Access Denied
What 1020 Means
The 1020 error on the Cloudflare Edge-Errors indicates access denied. This typically occurs due to blocked by a web application firewall (waf) rule.
A 1020 error is a generic WAF rejection screen. It indicates the client's request violated a strict security rule engineered by the domain owner.
Technical Background
Unlike 1015 which is about volume, 1020 is strictly about payload and identity. The edge actively inspected the request and deemed it fundamentally malicious or unauthorized.
A Ray ID is provided on the page to help administrators aggressively trace the exact firewall rule that triggered the block.
Common Causes
- Blocked by a Web Application Firewall (WAF) rule
- Country or ASN block actively enforced
- A custom firewall rule rejecting specific user agents
Typical Scenarios
- A user attempts an SQL injection payload via a search box, deeply triggering the managed WAF.
- A system administrator actively blocks all traffic coming from a specific foreign country.
What to Know
If this was an accidental block, administrators must check the Security Events log in Cloudflare, searching by the Ray ID, to modify the overly strict rule.
Frequently Asked Questions
Common questions about Cloudflare 1020 error
It indicates the website's firewall detected heavily suspicious behavior or a restricted location, and securely blocked your access.