Dueling cloudflare setups with bluehost, how to fix?

My starting point was: a domain hosted on google domains, and a website on bluehost. I had manually created the necessary DNS records at Google.

My goal: to move the domain registration to Cloudflare to get DDNS in spite of the Squarespace situation.

I did not realize that bluehost has intrinsic cloudflare support. So I went ahead and onboarded the domain to cloudflare, and then transfered it, and the result was 522 errors.

I then visited bluehost, and in an impulsive moment pushed their ‘enroll on cloudflare’ button.

Oy.

Maybe this will all reconcile itself overnight, but I sort of doubt it. The domain is dchbk.us, in case someone cares to run a few dns digs and advise.

I have checked the error logs for your domain on Cloudflare for the last 24 Hours and I can see that 522 errors are occurring which means we are unable to connect to your origin.

I have run repeated TCP connection tests to the location where we saw the errors and I am able to replicate failures.

This is a clear indication that some of the IPs in Cloudflare’s IP ranges are either being rate-limited or blocked by a network device at your hosting provider. Because Cloudflare operates as a reverse proxy the IP address your server will see is one of a limited number of Cloudflare IPs. In that sense, many actual visitors may all come from the same IP address, which can cause firewalls or security software that is not appropriately allowlisting the Cloudflare IP ranges to block this traffic as it may see it as excessive or malicious. We publish a full list of our IP ranges here so that you can allowlist:

https://www.cloudflare.com/ips

This page is intended to be the definitive source of Cloudflare’s current IP ranges.

I would make sure that your hosting provider confirm that the Cloudflare IP ranges listed in the URL above are fully allowlisted from any security software, firewall etc to ensure there is no rate limiting or blocking of our edge servers.

This should ensure that Cloudflare can consistently make a connection to your origin server to retrieve content and serve it to your visitors.

My site is hosted at Bluehost, which has some sort of relationship with Cloudflare, as they have a mechanism for opting sites into cloudflare. I’ll talk to them next.

Would it be a sensible step to turn off proxy on the DNS records and verify that things start working at that point?

Bluehost told me to make DNS strict, and, indeed, that solved the problem.

1 Like

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.