Is that pesky ‘Cloudflare error 521’ plaguing your website?
This is one of the common errors caused while using Cloudflare on the website.
Generally, this error occurs due to an offlined webserver or due to Cloudflare request blockage.
At Bobcares, we often receive requests to resolve Cloudflare errors as a part of our Server Management Services.
Today, let’s see what causes this Cloudflare error and how our Support Engineers fix it.
What causes Cloudflare error 521?
Generally, it means that the web browser was able to connect to Cloudflare. But, Cloudflare was not able to connect to the webserver.
Actually, Cloudflare tried to connect to the website’s server on port 80 or 443 but in response received a connection refused error. The major two reason or the causes are:
First, the webserver might be down for some reason. If the website’s server is down, then Cloudflare can’t connect to the server and as a result, it will not display the website when a visitor visits it.
Second, the webserver might be up and running but it is blocking Cloudflare IPs. Any server end security methods might block the Cloudflare’s IP unknowingly.
In the webserver having any firewall set, it seems like the traffic to the website is coming from a bunch of Cloudflare IPs.
Unaware of these Cloudflare IPs, the security methods will block those Cloudflare IPs. The sample error will look like:
How we fix Cloudflare error 521?
Recently, one of our customers approached us with an error 521. Let’s see how our Support Engineers investigate the error and resolve it.
1. Ensuring the responsiveness from the webserver
Initially, our Support Engineers check the web service in the server. We verify the service using the command
For Apache: service apache2 status
For Nginx : service nginx status
If the service is down we start the service back.
Finally, we check for the availability of the website using the command.
curl -Is http://www.domain.com | head -n 1As a result, we received an http200 response. This confirmed that the webserver to be up and running well.
If there would be some trouble in the server then the response of the above command would be ‘host not found’ or ‘failed to connect’.
2. Check for any blocked Cloudflare requests
On the server, we verify if the port 80/443 is open. We use the commands to verify it.
netstat -tulpn | grep :80
netstat -tulpn | grep :443
If we find any port block in the server we open the port.
We further moved to troubleshoot the error by checking if there is any IP blocked on the server. Since the customer was using the iptables firewall we use the command.
iptables -L INPUT -v -nFrom this, we could see that few Cloudflare IPs were present in the block list. So, we remove the IP from the list using the command
iptables -D INPUT -s xxx.xx.xx.x -j ACCEPTAlso, we checked for .htaccess file and confirmed if there is any blockage set in it as well, but there was no such block rule set.
Finally, this fixed the error. And the website was accessible without any error.
[Need any further assistance with Cloudflare error? – We’ll help you]
Conclusion
In short, the Cloudflare error 521 occurs due to offlined webserver or due to Cloudflare request blockage. Today, we discussed the reasons behind this error and saw how our Support Engineers fix it.
Fix 433 is not the SSL port:
netstat -tulpn | grep :443
Hello Ramphy,
Thank you for pointing out the typo. It is corrected now.