Bad gateway?

I keep getting this error; " Error 502 Ray ID: 4dfa5538ae7e5a30 • 2019-05-31 16:30:33 UTC

Bad gateway"

and it has been like this for hours now. My host says the problem is Cloudflare.

1 Like

Does not seem correct. I switched nameservers to my host and my website works fine… So something is wrong with the Cloudflare

Unlikely to be honest. Whats the domain?

If it is kristindaily.org, so it does load via Cloudflare as well

It just takes relatively long, about seven seconds, but that is because of your web server.

I turned it back on now, because I have a hardblock on a certain IP that keeps flooding my domain. Will this attack ever go away?

Turning it back on to cloudflare gives immediate Bad gateway again

It still is not clear what domain we are even talking about.

If it is the one I mentioned, that worked as evident from the screenshot.

kristindaily.org. It worked when I deactivated Cloudflare. Now CF is activated and it gives Bad gateway. Why?

Well, again, as evident from my screenshot it did work via Cloudflare two days ago.

Right now, I can confirm the error, however that comes straight from your server.

image

I have put back the nameservers t my server now, and it says Bad Gateway. What could be causing this issue now out of the blue; after working well for about a month

You need to contact your host about that.

@i.adzemovic, as @sandro mentioned, the site is slow, but it does load for me. Are you still encountering the issue?

Guys, I am losing patience. I just swiitched back to be on CF and bad gateway is all I get!!

And in my account it says for me to change nameservers from OLD host, it doesnt recognize my current host nameservers. WHat the H is going on

Patience with your host?

Currently there is an SSL issue. You must have changed something about your cryptography configuration. Post a full page screenshot of your Crypto page. There’s also a chance that Cloudflare revoked your certificate because you have changed nameservers, in which case you’d need to wait until Cloudflare validates your domain again and re-issues the certificate.

Also, your host’s server still returns a 502, in addition to an invalid certificate for your domain. You’d really want your host to finally fix these issues.

The host works fine without CF. There is something about the link between the two. What settings are associated with this problem

As evident from my earlier screenshot the error does come from your server.

could it be something with my htaccess?

    Satisfy any

RedirectMatch 403 /\..*$

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
RewriteCond %{REQUEST_URI} !^/\.well-known/cpanel-dcv/[0-9a-zA-Z_-]+$
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/(?:\ Ballot169)?
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
RewriteCond %{REQUEST_URI} !^/\.well-known/cpanel-dcv/[0-9a-zA-Z_-]+$
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/(?:\ Ballot169)?
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteRule . /index.php [L]
</IfModule>
# END WordPress

deny from 5.9.61.
deny from 3.94.131.
deny from 37.187.56.
deny from 46.4.63.
deny from 46.191.232.
deny from 46.229.168.
deny from 47.196.122.
deny from 54.36.112.
deny from 66.96.195.
deny from 61.160.207.
deny from 61.160.213.
deny from 61.160.221.
deny from 61.160.247.
deny from 62.210.215.
deny from 66.249.64.
deny from 66.249.89.
deny from 69.30.226.
deny from 77.75.77.
deny from 77.75.78.
deny from 78.46.85.
deny from 82.199.141.
deny from 91.207.174.
deny from 94.185.83.
deny from 103.76.23.
deny from 106.13.107.
deny from 109.232.227.
deny from 111.206.36.
deny from 116.12.51.
deny from 116.203.72.
deny from 122.114.146.
deny from 122.114.193.
deny from 123.57.254.
deny from 123.125.67.
deny from 123.125.71.
deny from 142.4.212.
deny from 157.7.104.
deny from 174.129.1.
deny from 177.193.21.
deny from 178.33.179.
deny from 178.63.11.
deny from 178.128.187.
deny from 178.137.17.
deny from 180.76.15.
deny from 182.187.80.
deny from 185.86.164.
deny from 186.151.62.
deny from 186.244.231.
deny from 189.6.235.
deny from 211.56.145.
deny from 211.233.59.
deny from 212.83.145.
deny from 216.244.66.
deny from 218.49.4.
deny from 220.181.108.
deny from 221.143.131.

RewriteEngine On
RewriteCond %{HTTP_REFERER} ^http://baidu.com/
RewriteRule /* http://www.google.com [R,L]

RewriteEngine On
RewriteCond %{HTTP_REFERER} ^http://jav-way.site/
RewriteRule /* http://www.google.com [R,L]

RewriteEngine On
RewriteCond %{HTTP_REFERER} ^http://grand-chlen.ru/
RewriteRule /* http://www.google.com [R,L]

RewriteEngine On
RewriteCond %{HTTP_REFERER} ^http://www.semrush.com/
RewriteRule /* http://www.google.com [R,L]


RewriteEngine On
RewriteCond %{HTTP_REFERER} ^http://mj12bot.com/
RewriteRule /* http://www.google.com [R,L]

RewriteEngine On
RewriteCond %{HTTP_REFERER} ^http://site.ru/
RewriteRule /* http://www.google.com [R,L]

RewriteEngine On
RewriteCond %{HTTP_REFERER} ^http://napoveda.seznam.cz/
RewriteRule /* http://www.google.com [R,L]

RewriteEngine On
RewriteCond %{HTTP_REFERER} ^http://www.opensiteexplorer.org/
RewriteRule /* http://www.google.com [R,L]

RewriteEngine On
RewriteCond %{HTTP_REFERER} ^http://ltx71.com/
RewriteRule /* http://www.google.com [R,L]



# TN START GZIP COMPRESSION
<IfModule mod_gzip.c>
mod_gzip_on Yes
mod_gzip_dechunk Yes
mod_gzip_item_include file \.(html?|txt|css|js|php|pl)$
mod_gzip_item_include handler ^cgi-script$
mod_gzip_item_include mime ^text/.*
mod_gzip_item_include mime ^application/x-javascript.*
mod_gzip_item_exclude mime ^image/.*
mod_gzip_item_exclude rspheader ^Content-Encoding:.*gzip.*
</IfModule>
# TN END GZIP COMPRESSION

# TN START DEFLATE COMPRESSION
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE "application/atom+xml" \
"application/javascript" \
"application/json" \
"application/ld+json" \
"application/manifest+json" \
"application/rdf+xml" \
"application/rss+xml" \
"application/schema+json" \
"application/vnd.geo+json" \
"application/vnd.ms-fontobject" \
"application/x-font" \
"application/x-font-opentype" \
"application/x-font-otf" \
"application/x-font-truetype" \
"application/x-font-ttf" \
"application/x-javascript" \
"application/x-web-app-manifest+json" \
"application/xhtml+xml" \
"application/xml" \
"font/eot" \
"font/otf" \
"font/ttf" \
"font/opentype" \
"image/bmp" \
"image/svg+xml" \
"image/vnd.microsoft.icon" \
"image/x-icon" \
"text/cache-manifest" \
"text/css" \
"text/html" \
"text/javascript" \
"text/plain" \
"text/vcard" \
"text/vnd.rim.location.xloc" \
"text/vtt" \
"text/x-component" \
"text/x-cross-domain-policy" \
"text/xml"
</IfModule>
# END DEFLATE COMPRESSION

# TN START ENABLE KEEP ALIVE
<ifModule mod_headers.c>
Header set Connection keep-alive
</ifModule>
# TN END ENABLE KEEP ALIVE

# TN - START EXPIRES CACHING #
<IfModule mod_expires.c>
ExpiresActive On
ExpiresByType text/css "access 1 month"
ExpiresByType text/html "access 1 month"
ExpiresByType image/gif "access 1 year"
ExpiresByType image/png "access 1 year"
ExpiresByType image/jpg "access 1 year"
ExpiresByType image/jpeg "access 1 year"
ExpiresByType image/x-icon "access 1 year"
ExpiresByType image/svg+xml "access plus 1 month"
ExpiresByType audio/ogg "access plus 1 year"
ExpiresByType video/mp4 "access plus 1 year"
ExpiresByType video/ogg "access plus 1 year"
ExpiresByType video/webm "access plus 1 year"
ExpiresByType application/atom+xml "access plus 1 hour"
ExpiresByType application/rss+xml "access plus 1 hour"
ExpiresByType application/pdf "access 1 month"
ExpiresByType application/javascript "access 1 month"
ExpiresByType text/x-javascript "access 1 month"
ExpiresByType text/x-component "access plus 1 month"
ExpiresByType application/x-shockwave-flash "access 1 month"
ExpiresByType font/opentype "access plus 1 month"
ExpiresByType application/vnd.ms-fontobject "access plus 1 month"
ExpiresByType application/x-font-ttf "access plus 1 month"
ExpiresByType application/font-woff "access plus 1 month"
ExpiresByType application/font-woff2 "access plus 1 month"
ExpiresDefault "access 1 month"
</IfModule>
# TN - END EXPIRES CACHING #

# TN - BEGIN Cache-Control Headers
<ifModule mod_headers.c>
<filesMatch "\.(ico|jpe?g|png|gif|swf)$">
Header set Cache-Control "public"
</filesMatch>
<filesMatch "\.(css)$">
Header set Cache-Control "public"
</filesMatch>
<filesMatch "\.(js)$">
Header set Cache-Control "private"
</filesMatch>
<filesMatch "\.(x?html?|php)$">
Header set Cache-Control "private, must-revalidate"
</filesMatch>
</ifModule>
# TN - END Cache-Control Headers

# TN – ENABLE MOD PAGESPEED START
# COMBINE CSS, COMPRESS IMAGES, REMOVE HTML WHITE SPACE AND COMMENTS
<IfModule pagespeed_module>
ModPagespeed on
ModPagespeedEnableFilters rewrite_css,combine_css
ModPagespeedEnableFilters collapse_whitespace,remove_comments
</IfModule>
# TN – ENABLE MOD PAGESPEED END

# TN – ENABLE LITESPEED CACHE START
<IfModule LiteSpeed>
CacheEnable public
RewriteEngine On
RewriteCond %{REQUEST_METHOD} ^GET|HEAD$
RewriteCond %{HTTP_HOST} ^sample.com|sample.net|sample.org [NC]
RewriteCond %{REQUEST_URI} !login|admin|register|post|cron
RewriteCond %{QUERY_STRING} !nocache
RewriteRule .* - [E=Cache-Control:max-age=300]
</IfModule>
# TN – ENABLE LITESPEED CACHE END

# START – TN Disable server signature #
ServerSignature Off
# END – TN Disable server signature #

# TN – DISABLE IMAGE HOTLINKIING START
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?rachelbilson.us [NC]
RewriteRule \.(jpg|jpeg|png|gif)$ – [NC,F,L]
# TN – DISABLE IMAGE HOTLINKIING END

It certainly could be, but thats something you’ll need to check on the server. That topic is somewhat beyond the scope of the forum here.