520 Error - HTTP Health Check

dash-dns
error
500-error
#1

So I just moved my domain’s nameservers to Cloudflare. I read and was under the impression that Cloudflare provided a full featured API to allow with automating tasks, so I made the move.

I have a A name recording point to my servers IP. Upon first moving over, I was getting 520 errors. Using their troubleshooting methods, I found the reason to be due to Cloudflare’s health check which is done using http.

My web application is setup to reject non unsecure (http) connections. When I change that setting to allow unsecure, then the 520 errors go away and my application loads. You could always get to the site by IP address as well.

Given that in my Cloudflare settings for this domain, I have it set to use https only and yet the health check is still in http. Is there a way to change this health check or do I need to move my nameservers back to my previous service?

#2

It certainly makes sense for Cloudflare to use Port 80 for a health check, as that port should be alive on all web servers. Yes, I’ve been tempted to block that port as well, but it frequently breaks things. It should be left open. If Cloudflare were to let you configure health checks for Port 443, I bet a lot of people would do that when they shouldn’t.

https://scotthelme.co.uk/why-closing-port-80-is-bad-for-security/

closed #3

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.