I’ve just set up a site/domain ( https://ooh.directory ) to use Cloudflare but all the site’s pages now have a 503 response and read:
This service has been suspended by its owner.
My VPS hosting provider says this error isn’t coming from them.
I’ve changed my name servers to Cloudflare. I’ve been following these Digital Ocean instructions (although my VPS isn’t hosted there) to generate an origin certificate, install it in nginx, and set up Authenticated Origin Pulls. I’m wondering what I might have missed.
That error is not coming from Cloudflare. If you pause Cloudflare, does the issue persist?
If the issue only occurs when Cloudflare is enabled, maybe you used that domain with a Cloudflare partner in the past (e.g Shopify, WPEngine, Siteground)?
Odd. I paused Cloudflare and got a browser certificate error message.
I clicked through regardless and the page displayed a “400 Bad Request” error.
I’ve now enabled Cloudflare again and still get the “400 Bad Request” error.
Pause Cloudflare and make sure the site loads over HTTPS without errors. Only after that should you enable Cloudflare.
And now it’s gone back to the original “This service has been suspended by its owner.” error message.
I thought Cloudflare provided https, so I didn’t need to have my site working without it? Maybe I’ve completely misunderstood (this is my first time trying Cloudflare).
Background: my site was working fine with a Let’s Encrypt certificate, but I (think I) removed that before starting to use Cloudflare.
Cloudflare provides an SSL certificate for the connection between the browser and Cloudflare, but you still need a valid certificate for the connection between Cloudflare and your origin server.
You can either use a free Let’s Encrypt certificate or generate a Cloudflare Origin CA certificate in the dashboard.
Once you’ve ensured your site loads over HTTPS without errors, unpause Cloudflare and make sure the SSL mode is set to Full (strict).
Thank you for your help albert. I’ve done the step of installing the Origin CA Certificate in Nginx on my server, which I understand secures the connection between Cloudflare and my server.
But maybe it would be simpler if I removed that, and put the Let’s Encrypt certificate back instead?
Cloudflare Origin CA certificates can be valid for up to 15 years depending on what you choose when creating it. However, they can only be used between Cloudflare and your origin server. If you ever decide to disable/stop using Cloudflare, you’d have to install a new certificate.
Let’s Encrypt certificates are only valid for a couple of months, so you’d have to make sure the certificate is automatically renewed. However, Let’s Encrypt certificates are publicly trusted and work without Cloudflare enabled.
You can decide which is better for your site.
Many thanks again for your help. I’ve decided to skip using Cloudflare for the time being. I managed to get Let’s Encrypt working again on my server (after wiping the whole thing and starting again!) and I’ll live with that for the moment.
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.