemap, error 403. How do I know which option on the Cloudflare page can affect the reading of the sitemap? I would like to create a rule in the Firewall to allow the reading of Sitemaps by Google robots.

Have you searched here for solutions?

I may be incorrect in my assumption, so please let me know if I am. I’m assuming you’re referring to a manifest, located in your site’s root directory and named e.g. manifest.xml. If that’s the case, may I suggest that you begin using a JSON file instead? Let me explain the reasoning. XML is inherently unsafe*(1) while JSON is inherently safe and readable by both machines and humans. While technically it’s use is for “progressive web apps” (PWA), they are in use by standard websites as well that see the move away from using XML as a (messy) markup language toward JSON.

Here are resources for you (including from Google):

Unfortunately, I still haven’t found the solution. When I tried to simulate Google’s robots, here’s what appears:

This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data. What can I do to resolve this? You can email the site owner to let them know you were blocked. Please include what you were doing when this page came up and the Cloudflare Ray ID found at the bottom of this page.

Okay, I’ll check that out. Thanks.

1 Like

You’re welcome. I’ll also note that SEO is also improved.

This topic was automatically closed after 30 days. New replies are no longer allowed.