Keep seeing Forbidden 403 from Cloudflare?

Shows up sometimes, after a few updates it goes away … Is there a reason for this?

Hey Riha. Could you share a Ray-ID for a request that gets blocked? Feel free to DM me.

I’m seeing the same issue after setting up Fastly CDN in front or my Render service a couple days ago. The issue is intermittent and Fastly has confirmed that it’s not on their end as far as they can tell.

@riha the issue in my cased ended up being a hostname mismatch with the CDN. We have a custom domain name pointing to the CDN and the CDN was forwarding to my-service.onrender.com, but passing through the custom domain name unmodified in the host header. Render’s Cloudflare setup has a sanity check that matches the TLS certificate domain name (my-service.onrender.com) with the host header then rejects the request with a 403. Confusingly it on occasionally causes issues. The fix was to override the host header to match the Render service name.