An Error 521 means that the origin web server refused the connection from CloudFlare.
There are two main reasons why this would occur. In both cases, work with your hosting provider to help resolve the issue.
1) The origin web server is not turned on
2) Something on the web server or hosting provider's network is blocking CloudFlare's
requests. Since CloudFlare acts as a reverse proxy, all connections to your server come
from a CloudFlare IP. Since the same amount of traffic now comes from a smaller number
of IPs, server-side security solutions can mistake the increase in connections from this
smaller set of IPs as an attack, when they are legitimate.
- Make sure that you're not blocking CloudFlare IPs in .htaccess, iptables , or your firewall.
- Make sure your hosting provider isn't rate limiting or blocking IP requests from
the CloudFlare IPs and ask them to whitelist the IP addresses found here: www.cloudflare.com/ips
- Make sure that you're operating off of the most recent versions of Bad Behavior or mod_security. You want to ensure that mod_security's core rules aren't blocking CloudFlare requests.
- If you are running custom Apache modules, such as mod_antiloris and mod_reqtimeout, disable and unload the modules. These modules will block any time an IP that connects more than 22 times. Since all connections are now coming from a CloudFlare IP, you will definitely hit the limit causing the error page. As soon as you unload the module, the issue will disappear.