steps to reproduce:
I start Tor Browser (under linux).
Then I start Mozilla Thunderbird that is set to use socks5 proxy on port 9150 for me (torified Thunderbird).
I try subscribe to an RSS feed that is located on a site that uses Cloudflare, such as this
Thunderbird says “this feed is not autorised”. This is true for any RSS feed on any site that uses Cloudflare (including my own).
If I change Thunderbird settings to “no proxy”, I can subscribe to the feed. So the problem is not in Thunderbird setup, it is somehow related to how Cloudflare handles Tor traffic.
It is the same problem with torified curl
curl https://navalny.com/blog/post.rss --socks5-hostname 127.0.0.1:9150 -v -O
< HTTP/2 403
< date: Fri, 20 May 2022 09:27:53 GMT
< content-type: text/html; charset=UTF-8
< cf-chl-bypass: 1
You’ll have to contact the site owner as it is their security settings, Cloudflare can’t help you with this issue or overrule their security settings.
Which exactly security settings should be applied? My own site has the same problem, I want to try it on my own site first.
The problem seems to be intermittent. Once in, say, 50 requests it works as expected.
This happened just now - both curl and thunderbird work. But then again it returns 403.
On my own site I can look in the activity logs.
It logs this request:
IP address 2a03:4000:6:36b7::4
Rule ID badscore
Action taken Managed Challenge
this is what curl shows as 403 and Thunderbird as Not authorised
There should be more in the activity log but at a glance, the IP’s reputation is bad and therefore the configured Security Level is blocking it.