Cloudflare: Bad Gateway Error 502

Hello
I am new to Cloudflare. I have just set it up yesterday after being facing consecutive DDoS attacks for the last couple of days. My site is up and running smoothly, but the blog server cannot be accessed.

Our blog is running on another server say, server B, on a docker container. On my original server, Server A, if any web request comes in the https://example.com/blogs, it will be redirected to server B, and server B will serve the request.

Now, after I set up Cloudflare, I kept getting bad gateway errors. Nginx error log states, I have the following error

2021/04/06 10:04:50 [error] 6588#6588: *661 SSL_do_handshake() failed (SSL: error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:SSL alert number 40) while SSL handshaking to upstream, client: 172.69.218.143, server: shod.ai, request: "GET /blogs/ HTTP/1.1", upstream: "https://172.67.175.150:443/%E0%A6%B8%E0%A6%A6%E0%A6%BE%E0%A6%87%E0%A6%A4%E0%A7%87-%E0%A6%B8%E0%A7%8B%E0%A6%A8%E0%A6%BE%E0%A6%B2%E0%A7%80-%E0%A6%AE%E0%A7%81%E0%A6%B0%E0%A6%97%E0%A6%BF/?fbclid=IwAR2Lwa6tCq_czO501xhh0RtFSAuD8dEZxR4wCuRzaLtLMuhwE1HMuJFNpe0", host: "www.shod.ai", referrer: "http://m.facebook.com/"

After a brief google search, I found out I might need to add the following line:

proxy_ssl_server_name on; 

When I add this line, my website https://shod.ai/blogs bad gateway error is fixed. But it creates a new problem, now shod.ai/blogs/ show the index page aka shod.ai page, instead of the blog page.
After inspecting the error logs from server B, I found the following error:

2021/04/06 10:42:51 [error] 1797974#1797974: *124 connect() failed (111: Connection refused) while connecting to upstream, client: 162.158.165.25, server: blog.shod.ai, request: "GET /wp-login.php HTTP/1.1", upstream: "http://[::1]:8080/wp-login.php", host: "blog.shod.ai"

I am new in this and I am not a professional dev-ops engineer. So please have mercy on my soul if I miss something trivial. What can I do in this situation?

Thank you.

502 bad gateway? No, no. I get this message


That’s on the second link (https://shod.ai/blogs)
Also https://sitecheck.sucuri.net/ returned these results on your site’s security

So, that “Your connection is not private” message is maybe caused by outdated software and the fact the TLS does not match the host name, that maybe why your getting 502 bad gateway error too!

This topic was automatically closed after 31 days. New replies are no longer allowed.