If CloudFlare can not connect to your server, various CloudFlare 5xx error messages can appear when you visit a site's urls. The various error messages are as follows:
General causes of the above errors:
- Your server or hosting provider is having issues
- Your server or hosting provider is not having issues, but either your hosting provider or server is limiting or blocking connections from CloudFlare IPs
Tips to diagnose if your origin server is offline
When you see the a CloudFlare 5xx error message, the first step you should take is to check to see if your origin server is having issues. To do so, there are two tests that you can run.
Test 1) Try accessing the following subdomain for your website (i.e yourdomain.com):
If you can't get to the site going direct, then the issue is likely with your server or hosting provider. In this case, contact your hosting provider to find out why your origin server is offline.
Note: CloudFlare adds the 'direct' subdomain when you sign up for the service. It bypasses CloudFlare's network. Some users choose to edit the name of the subdomain, so if you've changed the name, then you should replace 'direct' with the revised subdomain name.
Test 2) Run the following curl command in Terminal or Putty:
curl -v -H 'Host: yourdomain.com' server IP address
So, as an example:
curl -v -H 'Host: yourdomain.com' 220.127.116.11
Tip: You can get your server IP address from your CloudFlare DNS Settings page for the domain.
If the curl returns an error message like "can't connect to host" or "500 internal server error", then the issue is with your server or hosting provider. Please contact your hosting provider for assistance.
If the curl returns HTML in the response, then the issue is that your server or hosting provider has rules in place limiting connections from CloudFlare IPs.
Proceed to the next section for Troubleshooting Help.
Tips to ensure CloudFlare's IPs are accepted by your server
If your server origin is online, then:
- Make sure that you're not blocking CloudFlare IPs in .htaccess, iptables , or your firewall.
- Make sure your hosting provider isn't rate limiting or blocking IP requests from the CloudFlare IPs and ask them to whitelist the IP addresses below:
3) Make sure that you're operating off of the most recent versions of Bad Behavior or mod_security. You want to ensure that mod_security's core rules aren't blocking CloudFlare requests.
4) If you are running custom Apache modules, such as mod_antiloris and mod_reqtimeout , disable and unload the modules. These modules will block any time an IP connects more than 22 times. Since all connections are now coming from a CloudFlare IP, you will definitely hit the limit causing the error page. As soon as you unload the module, the issue will disappear.