CloudFlare is malfunctioning and my site is crashing

My site doesn’t work well through CDN often error 520.They said that CloudFlare has a problem on the Internet channel, how do I figure it out?

My monitoring system cannot make requests
image

Check this out please

Here’s a collection of all 5xx errors. Please follow the steps in this posts:

None of the options are suitable, I will repeat again.Hosting support has carried out research work and knows for sure that this is a CloudFlare problem

If I make a request through IP A-record, my site works without failures, and when I directly access through CloudFlare there are problems.

They always say that in in nine out of ten cases that is simply wrong. And in these cases it all seems as if your host blocked Cloudflare. Thats something you will need to clarify with them.

Whats the domain?

1 Like

Which points me to rate limiting.

Let them put these IPs on a allowlist

1 Like

My monitoring system cannot make requests
image
ip 104.31.66.140 CloudFlare

Here is a mistake

That is the screenshot you already posted earlier and which @MarkMeyer already addressed.

Does your IP address end in 94?

However, in any case, you need to clarify this with your host. As already mentioned they will block Cloudflare IP addresses.

Yes that’s right

In that case you should also talk to your host about your expired SSL certificate, as that expired four months ago and needs to be renewed.

So you should clarify with them

  1. The unblocking of Cloudflare addresses
  2. The expired certificate

I use SSL through CloudFlare, while trying to add ssl through hosting, an A-record error.I need to either disable CloudFlare and use ssl only of my providerOr use CloudFlare + Enable SSL

Cloudflare does not provide SSL apart from Origin certificates and you need a valid certificate on your server.

But that is not the only issue, the network blocks are something that happens on your host’s side too.

As mentioned, you need to clarify both with your host.

I can not release ssl because for 3 months I need to be issuedDisabling CloudFlare each time to re-issue SSL is not allowed.Problems appeared only today.


Response from hosting support
*IP addresses 173.245.54.98, 172.68.245.162, etc. *
Belong to the CF network and as you can see the server gives a response of 200 ok, or 404 if the resource is not found on the server.
*An SSL certificate on our side has not been installed on your site since August, because When proxying a site, we cannot release it, due to the fact that the system cannot determine the real IP of the site. *
In this case, on the CF side, flexible mode must be enabled in the SSL section. For the final connection to be via https, and between our servers from CF to http.

Can you provide here whatever they meant by “as you can see”?

That is bad advice and I’d urge to change host. It is perfectly possible to renew the certificate with the domain being behind Cloudflare, if they are unable to do so it speaks of their competence and that is one more reason to change host.

log file

1200621:contimed.ru 141.101.69.180 - - [01/Jan/2020:17:11:23 +0300] "GET / HTTP/1.1" 200 6488 "updown-contimed" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.86 Safari/537.36 (updown.io)" "2.99" [0.000 : 0.000]
1200622:contimed.ru 108.162.229.175 - - [01/Jan/2020:17:11:23 +0300] "GET / HTTP/1.1" 200 6488 "updown-contimed" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.86 Safari/537.36 (updown.io)" "2.99" [0.000 : 0.000]
1201568:contimed.ru 173.245.54.98 - - [01/Jan/2020:17:12:06 +0300] "GET / HTTP/1.1" 301 552 "-" "Mozilla/5.0 (compatible; YandexMetrika/2.0; +http://yandex.com/bots yabs01)" "-" [0.000 : 0.000]
1201579:contimed.ru 172.68.10.33 - - [01/Jan/2020:17:12:06 +0300] "GET / HTTP/1.1" 200 6488 "-" "Mozilla/5.0 (compatible; YandexMetrika/2.0; +http://yandex.com/bots yabs01)" "2.99" [0.000 : 0.000]
1203249:contimed.ru 172.68.10.33 - - [01/Jan/2020:17:13:22 +0300] "GET / HTTP/1.1" 200 6488 "-" "Mozilla/5.0 (compatible; YandexMetrika/2.0; +http://yandex.com/bots yabs01)" "2.99" [0.100 : 0.100]
1204312:contimed.ru 172.68.245.198 - - [01/Jan/2020:17:14:00 +0300] "GET /sitemap.xml HTTP/1.1" 304 174 "-" "Mozilla/5.0 (compatible; Linux x86_64; Mail.RU_Bot/Fast/2.0; +http://go.mail.ru/help/robots)" "-" [0.014 : 0.014]
1206661:contimed.ru 172.68.245.144 - - [01/Jan/2020:17:15:45 +0300] "GET / HTTP/1.1" 301 552 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0" "-" [0.000 : 0.000]
1206665:contimed.ru 172.68.245.216 - - [01/Jan/2020:17:15:46 +0300] "GET / HTTP/1.1" 200 6488 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0" "2.99" [0.000 : 0.000]
1206666:contimed.ru 172.68.246.121 - - [01/Jan/2020:17:15:46 +0300] "GET /i/bgmenu-lr.png HTTP/1.1" 404 497 "https://contimed.ru/_css/style.css" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0" "-" [0.100 : 0.100]
1206718:contimed.ru 172.68.10.243 - - [01/Jan/2020:17:15:49 +0300] "GET / HTTP/1.1" 200 6424 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0" "2.99" [0.125 : 0.125]
1206950:contimed.ru 172.68.246.67 - - [01/Jan/2020:17:15:59 +0300] "GET / HTTP/1.1" 200 6424 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0" "2.99" [0.000 : 0.000]
1207494:contimed.ru 162.158.122.53 - - [01/Jan/2020:17:16:23 +0300] "GET / HTTP/1.1" 200 6488 "updown-contimed" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.86 Safari/537.36 (updown.io)" "2.99" [0.100 : 0.100]
1207498:contimed.ru 108.162.221.180 - - [01/Jan/2020:17:16:23 +0300] "GET / HTTP/1.1" 200 6488 "updown-contimed" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.86 Safari/537.36 (updown.io)" "2.99" [0.016 : 0.016]
1208945:contimed.ru 108.162.229.119 - - [01/Jan/2020:17:17:33 +0300] "GET /services/i/16?utm_source=yandex_test|cpc&utm_medium=context|cid-25200802&utm_campaign=none-0&utm_content=gid-4022478936&utm_term=ads-8275323888|%D0%A1%D0%BF%D0%BE%D1%80%D1%82%D0%B8%D0%B2%D0%BD%D1%8B%D0%B9%20%D0%B2%D1%80%D0%B0%D1%87%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%81%D0%B5%D0%B9%D1%87%D0%B0%D1%81&yclid=18029896538749443630 HTTP/1.1" 200 7445 "-" "Mozilla/5.0 (Linux; Android 8.1.0; DUA-L22 Build/HONORDUA-L22) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.93 Mobile Safari/537.36 YaApp_Android/9.80 YaSearchBrowser/9.80" "3.29" [0.100 : 0.100]
1208965:contimed.ru 141.101.69.150 - - [01/Jan/2020:17:17:34 +0300] "GET /i/bg_up.gif HTTP/1.1" 404 493 "https://contimed.ru/_css/style.css" "Mozilla/5.0 (Linux; Android 8.1.0; DUA-L22 Build/HONORDUA-L22) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.93 Mobile Safari/537.36 YaApp_Android/9.80 YaSearchBrowser/9.80" "-" [0.000 : 0.000]
1208966:contimed.ru 108.162.229.99 - - [01/Jan/2020:17:17:34 +0300] "GET /i/bgreturn.gif HTTP/1.1" 404 496 "https://contimed.ru/_css/style.css" "Mozilla/5.0 (Linux; Android 8.1.0; DUA-L22 Build/HONORDUA-L22) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.93 Mobile Safari/537.36 YaApp_Android/9.80 YaSearchBrowser/9.80" "-" [0.000 : 0.000]
1208974:contimed.ru 141.101.69.58 - - [01/Jan/2020:17:17:34 +0300] "GET /i/bgmenu-lr.png HTTP/1.1" 404 497 "https://contimed.ru/_css/style.css" "Mozilla/5.0 (Linux; Android 8.1.0; DUA-L22 Build/HONORDUA-L22) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.93 Mobile Safari/537.36 YaApp_Android/9.80 YaSearchBrowser/9.80" "-" [0.100 : 0.100]
1209693:contimed.ru 172.68.245.162 - - [01/Jan/2020:17:18:06 +0300] "GET /services/i/16 HTTP/1.1" 200 7509 "-" "Mozilla/5.0 (compatible; YandexBot/3.0; +http://yandex.com/bots)" "3.29" [0.100 : 0.100]
1209726:contimed.ru 172.68.245.162 - - [01/Jan/2020:17:18:07 +0300] "GET /services/i/16 HTTP/1.1" 200 7509 "-" "Mozilla/5.0 (compatible; YandexBot/3.0; +http://yandex.com/bots)" "3.29" [0.000 : 0.000]

These are most likely the requests which are shown as green in your screenshots.

But again, I’d strongly recommend to change host if they refuse to configure HTTPS. Right now your site is not secure.

A screenshot where there are 5 requests is a monitoring system; they are not related to my hosting.What do i have to do? How to solve a problemIt will cost a lot to leave hosting, such a measure is not possible for us.Uptime hosting for the year was 99.99 what I consider the best

That is something you also need to clarify with your host. There is no reason not to have a certificate issued when your site is behind Cloudflare. It might be best to get an Origin certificate from Cloudflare and provide your host with it, so they can configure it on their end.