Cloudflare error 1020 access denied is caused due to restrictions placed by firewall rules. Webmasters, particularly with developers working from another country, may experience this error frequently.
Today we will look at the cause for this error, and the solutions that worked for us.
What causes Cloudflare error 1020 access denied?
In a recent support request that we received, the webmaster’s developer working from another country is unable to access the website. The error message on the screen was:
In general, WAF firewall rules blocking access to the website can trigger the above error message.
If you are receiving this error on any random site, it means the website owner has implemented a Firewall rule in Cloudflare. This rule is either blocking your IP address, browser, or country.
Likewise, if you receive this error for your own site, it can be fixed easily by proper identification and modification of the offending rule.
Find the rule that triggered Cloudflare error 1020 access denied
The first step is to confirm if the error is actually related to Cloudflare. Temporarily disabling it from the Cloudflare portal can confirm it. The Pause Cloudflare on Site option under the Overview tab in the Cloudflare portal can stop Cloudflare temporarily.
Once it is confirmed that the issue is with Cloudflare end, the next step to fix the access denied error is to find the exact rule that triggered the error. A search for the RAY ID in the Firewall Events Log will provide a clue on the rule id.
The following steps will help us to access the WAF event logs:
1. Log in to the Cloudflare dashboard.
2. Click the appropriate Cloudflare account.
3. Select the proper domain.
4. Click the Firewall app.
5. The Overview tab lists the Activity log.
6. Click any entry in the Firewall Activity log to expand further details.
Once we are in the Firewall Activity log, Filters can be added based on RAY ID from the Add filter option
Edit Firewall rules
Once we find the exact rule, the next step is to make changes to the rule to make the website accessible. The rules will be visible under the Firewall rules option in the Firewalls section. To edit the rule, click on the wrench icon next to the rule.
Turn off Firewall rules
At times, if the Firewall activity log may not provide a clue on the exact rule id. Hence, we then will need to go for a trial and error method. That is, we need to disable all the firewall rules and then enable them one by one. Just a click on the toggle switch next to the rule id will turn the rule ON/OFF.
Conclusion
To sum up, the restrictions placed by WAF rules generally triggers the Cloudflare error 1020 access denied. Proper identification and modification of the rule can fix the error.