3 replies

CF returns 403 only sometimes for requests for js assets..

⚔️Security

For some time we're investigating 403 responses. We have domain like assets.domain.ltd configured with CNAME pointing to backblaze. Iinitial idea was maybe backblaze was returning error (in the past had a problem that some 3rd party cookies were breaking bacbklaze requests), so we created snippet to proxy requests to backblaze s3-like url. No help.
Then created worker - to gain possibility of logging errors and add some response header. No help.
Todays during tests from our office we saw some requests getting 403 with no extra headers - so looks like they did not hit worker.
That subdomain has page rule to skip all rate limitting/WAF/etc and office ip has also rule to skip any rate limitting.
I'm out of ideas, can ayone help discover what happened? Example CF-Rays from todays test: 9cc3b77a7b40ee3b-WAW and 9cc3bcaa5feb5149-WAW

Cloudflare Developers•2mo ago•

3 replies

zapalona_swieczka

CF returns 403 only sometimes for requests for js assets..

⚔️Security

CF returns 403 only sometimes for requests for js assets..

Similar Threads

CF returns 403 only sometimes for requests for js assets..

Similar Threads

Similar Threads

Similar Threads