Keep seeing Forbidden 403 from Cloudflare?

Shows up sometimes, after a few updates it goes away … Is there a reason for this?

Hey Riha. Could you share a Ray-ID for a request that gets blocked? Feel free to DM me.

I’m seeing the same issue after setting up Fastly CDN in front or my Render service a couple days ago. The issue is intermittent and Fastly has confirmed that it’s not on their end as far as they can tell.

@riha the issue in my cased ended up being a hostname mismatch with the CDN. We have a custom domain name pointing to the CDN and the CDN was forwarding to, but passing through the custom domain name unmodified in the host header. Render’s Cloudflare setup has a sanity check that matches the TLS certificate domain name ( with the host header then rejects the request with a 403. Confusingly it on occasionally causes issues. The fix was to override the host header to match the Render service name.

I experienced a similar issue with the 403 error. We have an app running on render that sits behind an nginx proxy of our main website. The plan was to have a particular part of the website, at a given path, to be served by render.

Within render, you can add custom domains, but you have to set a DNS record and verify, which won’t work for us, as the main website points elsewhere. The solution I currently have in mind is to override the host header in the nginx proxy pass to use the domain assigned to the app:

proxy_set_header Host;

Does anyone know of an alternative solution?

If it’s behind a proxy then using the should be fine as it would never be exposed directly,


John B