If Cloudflare cannot connect to your server, a number of Cloudflare 5xx error messages can appear when you visit your site. The error messages are as follows:
General causes of the above errors:
- Your server or hosting provider is having issues
- Your server or hosting provider is not having issues, but either your hosting provider or server is limiting or blocking connections from Cloudflare IPs
Tips to diagnose if your origin server is offline
When you see a Cloudflare 5xx error message, the first step is to check if your origin server is having issues. To do so, there are two tests that you can run.
Test 1: Try accessing the following subdomain for your website (i.e example.com):
If the site cannot be reached by using the direct subdomain, then the issue is likely with your server or hosting provider. In this case, contact your hosting provider to find out why your origin server is offline. If this subdomain does not exist, proceed to the second test.
Note: Cloudflare adds the 'direct' subdomain when you sign up for the service. It bypasses Cloudflare's network. Some users choose to edit the name of the subdomain, so if you've changed the name, then you should replace 'direct' with the revised subdomain name.
Test 2: Run the following curl command in Terminal or Putty:
curl -v -H 'Host: example.com' server IP address
So, as an example:
curl -v -H 'Host: example.com' 220.127.116.11
Tip: You can get your server IP address from your Cloudflare DNS Settings page for the domain.
If the curl returns an error message similar to "can't connect to host" or "500 internal server error", then the issue is likely to be with your server or hosting provider. Please contact your hosting provider for assistance.
If curl returns the HTML for your site in the response, then the issue is that your server or hosting provider has rules in place limiting connections from Cloudflare IPs.
If your server origin is online, but connections from Cloudflare are being blocked, the following will help:
- Make sure that Cloudflare IPs are not being blocked in .htaccess, iptables, or any firewalls at your origin.
- Make sure your hosting provider isn't rate limiting or blocking IP requests from Cloudflare IPs and ask them to whitelist Cloudflare's IP ranges.
- If they are being used, make sure that the most recent versions of Bad Behavior or mod_security are installed. Ensure that mod_security's core rules aren't blocking Cloudflare requests.
- If custom Apache modules are installed and loaded, such as mod_antiloris and mod_reqtimeout, disable and unload the modules. These modules will block any time an IP connects more than 22 times. Since all connections are now coming from Cloudflare IP addresses, the connection limit causing the error page will be reached. As soon as the module is unloaded, the issue will disappear.