Error 523 and I don't know what I'm doing

I’m hosting RDWeb in IIS. The short domain name is hosted by iwantmyname, w/ nameservers set to Cloudflare. In my new Cloudflare account, I have the following entries in DNS:

A remote
CNAME custom.droplr. com
CNAME www custom.droplr. com
TXT record for SSL certificate

When I browse to https://, I get the Windows Server IIS landing page, so that’s working.

When I browse to https://, I get a Cloudflare Error 523 - origin is unreachable.

I’m sure I’ve made some mistake setting this up, because this is not my area of expertise. Please help! Thanks in advance!

Also… when I ping, the reply comes from (cloudflare), not my web server that it’s supposed to be forwarding to

The machine at the IP address you configured simply does not seem to respond. You need to check your server in that case.

Thanks for responding…

But it does. I can substitute the IP address for the A name and access it with no problem. https://

Alright, on HTTPS it does.

The problem in your case seems to be that you redirect to HTTP. What is your encryption mode on Cloudflare?

I have tried both “off” and “flexible” and I think I tried “full” last night as well

You should have at least Full, better “Full strict”. Only the latter is really secure.

Which one is it right now?

Just changed it from “off” back to “full.”

That explains it.

I’m not positive, but I think it started out on “full” last night when I set it up and then I changed it. Do you think that will resolve the issue?

Well, right now it loads on HTTPS via Cloudflare.

Again, “Full strict” would be a better choice and you should also enable “Always use HTTPS” as HTTP requests will still fail right now.

It still doesn’t load for me… you’re saying it’s loading for you?

I re-enabled “always use https,” I disabled it last night

It is working here ->

What do these commands return for you?


I was typing in https: in the browser and still not getting it, but after re-enabling “always use https”, it seems to work! was working but not

ping returns, strangely.

C:\Users\Joel Becker>nslookup

Non-authoritative answer:
Addresses: 2606:4700:3031::681c:1cc0

C:\Users\Joel Becker>

That seems to be working too

That the correct address. So I guess it is working now?

But in any case it is working now. Thanks so much for your help!!