I am using the “Get” method from the IdHTTP library to get the contents of a text file from my website. The text file is ‘www.codrutsoftware.cf/versions/’.
When trying the Get method with the proxy of the DNS record disabled, everything works properly. But when I enable the proxy, I get a 403 Forbidden error.
I assume this is a security measure taken by Cloudflare to protect a website, but In my case It’s limiting my access to the Get method. This issue occurs with any page on the site I attempt It.
Currently, to fix the issue, I created a new CNAME record with the proxy disabled, and I am using that to get the files over a unsecure HTTP connection.
When you get an 403 back, you should get a RAY ID back. You can then search that in your WAF events to see what rule blocked the requests and make an execptions for it.
Looking at the logs, I see a lot of failed attempts from my IP using the Get Method for “Browser integrity check”. I can see that issue causing the failed connections, as the Get method is not acting as a browser.
I assume this feature is there to prevent against DDoS and such. Is there a way to add a exception for certain URLs or disable the feature completely?
I think I found the solution. In Security → Options there is a option to disable browser security check, and there is also a banner indicating that custom rules can be applied to bypass this check on custom conditions.