I’ve been getting unbranded 403 cloudflare errors on my site for the past few weeks, for a few minutes at a time, thorughout the day.
I think the problem is that Cloudflare is unable to connect to my origin server securely, so it gives a 403 error.
At first it was because my server had AutoSSL renewing a Let’s Encrypt certificate, and AutoSSL failing because it needs a http redirect but I have a Cloudflare rule that redirects all http traffic to https, and then the origin cert failed and thus cloudflare couldn’t connect to origin.
I have now bought a dedicated cloudflare edge certificate and disabled the universal ssl. I have also generated a cloudflare origin certificate, installed that on my website, and disabled Let’s Encrypt and AutoSSL.
Despite the SSL settings being ostensibly correct, I still sometimes get the 403 error when trying to access my site. The odd thing is that after maybe 15 minutes the problem goes away and might not come back for a day, sometimes the problem lasts for hours.
I’ve exchanged dozens of messages about this with my hosting provider, but because the problems are so intermittent, it’s hard for them to reproduce, and diagnose.
My Cloudflare settings:
Edge certificate: Dedicated
Origin certificate: Installed on cPanel
Always use HTTPS: Off
Authenticated origin pulls: Off
Min TLS version: 1.0
TLS 1.3: Enabled
Universal SSL: disabled
Both domain and www.domain go through cloudflare
Minify all off.
Rocket loader off
Reproducing the issue is difficult, as there are no settings that I have changed between the site working and not working.