Cloudflare 520 error is a common error that triggers when the origin server returns an empty or unexpected response. This happens mainly when the server is unable to send a timely response due to a resource-intensive process.
Today, let’s discuss some tips to fix the code 1004 DNS Validation Error.
What is Cloudflare code 1004?
Cloudflare error 1004 indicates that Cloudflare is unable to complete an action performed by the user. Users normally face this error while adding/editing DNS records in the Cloudflare DNS area. For instance, a typical error message looks like:
Causes for Cloudflare code 1004
Cloudflare error 1004 could be triggered due to issues with the DNS records, conflicts with the Cloudflare proxy etc. Some of the common reasons for this error are:
Error with DNS records
Conflict with Cloudflare proxy
Invalid TTL value
Let us now look at the tips to fix each of them.
Error with the DNS records
The most common reason for the Cloudflare code 1004 is an error with the DNS record that the user is trying to add. For instance, while adding A record, ensure that you are adding the correct record without any unwanted spaces and characters. Common mistakes made with DNS record include:
While adding A record, verify the IP address of your origin server is correct, is not a Cloudflare IP address, and has not recently been changed by your hosting provider. Also, remove any blank spaces before and after the IP address.
While adding a CNAME record, ensure that it is pointing to a hostname. A CNAME record cannot point to an IP address. Instead, add an A record for the IP address and then use the corresponding A record for adding the CNAME record.
While entering the MX record, try to enter the records manually instead of copy-pasting them it may also copy hidden characters. Also, use the hostname of the mail server instead of the IP address.
Some of the DNS records require the Cloudflare proxy to be turned off. Thus, it would be a good idea to try adding the records after turning off the Cloudflare proxy.
To turn off the Cloudflare proxy, we just need to toggle the cloud icon from orange to grey.
Invalid TTL value
Another major reason for the code 1004 is invalid TTL value. Cloudflare recommends using the TTL value between 120 and 2,147,483,647. However, users have a tendency to limit it to a much lower value to reduce the DNS propagation time. This in terms may lead to the DNS validation limit.
If you are not sure about the exact TTL value to be used, a suggested method is to set the TTL value to 1 to set the TTL value to automatic.
At times this error could be a glitch caused by browser cache. Clearing the browser cache or re-login to the Cloudflare portal from an incognito window helps to overcome this error. Also, there is a known issue in editing Cloudflare DNS records using mobile versions. Thus it would be a good idea to switch to a desktop browser.
In short, Cloudflare code 1004 is triggered while adding DNS records. This is primarily due to invalid format of the records or hindrance caused by Cloudflare proxy. Today we discussed some tips that our Support Engineers follow to fix the error message.
Cloudflare rate-limiting feature is designed to protect online services from attack methods like brute force logins, DDoS attack, etc. However, this feature can block legitimate access to the services at times with Cloudflare error 1015 “You are being rate-limited”.
As a part of our Server Management Services, we help webmasters, web hosts and other online service providers to fix similar Cloudflare errors.
Today, let us discuss the possible reasons and fixes for this error.
What is Cloudflare error 1015?
Cloudflare Rate Limiting identifies and mitigates excessive request rates to the domain or specific URLs. Once an individual IP address exceeds a rule threshold, further requests to the origin web server are blocked with an HTTP 429 response.
The user is displayed with an error message as below:
Generally, these blocks are temporary and will be removed automatically after the specified time period. Though it is meant to block/prevent the suspicious requests to the website at times legitimate requests also get rate limited by the rules. Let us get into some of those cases and the tips to fix it in each case.
Low rate limiting threshold
A very low threshold limit is the prime reason for the error 1015 in most cases. The rule settings option allows us to limit the number of page requests from an IP address in a given time interval.
In most cases, users assume that each page of the website is equal to one request. However, this is not true. Limiting the value of request based on this assumption yields frequent 1015 error.
For instance, try accessing the google developer tools console for a website. It can be accessed from the More tools >> Developer tools option in Google chrome. Navigate to the Network tab and then refresh your page. You may find a result as below.
The bottom part of the page shows 50 requests. Thus a single page may contain about 50 requests or more.
Hence, one way to fix the Cloudflare rate limit error is to increase the request threshold to a moderate value.
Active Rate Limiting rules
At times, we receive requests that the users are getting 1015 error even after disabling the Rate Limiting.
To prevent this, we need to ensure that the Rate Limiting rules that were configured for the domain are removed. This is because, in rare cases, these rules can still work even though the Rate Limiting feature is disabled for the domain
Thus the preferred method is to re-enable the rate limit, delete all the rules set for it, and then disable the rate limit to make it actually stop processing the rules.
Aggressive Rate Limiting rule
Another common mistake that is made while setting the rate limit rule is to keep it highly aggressive. Cloudflare’s recommended value for the rate limit time is 10 seconds or more. If any rule is configured to block an IP address for 1 sec, it is more likely to block legitimate requests.
In short Cloudflare error 1015 is triggered due to Firewall rules Rate Limiting the accesses from the IP addresses. Though this is a method adopted to work against DDoS attacks and brute force attempts, at times legitimate requests are also blocked with this error. Today we discussed some tips that our Support Engineers follow to fix the error message.
Today we will look at the cause for this error, and the solutions that worked for us.
What causes Cloudflare error 1020 access denied?
In a recent support request that we received, the webmaster’s developer working from another country is unable to access the website. The error message on the screen was:
In general, WAF firewall rules blocking access to the website can trigger the above error message.
If you are receiving this error on any random site, it means the website owner has implemented a Firewall rule in Cloudflare. This rule is either blocking your IP address, browser, or country.
Likewise, if you receive this error for your own site, it can be fixed easily by proper identification and modification of the offending rule.
Find the rule that triggered Cloudflare error 1020 access denied
The first step is to confirm if the error is actually related to Cloudflare. Temporarily disabling it from the Cloudflare portal can confirm it. The Pause Cloudflare on Site option under the Overview tab in the Cloudflare portal can stop Cloudflare temporarily.
Once it is confirmed that the issue is with Cloudflare end, the next step to fix the access denied error is to find the exact rule that triggered the error. A search for the RAY ID in the Firewall Events Log will provide a clue on the rule id.
The following steps will help us to access the WAF event logs:
1. Log in to the Cloudflare dashboard.
2. Click the appropriate Cloudflare account.
3. Select the proper domain.
4. Click the Firewall app.
5. The Overview tab lists the Activity log.
6. Click any entry in the Firewall Activity log to expand further details.
Once we are in the Firewall Activity log, Filters can be added based on RAY ID from the Add filter option
For more details on adding filters and sharing the details, refer to the official Cloudflare page.
Edit Firewall rules
Once we find the exact rule, the next step is to make changes to the rule to make the website accessible. The rules will be visible under the Firewall rules option in the Firewalls section. To edit the rule, click on the wrench icon next to the rule.
Turn off Firewall rules
At times, if the Firewall activity log may not provide a clue on the exact rule id. Hence, we then will need to go for a trial and error method. That is, we need to disable all the firewall rules and then enable them one by one. Just a click on the toggle switch next to the rule id will turn the rule ON/OFF.
To sum up, the restrictions placed by WAF rules generally triggers the Cloudflare error 1020 access denied. Proper identification and modification of the rule can fix the error. Today we discussed the different methods that our Support engineers use to find the exact rule and to resolve the error
Bobcares is a server management company that helps businesses deliver uninterrupted and secure online services. Our engineers manage close to 51,500 servers that include virtualized servers, cloud infrastructure, physical server clusters, and more.