Random 403 errors for sites using Cloudflare (orange cloud)

Hello,

This is the first time it’s started happening. I keep getting random 403 errors for my sites (all orange cloud). The request is hitting Cloudflare, as I can see in the headers the server is Cloudflare. But for some reason I get a forbidden error.

I can’t see anything in the firewall events that would indicate it was caused by a rule there. Else I’d see my IP and the time I loaded the site, but there is nothing.

So I tried adding my IP in the whitelist of IPs, allowed access to all sites, just in case for some reason that was the issue. Don’t know why it would be. But no. I still get these random 403 errors. They happened about ten minutes ago and I figured something was wrong. Then went away so I assumed it was temporary. And now, back again.

One site is Cloudflare pages that I only deployed today. One is a Cloudflare workers app that I haven’t touched today. Both have 403s but were fine earlier.

The slight concern is whether anyone else is getting a random 403 too. Since I guess without the enterprise plan, I can’t see any logs to know. Anyone else seeing random 403 errors?

403

Even stranger: I now get a 403 error for one Pages site, but my other Pages site works fine. Both created and deployed today. Both were working earlier. Using Chrome.

So then I tried Firefox (trying different variables). And both sites load in that. No 403 error. So it’s not my IP, else it would not load in Firefox.

Could it be your new bot fight system? Could it be set to paranoid or something and thinking I’m a bot and so blocking me with that 403 before your firewall and its IP whitelist even gets involved? Not sure. As I’m guessing the Firefox user agent and the Chrome one are going to be different, so whether it is basing the decision on the user agent. I don’t know why it would be that, but not sure what else has been changed. Perhaps that has been enabled or changed today? The headers don’t revel much. There is no error code to work with. Hmm.

What is the URL?

Well I’ve checked again today, and they are working again. From Chrome too. No 403. Back to normal. Still no firewall events or blocks listed.

It wasn’t the new bot fight either. I checked that and that showed as ‘Allow’. So even if Cloudflare thought my Chrome browser was a bot, it should have allowed it. The site’s working using a global site check too. So I’m assuming it was some temporary fault with Cloudflare that was incorrectly blocking just my browser at its edge.

What is one of the site’s giving the 403 error?

None, now. I’ll be back if it happens again!

Though without any error code or request ID or headers to work with, it would take someone at Cloudflare to investigate anyway as they would need to dig into raw logs to see at what point in the flow the request was blocked. I’m thinking it was a mistake they’ve since fixed.

If you hit that 403 again, @gregsanderson, this #CommunityTip may help

Thanks @cloonan

Interesting that it says

If you’re seeing a black & white 403 Forbidden error page without Cloudflare branding, this is always returned directly from the origin web server, not Cloudflare

… as I got that. But Cloudflare was the origin web server in my case. One site was Pages, the other was a Worker. Which is why I suspect a temporary fault. As I hadn’t changed anything and they stopped and started working again. I guess that is the downside of these kind of services: awesome when they work, but lack of visibility when they don’t (logs etc).

1 Like

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.