520 error if I log in


I m having an issue with those 520 errors.

After playing a while (mostly deleting browser cookies and storage) I went to edge and it was working perfectly. Then I logged in on the site using edge, and same thing. So the issue seems to come from being logged. cookie or so… I forgot to mention I m using joomla

Needless to say, when I m greying out the proxy, the site works normally with no error at all in the logs

What can I do then?


I am sorry to hear you are experiencing an issue.

May I ask if you are seeing this error on your own Website?

Regarding Cloudflare 520 error, may I suggest you to try looking into below articles to troubleshoot the issue:

Before moving to Cloudflare, was your Joomla Website working over HTTPS connection?
Are there any possible firewall restrictions at your origin host/server?

May I ask what SSL option have you got selected under the SSL/TLS tab at Cloudflare dashboard for your domain ( Flexible, Full, Full Strict … )?

Here is a way to re-check if you correctly setup the SSL for your domain with Cloudflare:

In case you do not have an SSL certificate, you can use Cloudflare SSL, if so, kindly make sure you follow the instructions as follows on the below article to setup an SSL certificate using Cloudflare Origin CA Certificate:

Last but not least, kindly have a look here for more information regarding correct SSL settings at the SSL/TLS tab on Cloudflare dashboard:

Furthermore, do not skip below step and kindly re-check if Cloudflare is allowed to connect to your origin host to as follows in the below article:

Nevertheless, Cloudflare IP addresses list can be found here:

thanks for answering so fast

yes, it’s my website
yes the site is working on https independently of using cf or not (using lets’ encrypt cert) , on cf I m using full setting but flexible is fine too usually…

Thank you for feedback.

May I ask are you using www or non-www?
I am asking because of the possible cookie issue (with or without HTTP(S) in between).

Awesome, great! (hope it’s a valid one covering both non-www and www, and possibly other sub-domains like mail, etc.?)

Might want to switch to Full (Strict) SSL to get rid of the error.

Flexible SSL is really not recommended to use as there could be multiple :bomb: :boom: :exclamation: issues caused by using it as follows at the below article like Mixed Content or Redirect Loops, etc.:

i m using full now so I ll try flexible instead. thanks for the idea.

edit: same thing with flexible

I m enforcing www and I have a cert for that purpose

    ssl_certificate /etc/letsencrypt/live/www.site.ovh/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/www.site.ovh/privkey.pem;

Ehm, pardon me but I do not remember where did I stated to try it out, or did I recommended it somewhere in my above posts? :thinking:

From another recent topic and a lately one where the OPs have had encountered the 520 error and were using Joomla and a Flexible SSL option and got :boom: :

Similar Joomla problems :boom: while trying to log into into the Admin area:

1 Like

I’ve been in a video meeting with him. I can confirm that he’s a living, breathing bot.


yea well I guess I ll never know what’s the issue, seems quite standard here

my prod site is actually using cf on another server with no issue whatsoever…

You are so funny :slight_smile:
As far as I know, no, not yet being a :robot:

May I suggest below:

Also consider below steps:

  1. Open up your Joomla administrator.
  2. Go to System » Global Configuration .
  3. Open the Server tab.
  4. Set the Force HTTPS option to Entire site .
  5. Browse to your website and test

I know a couple of custom Joomla incl. K2 sites working fine with Cloudflare SSL + Redis/Memcached and Cache on Nginx web server:


Kindly, I’d suggest you to write a ticket to Cloudflare support due to your account and/or domain issue and share the ticket number here with us so we could escalate this issue:

  • Login to Cloudflare and then contact Cloudflare Support by clicking on the Get More Help button. If you get automatic reply, reply and indicate to it you need more help and reference to this topic
  • Or send an an e-mail to support[at]cloudflare[dot]com from your e-mail associated with your Cloudflare account

Furthermore, if you have been through all these above suggestion and are not seeing corresponding issues on your network/server and you have a ticket number with Cloudflare, please reply and post that ticket number # here.

To enable efficient troubleshooting by support, please ensure you include the following on the ticket:

  • example URL(s) where you are seeing the error
  • Ray IDs from the 520 pages
  • output from a traceroute from any impacted user
  • output of example.com/cdn-cgi/trace - replace example.com with the affected domain.
  • Also include two HAR file(s) : one detailing your request with Cloudflare enabled on your website and the other with Cloudflare temporarily disabled - see How do I temporarily deactivate Cloudflare
1 Like

I got a notify of this post so ill try to help, i solved the 520 errors problem by disabling the cloudflare railgun, later on some of the administration panel was not working properly, it was because you have to set the website configuration directly in the nginx.conf and not in a different file.
Also 520 errors could come from, wrong permissions or php errors when it comes to nginx.
You want to make sure that your joomla installation has the proper user and 755 permission for folders and 644 for files.

So the solution should be:

  1. Properly Config your Nginx.conf
  2. Properly give permissions (755 for folders, 644 for files, user should he nginx)
  3. Disable railgun on cloudflare (also try disabling rocket loader)
  4. Try ignoring cache for administration panel url with cloudflare page rules.

Doing all of the above fixed both my joomla and my WordPress installations.

1 Like

later on some of the administration panel was not working properly, it was because you have to set the website configuration directly in the nginx.conf

never heard something like this. defaut general nginx config lays in that file, specific virtual host goes to “site enabled”

Also as a reminder, I currently have the prod version of the same site working under cf on another server. with the exact same setup, that goes without saying.

my site directory is sooo wide opened right now that it’s a security hole to be honest. 777 www-data all the way :joy:

I don’t have rocket loader or railgun (can’t even find that param) enabled.

Now I enabled developpement mode and it stopped…

Try adding a page rule for the cache, if the development mode is working its probably a cache problem.

I think the most notable thing is it happens only while being logged in the site. otherwise no errors.

I m not sure exactly what you mean with

Refer to this for the page rule: https://support.cloudflare.com/hc/en-us/articles/201997250-Cloudflare-and-Joomla-Recommended-First-Steps

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.