Do you have Enhanced Security turned on in your 10.x deployment (shown in BESAdmin tool)? Did you ever?
Enabling Enhanced Security activates TLS 1.2 , and I believe once that’s done there’s no going back. I’m not sure whether the 8.x client supported TLS 1.2.
But if that was the case I’d expect a TLS error rather than an HTTP 403 error…but I’m not not certain how it would look on an 8.x client log honestly.
I also don’t think you can edit the actionsite.afxm file directly - it’s digitally signed so an edit from http to https should fail signature validation anyway, which might be the error you’re seeing after modifying the file.