Godaddy / Cloudflare 520 error (recent change)

Interestingly, this started happening to my WordPress site a couple of weeks ago. When I investigated the issue, I found out that Godaddy had automatically downgraded the PHP version to 5.3, while I had the latest version of WordPress running on 7.4.

I went to the CPanel and set the PHP version back to 7.4 and smooth sailing since then. Hope this helps.

Thanks!

1 Like

Thanks for the input. We’re using the GoDaddy Managed WordPress which is running PHP 7.3. I checked to confirm the WordPress site health (after some frustrating reloads to get through the login it’s just about possible) and it’s saying 7.3 is running.

2 Likes

In your case @golivenow - your origin is resetting the TCP connection to Cloudflare - that’s the #1 cause of HTTP 520 errors. You will need to check your origin server error logs to understand why the origin is resetting the TCP connection.

Typically it breaks down into two reasons:

  1. Some security device or firewall is resetting connections from Cloudflare IPs - you should disable that logic for the Cloudflare IPs if so
  2. Your origin application or server is encountering some sort of fatal error when processing the request and the TCP connection is reset. Checking the origin server error logs is important here to verify why that might be happening. Fatal errors in your PHP can cause this, for sure.
1 Like

Hi, Same problem here. WordPress, GoDaddy, SSL with GoDaddy since 2 week ago. Two days ago we changed to PHP 8 but we still are having random 520 error.
We couldn’t change de proxy with Cloudflare because my site stop working.
Does anybody were able to resolve it?

1 Like

I was a afraid you you would say something like that. GoDaddy Managed WordPress support will never go to length of checking the server logs and resolving any issues there. As long as disabling Cloudflare makes the website work again then it’s they believe it’s not their issue and they have no obligation to support a third party platform, case closed.

In terms of security device/plugin I’ve disabled all plugins and have the default theme. So it has to be something at server level.

simon Cloudflare Team
September 9

In your case @golivenow - your origin is resetting the TCP connection to Cloudflare - that’s the #1 cause of HTTP 520 errors. You will need to check your origin server error logs to understand why the origin is resetting the TCP connection.

Typically it breaks down into two reasons:

  1. Some security device or firewall is resetting connections from Cloudflare IPs - you should disable that logic for the Cloudflare IPs if so
  2. Your origin application or server is encountering some sort of fatal error when processing the request and the TCP connection is reset. Checking the origin server error logs is important here to verify why that might be happening. Fatal errors in your PHP can cause this, for sure.

I will share a cURL with you privately against your origin IP that shows the error - but basically this is quite easy to reproduce in your case:

👀 $ curl -svo /dev/null http://example.com --connect-to ::1.2.3.4
* Connecting to hostname: 1.2.3.4
*   Trying 1.2.3.4...
* TCP_NODELAY set
* Connected to 1.2.3.4 (1.2.3.4) port 80 (#0)
> GET / HTTP/1.1
> Host: example.com
> User-Agent: curl/7.64.1
> Accept: */*
>
* Recv failure: Connection reset by peer
* Closing connection 0

If you replace example.com with your hostname and 1.2.3.4 with your origin IP and run this curl command you can see in this case, the origin is resetting the TCP connection. That will cause a HTTP 520.

1 Like

Error 520: web server returns an unknown error

Error 520 occurs when the origin server returns an empty, unknown, or unexpected response to Cloudflare.

Resolution

A quick workaround while further investigating 520 errors is to either grey cloud the DNS record in the Cloudflare DNS app or temporarily pause Cloudflare.

Contact your hosting provider or site administrator and request a review of your origin web server error logs for crashes and to check for these common causes:

  • Origin web server application crashes
  • Cloudflare IPs not allowed at your origin
  • Headers exceeding 16 KB (typically due to too many cookies)
  • An empty response from the origin web server that lacks an HTTP status code or response body
  • Missing response headers or origin web server not returning proper HTTP error responses

520 errors are prevalent with certain PHP applications that crash the origin web server.

If 520 errors continue after contacting your hosting provider or site administrator, provide the following information to Cloudflare Support:

Have you tried those steps already?

I never used Godaddy Managed WordPress Hosting ever for my clients and my own websites, it’s a pain in the neck of course.

Please check the earlier replies

Yeh I agree but with a wide client base to service they GD hosted sites will always appear in the portfolio. Let’s focus on the solution.

Although we have disabled Wordfence I can try whitelisting the Cloudflare IP range.

I think 2 could be likely, but it’s the same dead end with getting their support to acknowledge this when disabling Cloudflare gets it working and they are not obligated to support third party services.

If you believe that there is nothing further you can do at the Cloudflare end I guess we’ve reached a stalemate…

1 Like

Cloudflare unfortunately can’t make your server not reset TCP connections - as much as I wish we had a magic wand in this case :slight_smile: . I sent you the cURL privately that proves your origin is doing that, I’d share it with your hosting provider and ask them to investigate.

1 Like

Yeh it figures. Thank you for your help, I’ll report back.

7 posts were merged into an existing topic: 520 Response with Brotli Enabled

@user7472 brotli on Cloudflare’s edge shouldn’t have any impact on the behaviour of your origin… so that correlation seems like it might be coincidence… as strange as that may sound.

Do you have an example URL where you were seeing this - I’d be happy to check internally? Was the 520 consistent or intermittent? And was it only with brotli compatible browsers?

Thank you for the suggestion.

I’ve since tried disabling Brotli, it’s been 12 hours and no change.

I also whitelisted the Cloudflare IP ranges in Wordfence and it felt like it was working with no issue in the wp backend and I was almost thinking we had it but today, while logged out, the issue persists.

I’m pretty confident in your case (I’m not sure I understand user7472’s so much at this point) your issue is not related to Cloudflare at all. I can cURL your origin (as we have demonstrated) from my local machine, and your origin resets the TCP connection. It’s hard to overstate how fundamentally bad that is for your website being available on any platform. Your host really needs to fix that for you - it has nothing to do with Cloudflare or any other company, other than the host themselves.

🎉 $ curl -svo /dev/null http://example.com --connect-to ::1.2.3.4
* Connecting to hostname: 1.2.3.4
*   Trying 1.2.3.4...
* TCP_NODELAY set
* Connected to 1.2.3.4 (1.2.3.4) port 80 (#0)
> GET / HTTP/1.1
> Host: example.com
> User-Agent: curl/7.64.1
> Accept: */*
>
* Recv failure: Connection reset by peer
* Closing connection 0
2 Likes

This might be a stupid question but is there any way to reveal the origin IP address (as this is what GoDaddy want to see before they troubleshoot) while still having part of Cloudflare’s services working that could cause the issue?

If they see the IP is pointing to their server and the issues happens they’ll be forced to take it higher up the support chain.

Pretty sure that’s impossible but you never know…

You can screenshot your DNS settings - but I DM’d you a cURL yesterday that shows your origin IP clearly and the connection reset happening. That’s a test from my own machine, not Cloudflare.

e.g. it’s showing very clearly your origin is resetting TCP connections on HTTP requests from the internet.

1 Like

Yeh not bad idea to give a screenshot. I’m envisioning a painful 2 hour support call with them that ends up with them saying we don’t have to support third-party platforms… :tired_face: