What is error 1020 access denied - and why are you getting it when web scraping?

Ever bumped into Cloudflare's pesky error 1020 while web scraping? Find out what's going on, why it happens, and how you can avoid it like a pro.


Hey, we're Apify. You can build, deploy, share, and monitor your web scrapers and crawlers on the Apify platform. Check us out.

What is error 1020: Cloudflare access denied?

Error 1020, commonly referred to as the "access denied" error, is presented by Cloudflare when a user or script violates specific firewall rules. Cloudflare, as a global web infrastructure and security company, uses these rules to protect websites from potential malicious activities, including aggressive web scraping.

Error 1020 Cloudflare access denied: illustration of barriers to website access
It might not look like something out of Tron when you get a 1020 error, but it's a real barrier

Why is Cloudflare throwing the access denied error?

When you see the "Cloudflare error" along with access being denied, it's typically because the Cloudflare-protected website you're trying to access has set up firewall rules to prevent excessive or malicious requests. This can be especially true for web scrapers sending multiple, rapid requests to extract site data. The website's defenses identify this as potentially harmful behavior, triggering the access denied error.

How firewall rules impact web scraping site data

Firewall rules are a set of criteria that determine whether to allow or block specific traffic. For websites protected by Cloudflare, these rules can detect and stop web scrapers, especially if they're making requests too frequently or in patterns that seem automated. As a scraper, understanding these rules can help you refine your strategies to access site data without triggering these defenses.

Bypassing Cloudflare's error 1020: Tips for web scrapers

  1. Slow down your requests: By reducing the speed of your scraping activities, you can avoid hitting rate limits or appearing suspicious and behaving like a bot.
  2. Rotate IP addresses: Use proxy servers to distribute your requests across multiple IP addresses. This will help solve the problem of Cloudflare IP banning.
  3. Respect robots.txt: Always check the robots.txt file of a website. It provides guidance on what you can and can't scrape. If you don't need to scrape a particular page, skip it.
  4. Use headers wisely: Mimic real browser behavior by using user-agent strings and headers that won't immediately flag your scrapers as bots.
  5. Consider using scraping services: Tools and services designed for web scraping, such as Apify or the open-source web scraping library Crawlee, can help you deal with the intricacies of scraping websites protected by Cloudflare and other security measures.

There are more suggestions and examples, including the use of headless browsers, in our detailed article on how to crawl without getting blocked.

Ethical web scraping can help solve Cloudflare error

While the "Cloudflare access denied" error can be a hurdle for web scrapers, understanding the underlying reasons, such as firewall rules and site data protection strategies, can help you avoid the 1020 error. With the right knowledge and tools, you can ensure that your web scraping remains efficient and ethical.

The 1020 error isn't the only code you might run into when scraping. Find out how to solve the 403 error.

Get started now

Step up your web scraping and automation