I recently moved a site I manage to Cloudflare. We have a simple custom API set up on the site, and several other sites have built integrations which connect to our API.
Since the move to Cloudflare, one of these sites has been unable to connect to our API. They say they are getting an HTTP 0 error code.
Checking the WAF logs, there are no block events matching their requests. I am quite certain of this.
I suspect the problem is on their side, maybe something with their system not recognizing the new Cloudflare edge cert. However, my question is this: Is there any way Cloudflare could be blocking these incoming requests in a way that does not show up in WAF logs?