From 8160f1d02ffad4a32eb276a0a83cf14e24d56389 Mon Sep 17 00:00:00 2001 From: Max Phillips Date: Thu, 26 Sep 2024 10:44:58 -0500 Subject: [PATCH] Remove quotes and nbsps --- .../troubleshooting-cloudflare-5xx-errors.mdx | 114 +++++++++--------- 1 file changed, 57 insertions(+), 57 deletions(-) diff --git a/src/content/docs/support/troubleshooting/cloudflare-errors/troubleshooting-cloudflare-5xx-errors.mdx b/src/content/docs/support/troubleshooting/cloudflare-errors/troubleshooting-cloudflare-5xx-errors.mdx index 4c2af6e6b4e50c..e7cf72514dd2ce 100644 --- a/src/content/docs/support/troubleshooting/cloudflare-errors/troubleshooting-cloudflare-5xx-errors.mdx +++ b/src/content/docs/support/troubleshooting/cloudflare-errors/troubleshooting-cloudflare-5xx-errors.mdx @@ -28,7 +28,7 @@ Additional details to provide to your hosting provider or site administrator are ## Error analytics -Error Analytics per domain are available within [Zone Analytics](/analytics/account-and-zone-analytics/zone-analytics/). Error Analytics allows insight into overall errors by HTTP error code and provides the URLs, source IP addresses, and Cloudflare data centers needed to diagnose and resolve the issue.  Error Analytics are based on a 1% traffic sample. +Error Analytics per domain are available within [Zone Analytics](/analytics/account-and-zone-analytics/zone-analytics/). Error Analytics allows insight into overall errors by HTTP error code and provides the URLs, source IP addresses, and Cloudflare data centers needed to diagnose and resolve the issue. Error Analytics are based on a 1% traffic sample. To view Error Analytics: @@ -41,17 +41,17 @@ To view Error Analytics: ## Error 500: internal server error -Error 500 generally indicates an issue with your origin web server. *Error establishing database* *connection* is a common HTTP 500 error message generated by your origin web server.  [Contact your hosting provider](#required-error-details-for-hosting-provider) to resolve. +Error 500 generally indicates an issue with your origin web server. _Error establishing database_ _connection_ is a common HTTP 500 error message generated by your origin web server. [Contact your hosting provider](#required-error-details-for-hosting-provider) to resolve. **Resolution** -[Provide details to your hosting provider](#required-error-details-for-hosting-provider) to assist troubleshooting the issue. +[Provide details to your hosting provider](#required-error-details-for-hosting-provider) to assist troubleshooting the issue. -However, if the 500 error contains “cloudflare” or “cloudflare-nginx” in the HTML response body, provide [Cloudflare support](/support/contacting-cloudflare-support/) with the following information: +However, if the 500 error contains “cloudflare” or “cloudflare-nginx” in the HTML response body, provide [Cloudflare support](/support/contacting-cloudflare-support/) with the following information: 1. Your domain name 2. The time and timezone of the 500 error occurrence -3. The output of `www.example.com/cdn-cgi/trace` from the browser where the 500 error was observed (replace `www.example.com` with your actual domain and hostname) +3. The output of `www.example.com/cdn-cgi/trace` from the browser where the 500 error was observed (replace `www.example.com` with your actual domain and hostname) :::note @@ -65,16 +65,16 @@ and contact your hosting provider for assistance. ## Error 502 bad gateway or error 504 gateway timeout -An HTTP 502 or 504 error occurs when Cloudflare is unable to establish contact with your origin web server. +An HTTP 502 or 504 error occurs when Cloudflare is unable to establish contact with your origin web server. There are two possible causes: -- (Most common cause) [502/504 from your origin web server](#502504-from-your-origin-web-server) +- (Most common cause) [502/504 from your origin web server](#502504-from-your-origin-web-server) - [502/504 from Cloudflare](#502504-from-cloudflare) ### 502/504 from your origin web server -Cloudflare returns an Cloudflare-branded HTTP 502 or 504 error when your origin web server responds with a standard HTTP 502 bad gateway or 504 gateway timeout error: +Cloudflare returns an Cloudflare-branded HTTP 502 or 504 error when your origin web server responds with a standard HTTP 502 bad gateway or 504 gateway timeout error: ![Example of a Cloudflare-branded error 502.](~/assets/images/support/image1.png) @@ -82,7 +82,7 @@ Cloudflare returns an Cloudflare-branded HTTP 502 or 504 error when your origin Contact your hosting provider to troubleshoot these common causes at your origin web server: -- Ensure the origin server responds to requests for the hostname and domain within the visitor’s URL that generated the 502 or 504 error. +- Ensure the origin server responds to requests for the hostname and domain within the visitor's URL that generated the 502 or 504 error. - Investigate excessive server loads, crashes, or network failures. - Identify applications or services that timed out or were blocked. @@ -92,7 +92,7 @@ A 502 or 504 error originating from Cloudflare appears as follows: ![Example of an unbranded error 502.](~/assets/images/support/image5.png) -If the error does not mention `cloudflare`, contact your hosting provider for assistance on [502/504 errors from your origin](#502504-from-your-origin-web-server). +If the error does not mention `cloudflare`, contact your hosting provider for assistance on [502/504 errors from your origin](#502504-from-your-origin-web-server). This error can be returned in case of a compression issue at the origin, for example the origin server is serving gzip encoded compressed content but is not updating the `content-length` header, or the origin is serving broken gzip compressed content. You can try to disable compression at your origin to confirm if this is the root cause of the errors. @@ -105,11 +105,11 @@ You can find more information about our automated traffic management tools [in t **Resolution** -If you still need our Support team to help you investigate further, please provide these required details to [Cloudflare Support](/support/contacting-cloudflare-support/) to avoid delays processing your inquiry: +If you still need our Support team to help you investigate further, please provide these required details to [Cloudflare Support](/support/contacting-cloudflare-support/) to avoid delays processing your inquiry: 1. Time and timezone the issue occurred. -2. URL that resulted in the HTTP 502 or 504 response (for example: `https://www.example.com/images/icons/image1.png`). -3. Output from browsing to `/cdn-cgi/trace`. +2. URL that resulted in the HTTP 502 or 504 response (for example: `https://www.example.com/images/icons/image1.png`). +3. Output from browsing to `/cdn-cgi/trace`. --- @@ -123,11 +123,11 @@ HTTP error 503 occurs when your origin web server is overloaded. There are two p - Error contains `cloudflare` or `cloudflare-nginx` in the HTML response body. -**Resolution**: A connectivity issue occurred in a Cloudflare data center. Provide [Cloudflare support](/support/contacting-cloudflare-support/) with the following information: +**Resolution**: A connectivity issue occurred in a Cloudflare data center. Provide [Cloudflare support](/support/contacting-cloudflare-support/) with the following information: 1. Your domain name 2. The time and timezone of the 503 error occurrence -3. The output of `www.example.com/cdn-cgi/trace` from the browser where the 503 error was observed (replace `www.example.com` with your actual domain and hostname) +3. The output of `www.example.com/cdn-cgi/trace` from the browser where the 503 error was observed (replace `www.example.com` with your actual domain and hostname) --- @@ -144,13 +144,13 @@ make the record [DNS-only](/dns/manage-dns-records/reference/proxied-dns-records in the Cloudflare **DNS** app or [temporarily pause Cloudflare](/fundamentals/setup/manage-domains/pause-cloudflare/). ::: -[Contact your hosting provider or site administrator](#required-error-details-for-hosting-provider) and request a review of your origin web server error logs for crashes and to check for these common causes: +[Contact your hosting provider or site administrator](#required-error-details-for-hosting-provider) and request a review of your origin web server error logs for crashes and to check for these common causes: - Origin web server application crashes -- [Cloudflare IPs](https://www.cloudflare.com/ips) not allowed at your origin +- [Cloudflare IPs](https://www.cloudflare.com/ips) not allowed at your origin - Headers exceeding 16 KB (typically due to too many cookies) - An empty response from the origin web server that lacks an HTTP status code or response body -- Missing response headers or origin web server not returning [proper HTTP error responses](https://www.iana.org/assignments/http-status-codes/http-status-codes.xhtml). +- Missing response headers or origin web server not returning [proper HTTP error responses](https://www.iana.org/assignments/http-status-codes/http-status-codes.xhtml). :::note @@ -160,23 +160,23 @@ origin web server. If HTTP/2 is enabled at your origin web server, please check and make sure HTTP/2 is correctly configured. Cloudflare connects to servers who announce support of HTTP/2 connections via [ALPN](https://blog.cloudflare.com/introducing-http2). -If the origin web server accepts the HTTP/2 connection but then doesn’t respect or support the protocol, an HTTP Error 520 will be returned. +If the origin web server accepts the HTTP/2 connection but then doesn't respect or support the protocol, an HTTP Error 520 will be returned. You can disable the [HTTP/2 to Origin](/speed/optimization/protocol/http2-to-origin/#disable-http2-to-origin) setting on the Cloudflare Dashboard under Speed -> Optimization -> Protocol Optimization and check your origin web server configuration further. -If 520 errors continue after contacting your hosting provider or site administrator, provide the following information to [Cloudflare Support](/support/contacting-cloudflare-support/): +If 520 errors continue after contacting your hosting provider or site administrator, provide the following information to [Cloudflare Support](/support/contacting-cloudflare-support/): - Full URL(s) of the resource requested when the error occurred -- Cloudflare **cf-ray** from the 520 error message -- Output from `http:///cdn-cgi/trace` -- Two [HAR files](/support/troubleshooting/general-troubleshooting/gathering-information-for-troubleshooting-sites/#generate-a-har-file): +- Cloudflare **cf-ray** from the 520 error message +- Output from `http:///cdn-cgi/trace` +- Two [HAR files](/support/troubleshooting/general-troubleshooting/gathering-information-for-troubleshooting-sites/#generate-a-har-file): - one with Cloudflare enabled on your website, and - - the other with [Cloudflare temporarily disabled](/fundamentals/setup/manage-domains/pause-cloudflare/). + - the other with [Cloudflare temporarily disabled](/fundamentals/setup/manage-domains/pause-cloudflare/). --- ## Error 521: web server is down -Error 521 occurs when the origin web server refuses connections from Cloudflare. Security solutions at your origin may block legitimate connections from certain [Cloudflare IP addresses](https://www.cloudflare.com/ips). +Error 521 occurs when the origin web server refuses connections from Cloudflare. Security solutions at your origin may block legitimate connections from certain [Cloudflare IP addresses](https://www.cloudflare.com/ips). The two most common causes of 521 errors are: @@ -185,55 +185,55 @@ The two most common causes of 521 errors are: **Resolution** -[Contact your site administrator or hosting provider](#required-error-details-for-hosting-provider) to eliminate these common causes: +[Contact your site administrator or hosting provider](#required-error-details-for-hosting-provider) to eliminate these common causes: - Ensure your origin web server is responsive -- Review origin web server error logs to identify web server application crashes or outages. -- Confirm [Cloudflare IP addresses](https://www.cloudflare.com/ips) are not blocked or rate limited -- Allow all [Cloudflare IP ranges](https://www.cloudflare.com/ips) in your origin web server's firewall or other security software +- Review origin web server error logs to identify web server application crashes or outages. +- Confirm [Cloudflare IP addresses](https://www.cloudflare.com/ips) are not blocked or rate limited +- Allow all [Cloudflare IP ranges](https://www.cloudflare.com/ips) in your origin web server's firewall or other security software - Confirm that — if you have your **SSL/TLS mode** set to **Full** or **Full (Strict**) — you have installed a [Cloudflare Origin Certificate](/ssl/origin-configuration/origin-ca) -- Find additional troubleshooting information on the [Cloudflare Community](https://community.cloudflare.com/t/community-tip-fixing-error-521-web-server-is-down/42461). +- Find additional troubleshooting information on the [Cloudflare Community](https://community.cloudflare.com/t/community-tip-fixing-error-521-web-server-is-down/42461). --- ## Error 522: connection timed out -Error 522 occurs when Cloudflare times out contacting the origin web server. Two different timeouts cause HTTP error 522 depending on when they occur between Cloudflare and the origin web server: +Error 522 occurs when Cloudflare times out contacting the origin web server. Two different timeouts cause HTTP error 522 depending on when they occur between Cloudflare and the origin web server: 1. Before a connection is established, the origin web server does not return a SYN+ACK to Cloudflare within 15 seconds of Cloudflare sending a SYN. -2. After a connection is established, the origin web server doesn’t acknowledge (ACK) Cloudflare’s resource request within 90 seconds. +2. After a connection is established, the origin web server doesn't acknowledge (ACK) Cloudflare's resource request within 90 seconds. **Resolution** -[Contact your hosting provider](#required-error-details-for-hosting-provider) to check the following common causes at your origin web server: +[Contact your hosting provider](#required-error-details-for-hosting-provider) to check the following common causes at your origin web server: -- (Most common cause) [Cloudflare IP addresses](https://www.cloudflare.com/ips/) are rate limited or blocked in .htaccess, iptables, or firewalls. Confirm your hosting provider allows Cloudflare IP addresses. +- (Most common cause) [Cloudflare IP addresses](https://www.cloudflare.com/ips/) are rate limited or blocked in .htaccess, iptables, or firewalls. Confirm your hosting provider allows Cloudflare IP addresses. - An overloaded or offline origin web server drops incoming requests. -- [Keepalives](http://tldp.org/HOWTO/TCP-Keepalive-HOWTO/overview.html) are disabled at the origin web server. -- The origin IP address in your Cloudflare **DNS** app does not match the IP address currently provisioned to your origin web server by your hosting provider. +- [Keepalives](http://tldp.org/HOWTO/TCP-Keepalive-HOWTO/overview.html) are disabled at the origin web server. +- The origin IP address in your Cloudflare **DNS** app does not match the IP address currently provisioned to your origin web server by your hosting provider. - Packets were dropped at your origin web server. If you are using [Cloudflare Pages](/pages/), verify that you have a custom domain set up and that your CNAME record is pointed to your [custom Pages domain](/pages/configuration/custom-domains/#add-a-custom-domain). -If none of the above leads to a resolution, request the following information from your hosting provider or site administrator before [contacting Cloudflare support](/support/contacting-cloudflare-support/): +If none of the above leads to a resolution, request the following information from your hosting provider or site administrator before [contacting Cloudflare support](/support/contacting-cloudflare-support/): -- An [MTR or traceroute](/support/troubleshooting/general-troubleshooting/gathering-information-for-troubleshooting-sites/#perform-a-traceroute) from your origin web server to a [Cloudflare IP address](http://www.cloudflare.com/ips) that most commonly connected to your origin web server before the issue occurred. Identify a connecting Cloudflare IP recorded in the origin web server logs. -- Details from the hosting provider’s investigation such as pertinent logs or conversations with the hosting provider. +- An [MTR or traceroute](/support/troubleshooting/general-troubleshooting/gathering-information-for-troubleshooting-sites/#perform-a-traceroute) from your origin web server to a [Cloudflare IP address](http://www.cloudflare.com/ips) that most commonly connected to your origin web server before the issue occurred. Identify a connecting Cloudflare IP recorded in the origin web server logs. +- Details from the hosting provider's investigation such as pertinent logs or conversations with the hosting provider. --- ## Error 523: origin is unreachable -Error 523 occurs when Cloudflare cannot contact your origin web server. This typically occurs when a network device between Cloudflare and the origin web server doesn’t have a route to the origin’s IP address. +Error 523 occurs when Cloudflare cannot contact your origin web server. This typically occurs when a network device between Cloudflare and the origin web server doesn't have a route to the origin's IP address. -**Resolution** [Contact your hosting provider](#required-error-details-for-hosting-provider) to exclude the following common causes at your origin web server: +**Resolution** [Contact your hosting provider](#required-error-details-for-hosting-provider) to exclude the following common causes at your origin web server: -- Confirm the correct origin IP address is listed for A or AAAA records within your Cloudflare DNS app. +- Confirm the correct origin IP address is listed for A or AAAA records within your Cloudflare DNS app. - Troubleshoot Internet routing issues between your origin and Cloudflare, or with the origin itself. If none of the above leads to a resolution, request the following information from your hosting provider or site administrator: -- An [MTR or traceroute](/support/troubleshooting/general-troubleshooting/gathering-information-for-troubleshooting-sites/#perform-a-traceroute) from your origin web server to a [Cloudflare IP address](http://www.cloudflare.com/ips) that most commonly connected to your origin web server before the issue occurred. Identify a connecting Cloudflare IP from the logs of the origin web server. +- An [MTR or traceroute](/support/troubleshooting/general-troubleshooting/gathering-information-for-troubleshooting-sites/#perform-a-traceroute) from your origin web server to a [Cloudflare IP address](http://www.cloudflare.com/ips) that most commonly connected to your origin web server before the issue occurred. Identify a connecting Cloudflare IP from the logs of the origin web server. --- @@ -255,7 +255,7 @@ established, but does not send a timely response. Here are the options we'd suggest to work around this issue: - Implement status polling of large HTTP processes to avoid hitting this error. -- [Contact your hosting provider](#required-error-details-for-hosting-provider) to exclude the following common causes at your origin web server: +- [Contact your hosting provider](#required-error-details-for-hosting-provider) to exclude the following common causes at your origin web server: - A long-running process on the origin web server. - An overloaded origin web server. @@ -277,7 +277,7 @@ or If the timeouts are on write requests, the [Proxy Write Timeout](/fundamentals/reference/connection-limits/) of 30 seconds cannot be adjusted. ::: -- If you regularly run HTTP requests that take over 100 seconds to complete (for example large data exports), move those processes behind a subdomain not proxied (grey clouded) in the Cloudflare **DNS** app. +- If you regularly run HTTP requests that take over 100 seconds to complete (for example large data exports), move those processes behind a subdomain not proxied (grey clouded) in the Cloudflare **DNS** app. :::note @@ -292,8 +292,8 @@ As a workaround you can simply set the timeout to 1 second more (121 seconds ins 525 errors indicate that the SSL handshake between Cloudflare and the origin web server failed. Error 525 occurs when these two conditions are true: -1. The [SSL handshake](https://www.cloudflare.com/learning/ssl/what-happens-in-a-tls-handshake/) fails between Cloudflare and the origin web server, and -2. [*Full* or *Full (Strict)*](/ssl/origin-configuration/ssl-modes) **SSL** is set in the **Overview** tab of your Cloudflare **SSL/TLS** app. +1. The [SSL handshake](https://www.cloudflare.com/learning/ssl/what-happens-in-a-tls-handshake/) fails between Cloudflare and the origin web server, and +2. [_Full_ or _Full (Strict)_](/ssl/origin-configuration/ssl-modes) **SSL** is set in the **Overview** tab of your Cloudflare **SSL/TLS** app. :::note @@ -304,12 +304,12 @@ updates](/dns/manage-dns-records/how-to/managing-dynamic-ip-addresses). **Resolution** -Contact your hosting provider to exclude the following common causes at your origin web server: +Contact your hosting provider to exclude the following common causes at your origin web server: - No valid SSL certificate installed - Port 443 (or other custom secure port) is not open -- No SNI support -- The [cipher suites](/ssl/origin-configuration/cipher-suites/) presented by Cloudflare to the origin do not match the cipher suites supported by the origin web server +- No SNI support +- The [cipher suites](/ssl/origin-configuration/cipher-suites/) presented by Cloudflare to the origin do not match the cipher suites supported by the origin web server :::note @@ -336,7 +336,7 @@ level](https://docs.nginx.com/nginx/admin-guide/monitoring/logging/). Error 526 occurs when these two conditions are true: 1. Cloudflare cannot validate the SSL certificate at your origin web server, and -2. [_Full SSL (Strict)_](/ssl/origin-configuration/ssl-modes/full-strict/) **SSL** is set in the **Overview** tab of your Cloudflare **SSL/TLS** app. +2. [_Full SSL (Strict)_](/ssl/origin-configuration/ssl-modes/full-strict/) **SSL** is set in the **Overview** tab of your Cloudflare **SSL/TLS** app. **Resolution** @@ -347,18 +347,18 @@ For a potential quick fix, set **SSL** to _Full_ instead of _Full the domain. ::: -Request your server administrator or hosting provider to review the origin web server’s SSL certificates and verify that: +Request your server administrator or hosting provider to review the origin web server's SSL certificates and verify that: - Certificate is not expired - Certificate is not revoked -- Certificate is signed by a [Certificate Authority](https://en.wikipedia.org/wiki/Certificate_authority) (not self-signed) -- The requested or target domain name and hostname are in the certificate's **Common Name** or **Subject Alternative Name** +- Certificate is signed by a [Certificate Authority](https://en.wikipedia.org/wiki/Certificate_authority) (not self-signed) +- The requested or target domain name and hostname are in the certificate's **Common Name** or **Subject Alternative Name** - Your origin web server accepts connections over port SSL port 443 -- [Temporarily pause Cloudflare](/fundamentals/setup/manage-domains/pause-cloudflare/) and visit [https://www.sslshopper.com/ssl-checker.html#hostname=www.example.com](https://www.sslshopper.com/ssl-checker.html#hostname=www.example.com) (replace `www.example.com` with your hostname and domain) to verify no issues exists with the origin SSL certificate: +- [Temporarily pause Cloudflare](/fundamentals/setup/manage-domains/pause-cloudflare/) and visit [https://www.sslshopper.com/ssl-checker.html#hostname=www.example.com](https://www.sslshopper.com/ssl-checker.html#hostname=www.example.com) (replace `www.example.com` with your hostname and domain) to verify no issues exists with the origin SSL certificate: ![Screen showing an SSL certificate with no errors.](~/assets/images/support/hc-import-troubleshooting_5xx_errors_sslshopper_output.png) -If the origin server uses a self-signed certificate, configure the domain to use *Full* *SSL* instead of *Full SSL (Strict)*. Refer to [recommended SSL settings for your origin](/ssl/origin-configuration/ssl-modes). +If the origin server uses a self-signed certificate, configure the domain to use _Full_ _SSL_ instead of _Full SSL (Strict)_. Refer to [recommended SSL settings for your origin](/ssl/origin-configuration/ssl-modes). ### Error 526 in the Zero Trust context @@ -386,7 +386,7 @@ As a result, a valid SSL certificate is required at the origin. ## Error 530 -HTTP error 530 is returned with an accompanying 1XXX error displayed. Search for the specific [1XXX error](/support/troubleshooting/cloudflare-errors/troubleshooting-cloudflare-1xxx-errors) for troubleshooting information. +HTTP error 530 is returned with an accompanying 1XXX error displayed. Search for the specific [1XXX error](/support/troubleshooting/cloudflare-errors/troubleshooting-cloudflare-1xxx-errors) for troubleshooting information. Enabling [Load Balancing](/load-balancing/) in China will cause a `530` error.