updown.io – Website monitoring, simple and inexpensive

Documentation 〉Known issues when monitoring a Cloudflare protected website

CloudFlare being made to prevent automated requests to your websites, there's a lot of ways in which it can cause trouble when trying to monitor a CloudFlare backed websites with updown.io. Here is a list of some known problems and potential solutions to check. If you have suggestions for changes to this page please let us know.

My website is down but updown report it as up

This is most likely because you have the "Always Online" Cloudflare feature enabled which keeps some pages in cache and serve them even when you origin is down. This is usually good for your end-users, but it means updown cannot see some downtimes. We don't have a recommended way to circumvent this, If it's possible to disable/disallow "Always Online" for some pages, the easier way may be to monitor a specific page which does not have "Always Online" (for example the login page)

Another possibility is that you have public caching enabled on your page (Cache-Control HTTP header), which allows CloudFlare to keep a cached version in memory and serve it for some time. This is good for performance and availablity but again can make the monitoring lag to detect problems. The easiest way to circumvent this is to put the monitoring on a non-cachable page. Another option could be to add some custom headers on updown side to disable caching (for example "Cache-Control: no-cache"), providing your server honors them.

My website is up but updown reports 403 Forbidden?

This likely means CloudFlare is blocking our requests, if you have "Super Bot Fight Mode" enabled, you'll need to "Allow" the "Verified bots" to allow requests from updown.io:

screenshot of cloudflare UI showing the verified bot selector

Unfortunately, even writting a custom rule to allow updown.io by User-Agent or IP does not seem to bypass the Super Bot Fight if you have "Block" selected here. So at the moment there's no known way to block other "Verified bots" while still allowing only updown.io.

Sometimes updown is not even considered a "Verified bots" but falls in the "Definitly automated" category so in this case your only option seems to be to allow them (which mean basically disable Bot Fight Mode).

If this is not helping, we recommend looking at your Firewall Events log to see the reason for the blocking, it is located in the Security app under the Overview tab.

Adrien Rey-Jarthon

Created on October 17, 2023 · Suggest changes to this page