Sitemap 403 error issue

Website, Application, Performance Security
1

Answer these questions to help the Community help you with Security questions.

What is the domain name?
ventiapple

Have you searched for an answer?
yes, but I couldn’t

Describe the issue you are having:
After setting up all the WAFs, event didn’t check the problem, but the 403 error still persists.

What error message or number are you receiving?
403

What steps have you taken to resolve the issue?

  1. WAF
  2. SSL : full
  3. Page Rules
    Screenshot (6)
    Screenshot (6)882×569 21.8 KB

Was the site working with SSL prior to adding it to Cloudflare?
yes

Have you tried from another browser and/or incognito mode?
yes

Please attach a screenshot of the error:

4

Hello!

You can expand the Activity log (the > on the left) and see which rule is blocking that traffic.

See how: Security Events — Free plan · Cloudflare Web Application Firewall (WAF) docs

Once the rule is identified, you can either disable the rule or allowlist the IP.

There are a few ways:

The best method depends on what is blocking the traffic.

1 Like
5

Thank you for the your reply.

I have setup as below. But the 403 persists. Is there anything additional to set?

Screenshot (10)
Screenshot (10)905×1181 38.7 KB

and

  1. SSL : full
  2. Page Rules
6

eveng log

Screenshot (9)
Screenshot (9)863×1108 43.2 KB

7

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

8

A 403 error occurred, so I set all the settings below, and it is confirmed as “Skip” in the event history, but my sitemap is still not confirmed. please can someone help me?

Security → WAF
Custom rules

  1. URI Path → contains → “sitemap” and “Known Bots” → skip
    WAF components to skip (check all)
  2. User Agent → contains → Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) → skip(check all)
  3. User Agent → contains → Value → Googlebot → skip skip(check all)

IP Access Rules

  1. 66.249.73.131 → All websites in account → Allow
  2. 66.249.73.132 → All websites in account → Allow
  3. 66.249.75.71 → All websites in account → Allow

Security → Settings

  1. Security Level → Medium (Essentially Off also tried, but to no avail.)
  2. Browser Integrity Check → off

Page Rules

  1. *.OOOOO.com/sitemap.xml → Cache Level: Bypass
  2. *.OOOOO.com/sitemap_index.xml → Cache Level: Bypass

Cache Rules
URI Path → contains → sitemap → Bypass cache

Screenshot (11)
Screenshot (11)822×646 25.9 KB

11

Pausing cloudflare makes the 403 go away. It seems to be a configuration issue with cloudflare. The hosting company said it was a clareflare configuration problem.

Screenshot (12)
Screenshot (12)1017×596 19.6 KB

1 Like