iOS users from some ISPs can't access my website

dns

#1

Hello,

I recently added Cloudflare CDN to my website. It works really well on all devices except iOS 11 on some ISP IPs.

Most of my users live in Iran and they use ParsOnline, SabaNet an Shatel DSL.
they can access website with
x.x.x.x ip on windows and android

but they can’t access with
x.x.x.x ip on iOS 11

with VPN they can access my website even on iOS 11.
this is my website Url: https://z4car.com

I’ve tested other websites with cloudflare and they didn’t work on iOS 11 too.


#2

To answer this you may need to detail what you mean by “can’t access” - do they see a Cloudflare Error, a browser error or something else?


#3

they see a white page for a long time and gateway timeout after that.


#4

OK - in that case getting a screenshot, a traceroute and a copy of https://z4car.com/cdn-cgi/trace or https://cloudflare.com/cdn-cgi/trace from an impacted user might help us track this down.


#5

here’s one of the client’s browser screenshots.

fl=71f292
h=z4car.com
ip=46.41.206.184
ts=1533136834.862
visit_scheme=http
uag=Mozilla/5.0 (iPhone; CPU iPhone OS 11_4_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/11.0 Mobile/15E148 Safari/604.1
colo=FRA
spdy=off
http=http/1.1
loc=IR

there is another problem with 3G-4G internet on IRANCELL and IR MCI networks too. sometimes they can see website and sometimes they can’t. this only happens with CDN enabled.


#6

We don’t see any evidence of an issue with that ISP internally. One thing to note I sent you a HTTPS URL and they loaded it over HTTP - I wonder if HTTPS is the issue so it would be good to double check https://z4car.com/cdn-cgi/trace

Regardless, if they can load /cdn-cgi/trace on your domain that proves there is no issue between the ISP & Cloudflare, and sounds like they might be seeing an error from your origin?

If they cannot even reach the trace page, a traceroute when this happens is crucial. I would then send this into support so they can escalate it internally with the Network team.


#7

I changed ssl setting (made it optional)
now users can see it with and without https.
test result:
ok with DSL
not ok with 3G

this is traceroute on 3G:

Warning: z4car.com has multiple addresses; using 104.27.184.85
traceroute to z4car.com (104.27.184.85) , 5 relative hops max, 52 byte packets
   1  * *

#8

any news?


#9

Hi Simon,
I have this problem too.


#10

I disabled ssl now everything is ok.


#11

This doesn’t sound like a Cloudflare issue - what would be useful is a packet capture while this is happening if you can collect one.