I’ve got a problem with some of my services running behind cloudflare. I already explained this issue on GitHub.
I’m currently using a VPN on my smartphone. The server I’m connected with stands in Germany. Everytime I disconnect the VPN or change the VPN server it works. Is it possible that cloudflare is blocking exactly this IP of the German VPN server, if so why?
Note: It worked already. I just noticed it yesterday.
Cloudflare is blocking you from your own site when on VPN and you don’t have any firewall rules turned on? What’s the error message and is it Cloudflare’s branded or generic?
I am seeing more and more sites blocked by cloudflare when I have any VPN on. This is not in the least cool and makes be doubt the value and intent of any MITM service like cloudflare.
Cloudflare IS blocking you. Their goal is to slowly take away your internet surfing freedom. Their goal is to track your every move. Its government surveillance at its finest. But they will always tell you its for your own safety. Good luck if you are in the west. I believe the last stat I heard was they have 7,591,745 websites and 20% are US sites. Control, Control, Control. Thats all they want
The strange thing is that as long as I connect to a server in another country, it works with VPN. The error message is: Request to gotify.domain.com/version failed with status code 403. The VPN isn’t from Cloudflare, in case this is what you mean?
Like is that 403 error code a cloudflare error or generic? If you Google images “Cloudflare 403” you’ll see what I mean. Basically the 403 can be generated by the server or by cloudflare. To figure out what’s going on we need to know where the 403 is coming from.
And you’re trying to access your own site behind cloudflare right? If it’s someone else’s site they could have a CF firewall rule blocking just Germany for some reason.
No the error message shows up inside the app. So I can’t say if it’s generic or from cloudflare.
Yea it’s my own site but I didn’t changed anything on cloudlfare.
Check Security > Events in the Cloudflare dashboard, that should tell you why stuff is getting challenged (the “Just a moment” page).
I’m sure you’ve read Cloudflare’s docs on 403 errors and ruled those out. SteveTechs suggestion will work if it’s something in your account blocking but if you didn’t set any rules you shouldn’t see anything there. Let us know.
Otherwise I would try repeatedly visiting another cloudflare protected site from the same vpn server and seeing what happens. If you can’t get there, then CF is blocking the IP for everyone because they see it as a security risk. If you visit the other site, AND you don’t see any rules triggered under security events then Id really have no idea
Cloudlfare put this out, but I’ve never configured any FW Rules:
Matched service
Service: Security level
Action taken: Managed Challenge
Rule ID: badscore
Other services/web sites of mine work without any problems
Your security rule will trigger badscore, you could either turn that down to like effectively off, or whitelist the IP or possibly user agent.
The VPN provider I use is not unknown. So there are probably others who have the same problem. Do you think it’s worth asking CF itself why they’re blocking this IP? I mean, I can just use another VPN server or, as you just say, put the IP on the whitelist.
They’re blocking it because that IP is suspicious, someone probably had a spam bot on that IP or something similar. So I don’t think it’s worth asking CF about.