I seem to have a problem with getting 524 errors when a website is using “orange cloud” and has a page rule of “bypass”, which we want in order to protect our API which must never be cached. I’ve been speaking to CF support, who are helpful but haven’t really resolved my problem.
A 524 implies that CF have connected to our website, but not got a response, however tracing at the socket accept() level shows no inbound connections, and no open requests being processed.
Closing our webserver down while we are waiting for a response does not cause CF to return an error faster, which suggests it is not connected to us.
Our test page is a simple HTML with 15 or so PNG images.
The server is under light load. We have moved from a local ISP to Azure, but no change.
If I switch to “grey cloud”, then everything works perfectly - but this leaks our IP address so doesn’t offer any DDOS protection that we want from CF
We tried switching the website to HTTP/1.0 and closing after each request, that had no effect.
Our webserver is very fast especially for these small static requests, in fact using CF slows the overall experience down by 20-40mS per request, but that is acceptable, we want the DDOS protection more.
If we browse direct to the origin at the same time, it never has any issues.
When reloading the page in the browser, the resource we get the 524 is random, not fixed to certain resources.
There is no FW in Azure
There is no rate limiting either (and if there was then the browser direct to origin would have issues)
When using orange cloud and normal caching we do not really see any errors, essentially the CF caching masks any issues, which you would expect
Setup to reproduce:
Add DNS for orange.example.com “orange cloud”
Add page rule cache-control=bypass
Add DNS for grey.example.com “grey cloud”
Test web page with simple HTML and 15 or so IMG tags
Browsing to orange.example.com frequently get 524 errors, but using grey.example.com has no problems,
Does anyone else see Origin Timeouts constantly, especially for a site hosted on Azure.
How do other sites handle REST API urls that shouldn’t be cached by CF - is there a better pattern than using orange cloud and bypass page rules?
Any other troubleshooting tips? I accept we might have something setup wrong, but struggling to see what.