2 Critical Errors on my website

I received these two critical errors on my site and the only way to get rid of them was to disable the proxy.

  1. The REST API request failed due to an error.
    Error: cURL error 35: error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert protocol version (http_request_failed)
  2. The loopback request to your site failed, this means features relying on them are not currently working as expected.
    Error: cURL error 35: error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert protocol version (http_request_failed)
    How do I fix this?

What is your site?

Looks fine to me:

curl -Iv https://benevolentwoman.com
* Rebuilt URL to: https://benevolentwoman.com/
*   Trying 188.166.150.243...
* TCP_NODELAY set
* Connected to benevolentwoman.com (188.166.150.243) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS Unknown, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Unknown (8):
* TLSv1.3 (IN), TLS Unknown, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS Unknown, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS Unknown, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Client hello (1):
* TLSv1.3 (OUT), TLS Unknown, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use h2
* Server certificate:
*  subject: CN=benevolentwoman.com
*  start date: May 13 23:45:38 2022 GMT
*  expire date: Aug 11 23:45:37 2022 GMT
*  subjectAltName: host "benevolentwoman.com" matched cert's "benevolentwoman.com"
*  issuer: C=US; O=Let's Encrypt; CN=R3
*  SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* TLSv1.3 (OUT), TLS Unknown, Unknown (23):
* TLSv1.3 (OUT), TLS Unknown, Unknown (23):
* TLSv1.3 (OUT), TLS Unknown, Unknown (23):
* Using Stream ID: 1 (easy handle 0x5604bfc30620)
* TLSv1.3 (OUT), TLS Unknown, Unknown (23):
> HEAD / HTTP/2
> Host: benevolentwoman.com
> User-Agent: curl/7.58.0
> Accept: */*
>
* TLSv1.3 (IN), TLS Unknown, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS Unknown, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS Unknown, Unknown (23):
* Connection state changed (MAX_CONCURRENT_STREAMS updated)!
* TLSv1.3 (OUT), TLS Unknown, Unknown (23):
* TLSv1.3 (IN), TLS Unknown, Unknown (23):
< HTTP/2 200
HTTP/2 200
< server: nginx
server: nginx
< date: Sat, 14 May 2022 02:14:43 GMT
date: Sat, 14 May 2022 02:14:43 GMT
< content-type: text/html; charset=UTF-8
content-type: text/html; charset=UTF-8
< vary: Accept-Encoding
vary: Accept-Encoding
< expires: Thu, 19 Nov 1981 08:52:00 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
< cache-control: no-store, no-cache, must-revalidate
cache-control: no-store, no-cache, must-revalidate
< pragma: no-cache
pragma: no-cache
< link: <https://benevolentwoman.com/wp-json/>; rel="https://api.w.org/", <https://benevolentwoman.com/wp-json/wp/v2/pages/30>; rel="alternate"; type="application/json", <https://benevolentwoman.com/>; rel=shortlink
link: <https://benevolentwoman.com/wp-json/>; rel="https://api.w.org/", <https://benevolentwoman.com/wp-json/wp/v2/pages/30>; rel="alternate"; type="application/json", <https://benevolentwoman.com/>; rel=shortlink
< cache-provider: CLOUDWAYS-CACHE-DC
cache-provider: CLOUDWAYS-CACHE-DC
< vary: Accept-Encoding
vary: Accept-Encoding
< last-modified: Sat, 14 May 2022 02:14:43 GMT
last-modified: Sat, 14 May 2022 02:14:43 GMT
< age: 0
age: 0
< x-cache: MISS
x-cache: MISS
< accept-ranges: bytes
accept-ranges: bytes

<
* Connection #0 to host benevolentwoman.com left intact

Can you check it after I enable proxy?

I have enabled the proxy and the critical error messages have returned.

It seems like proxy is still enabled as I am seeing Cloudflare certs. I still have no errors with curl or any browser.

Thank you for responding. I reposted because I didn’t know if you got the second message and someone flagged it as spam. I still don’t know why I am getting the critical errors on my site and I don’t want to disable the proxy and be prone to attacks. Hopefully someone else can give me some insight. I am not a coder and/or developer. I do have much respect for those that are because this is mind boggling.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.