Unable to add new web host to CF using previous domain
What steps have you taken to resolve the issue?
Moving to a new web server. Set up a fresh Ubuntu 20.04 server. I checked ufw and iptables. Nothing appears to be blocking Cloudflare from connecting to the server. Apache vhost settings were copied from previous server.
One difference is I was using Flexible on the old server (no critical information so encryption between host and CF wasn’t a big issue) but on the new server, I set up certbot/LetsEncrypt. Initially I only did the wildcard cert then realized I should have done wildcard and no-subdomain so reissued/expanded the cert.
Main URL (CF proxied, 522 error): newjerseyhud com
A bypass URL (non-proxy) works fine: direct newjerseyhud com
Hmm.. that might be another issue. I just checked with some remote website checkers and confirmed that it’s not loading correctly. I just set it to proxy, confirmed I got the 522 error and when I removed the proxy it’s doing the same thing.
Very odd since it was working before I flipped the proxy back on and off. Regardless, the question is the same. Why are BOTH of them now giving me a 522 error.
When direct was working, I saw the hits in the access log on the server.
If I go directly to the IP address (104.130.31.153) with https, it works. Basically the web server seems fine and is accepting requests on 443. We have other websites on the same server going through a security service and all of those work ok (client → domain name/cloudflare dns → security service → web server instead of client → cloudflare dns → cloudflare proxy/security → web sever).
Basically I’m asking what settings might be in Cloudflare or on the web server that Cloudflare might be having issues with when accessing the web server and getting the 522 host error.
Again, I checked ufw and ip tables and other access either directly to the ip or through the security service we’re testing are working just fine and the old server works just fine without the security service, just CF proxy/security. I want to test the new web server with just CF security and not the security service we’re testing.