Support

Troubleshooting

Common Issues & Solutions

This guide covers common monitoring issues and how to resolve them.

403 Forbidden Errors

If your monitor shows "HTTP 403 (Forbidden)" errors, your server is likely blocking our monitoring bot. This is a common issue with firewalls, WAFs (Web Application Firewalls), and CDN bot protection features.

Important

403 errors don't mean your site is down! Your site is likely working fine for regular visitors. The server is simply blocking automated monitoring requests.

Solution 1: Whitelist Our IP Addresses

Add our monitoring server IP addresses to your firewall or WAF whitelist. Visit our Bot Information page for a complete list of IP addresses by region.

Solution 2: Use a Custom User-Agent

If you can't whitelist IPs, you can override the User-Agent header in your monitor's Advanced Settings:

{ "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" }

Add this JSON to the "Custom Request Headers" field in your monitor's Advanced Settings.

Common Firewall/WAF Configurations
  • Cloudflare: Add our IPs to IP Access Rules or disable Bot Fight Mode for our IPs
  • AWS WAF: Create an IP set with our addresses and add an allow rule
  • Sucuri: Whitelist our IPs in the Firewall settings
  • Wordfence: Add our IPs to the whitelist in Firewall Options
  • ModSecurity: Add whitelist rules for our IP ranges

Cloudflare Configuration

Cloudflare's bot protection features are a common cause of 403 errors for monitoring services. Here's how to configure Cloudflare to allow our monitoring bot while keeping your site protected.

Option 1: Create an IP Access Rule (Recommended)

This is the most reliable method and works with all Cloudflare plans.

  1. Go to your Cloudflare dashboard and select your domain
  2. Navigate to Security → WAF → Tools
  3. Under "IP Access Rules", click Add
  4. Enter our monitoring IP address (see Bot Info page)
  5. Set the action to Allow
  6. Add a note like "Sentinel Uptime Monitoring"
  7. Repeat for each monitoring IP address
Option 2: Create a WAF Custom Rule

For more granular control, create a custom rule to skip security features for our bot.

  1. Go to Security → WAF → Custom rules
  2. Click Create rule
  3. Name it "Allow Sentinel Monitoring"
  4. Use the expression builder or enter this expression:
(ip.src in {YOUR_MONITORING_IPS}) or (http.user_agent contains "Sentinel")

Replace {YOUR_MONITORING_IPS} with our IP addresses from the Bot Info page.

  1. Set the action to Skip and select the security features to bypass
  2. Deploy the rule
Option 3: Disable Bot Fight Mode

If you're using Cloudflare's Bot Fight Mode and it's blocking our monitoring:

  1. Go to Security → Bots
  2. Find Bot Fight Mode and toggle it off

Note: Disabling Bot Fight Mode entirely reduces your bot protection. We recommend using Option 1 or 2 instead to whitelist only our specific IPs while keeping protection enabled.

Super Bot Fight Mode (Pro/Business/Enterprise)

If you have Super Bot Fight Mode enabled on a paid plan:

  1. Go to Security → Bots
  2. Under "Configure Super Bot Fight Mode", find the Definitely automated section
  3. Set it to Allow or create a custom rule (Option 2) to skip for our IPs
"Under Attack Mode" Considerations

If you enable Cloudflare's "I'm Under Attack Mode" during a DDoS attack, our monitoring will likely be blocked and show your site as down. This is expected behavior. Once the attack subsides and you disable Under Attack Mode, monitoring will resume normally. Consider setting up an IP Access Rule (Option 1) beforehand so monitoring continues working even during Under Attack Mode.

Connection Timeout Errors

Timeout errors occur when our monitoring servers can't reach your website within the configured timeout period.

  • Check if your server is actually online and responding
  • Verify your hosting provider isn't experiencing issues
  • Increase the request timeout in your monitor's Advanced Settings (default is 30 seconds)
  • Check for DNS resolution issues
  • Ensure your firewall isn't blocking connections from our monitoring regions

SSL Certificate Errors

SSL errors typically indicate certificate problems that could affect your visitors.

  • Expired certificate: Renew your SSL certificate immediately
  • Invalid chain: Ensure intermediate certificates are properly installed
  • Hostname mismatch: Your certificate must match your domain name
  • Self-signed: Use a certificate from a trusted CA

Slow Response Times

If you've enabled slow response alerting and are receiving alerts:

  • Check server resource usage (CPU, memory, disk I/O)
  • Review database query performance
  • Enable caching if not already configured
  • Consider using a CDN to improve global response times
  • Adjust the slow response threshold if your baseline is legitimately higher

Regional Outages

If your site is only showing as down from certain regions:

  • Check if geographic restrictions are blocking certain regions
  • Verify your CDN is properly configured for all regions
  • Check DNS propagation status if you recently made changes
  • Review regional firewall rules

Need Help?

If you're still experiencing issues, visit our Bot Information page for our IP addresses and contact information, or reach out to our support team.