Problems with routing to sites that seem to be using CloudFlare

jobcremers · ‎11-25-2019

Hi there, I have quite some websites running using cloudflare / github sites. For some interesting reason, the DNS filter manages to block everything that I have running through either of those. Examples:

https://devable.org

https://proofofconcept.tech

Why does it happen / what can I do to debug and fix this issue? Just make an exception? I want to know why the filter specifically selects everything I built and goes out and blocks traffic towards it :P Regards, J

Dave_Hall · ‎11-25-2019

devable.org's seems to be using a security certificate belonging to lucksoni.com, though devable.org is listed as an alternate name in a long list: {List of fqdns removed}

As for how the FortiGuard servers currently rates devable.org: it's unknown.

As for the DNS resolving itself - it looks to be currently alternating between two IP address - I speculation the "hosting servers" IP will change without notice and depending on the TTL, you may run into DNS resolving problems (especially on slow DSL/sat connections.

Best bet to troubleshooting this issue is to use FortiVew/web filter logs to drill down to the individual sessions of a workstation connecting to the site (or any site for that matter) to see what/why the connection is being blocked. Of course, you could try setting up a local ratings override for the site.

NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C