We’ve read thoroughly Cloudflare’s documentation about Error 520s and have a different case.
In about .15% of our site visits Cloudflare returns an Error 520 almost instantly (it’s not a timeout).
Our origin server does not log that page view as having been accessed by that visitor’s IP address. So we assume that Cloudflare rejects the request from the client before it has reached our origin server – maybe based on the REQUEST header (not the response header)
It seems to occur due to cookie size. We can always reproduce the Error 520 response when we have a set of cookies that is 5 kb in size. If we delete half those cookies there is no longer an Error 520. However this is nowhere near the 16 kb header size limit that Cloudflare says returns an Error 520. So we don’t know why only 5KB of cookies causes Cloudflare to return Error 520
If you repeatedly refresh the page that generated an Error 520, you keep getting Error 520s. You have to delete cookies to get the requested page returned finally.
Before moving to Cloudflare, was your Joomla Website working over HTTPS connection?
You could determine this by:
Use the “Pause Cloudflare on Site” option from the Overview tab for your domain at dash.cloudflare.com .
The link is in the lower right corner of that page.
Give it five minutes to take effect, then make sure site is working as expected with HTTPS without any error
Check with your hosting provider / cPanel AutoSSL / Certbot / Let’s Encrypt / ACME.sh and renew it
Only then, when your website responds over HTTPS, you should un-pause Cloudflare and double-check your SSL/TLS setting to make sure it’s Full (Strict).
May I ask what SSL option have you got selected under the SSL/TLS tab at Cloudflare dashboard for your domain ( Flexible, Full, Full Strict … )?
Here is a way to re-check if you correctly setup the SSL for your domain with Cloudflare:
In case you do not have an SSL certificate, you can use Cloudflare SSL, if so, kindly make sure you follow the instructions as follows on the below article to setup an SSL certificate using Cloudflare Origin CA Certificate:
Or send an an e-mail to support[at]Cloudflare[dot]com from your e-mail associated with your Cloudflare account
Furthermore, if you have been through all these above suggestion and are not seeing corresponding issues on your network/server and you have a ticket number with Cloudflare, please reply and post that ticket number # here.
To enable efficient troubleshooting by support, please ensure you include the following on the ticket:
We placed all Cloudflare IP addresses on an allowlist in our server. Problem persists.
The problem reproduces with only 5 KB of cookies. The Troubleshooting page says 16 KB triggers Cloudflare’s Error 520. So that is not the cause.
The problem seems to occur before our request hits our origin server. Cloudflare seems to stop the request from even reaching our origin server. All the other troubleshooting tips on that Cloudflare page do not apply because they talk about the response by our origin server.
We do not need to "restore visitor IP’. We see the visitor’s IP logged correctly on every page load until they get an Error 520. Then their IP address is not logged. This is why we say that Cloudflare may block the request and prevent it from reaching our origin server.
We set Cloudflare for Full SSLencryption. Don’t know why this would matter.