Godaddy / Cloudflare 520 error (recent change)

I’m pretty confident in your case (I’m not sure I understand user7472’s so much at this point) your issue is not related to Cloudflare at all. I can cURL your origin (as we have demonstrated) from my local machine, and your origin resets the TCP connection. It’s hard to overstate how fundamentally bad that is for your website being available on any platform. Your host really needs to fix that for you - it has nothing to do with Cloudflare or any other company, other than the host themselves.

🎉 $ curl -svo /dev/null http://example.com --connect-to ::1.2.3.4
* Connecting to hostname: 1.2.3.4
*   Trying 1.2.3.4...
* TCP_NODELAY set
* Connected to 1.2.3.4 (1.2.3.4) port 80 (#0)
> GET / HTTP/1.1
> Host: example.com
> User-Agent: curl/7.64.1
> Accept: */*
>
* Recv failure: Connection reset by peer
* Closing connection 0
2 Likes

This might be a stupid question but is there any way to reveal the origin IP address (as this is what GoDaddy want to see before they troubleshoot) while still having part of Cloudflare’s services working that could cause the issue?

If they see the IP is pointing to their server and the issues happens they’ll be forced to take it higher up the support chain.

Pretty sure that’s impossible but you never know…

You can screenshot your DNS settings - but I DM’d you a cURL yesterday that shows your origin IP clearly and the connection reset happening. That’s a test from my own machine, not Cloudflare.

e.g. it’s showing very clearly your origin is resetting TCP connections on HTTP requests from the internet.

1 Like

Yeh not bad idea to give a screenshot. I’m envisioning a painful 2 hour support call with them that ends up with them saying we don’t have to support third-party platforms… :tired_face:

I wouldn’t be optimistic about the DNS screenshot helping - they’ve seen one from me on three separate chats now and the result is always the same - GD can’t (won’t?) help until domain is moved to GD name servers.

Tim

Your best route to proving there’s an issue is to replicate with a commandline tool:

curl -svo /dev/null http://example.com --connect-to ::1.2.3.4

Replace 1.2.3.4 with your hosting provider’s IP and example.com with the hostname they are providing for you. That should show the * Recv failure: Connection reset by peer error - albeit intermittently.

That’s irrefutable proof that you can show to your host.

Irrefutable, but doesn’t change GD response - at least those that are involved with the chat function.

Tim

@tim.kirkland I’m really sorry you’re having that experience. There’s nothing in your Cloudflare config that can really help you here… unless you want to install something like a Cloudflare Tunnel. That would circumvent the need for a working incoming TCP connection… but given your origins all seem to be resetting the TCP connection after receiving a valid HTTP request… I’m not confident that would work either.

Fundamentally, your origin needs to be successfully processing HTTP requests for anyone (including Cloudflare) to get HTTP content from your website. You really need to get your host engaged and understanding that your origins are failing without Cloudflare… and that’s what they need to debug & resolve.

2 Likes

I’ll keep trying, but is there anyway that the issue might be mentioned to somone at CF (presuming CF Team doesn’t already mean that) so that someone at CF can reach out to someone suitably knowledgeable at GD to explain that there’s an issue?

CF and GD are both large companies - perhaps there’s some, even informal, relationship or contact there?

ATM it seems mutual customers (we do have a Pro CF account as well, just for a domain that isn’t related to a GD WordPress site - so not related to this issue) are bouncing back and forth for no great benefit unable to get anyone at GD to investigate properly.

@tim.kirkland I’m definitely talking internally to see if we can reach someone at GoDaddy to take these issues seriously. It’s very stark to me that this is happening without Cloudflare so the impact is likely much wider than just mutual customers.

If we hear anything back, we’ll let you know. For now, I recommend continuing to push for escalation via your available contact channels with them as a paying customer.

3 Likes

I am having same issue. I contacted godaddy they said " IP is not pointing, contact cloudflare team to re-update IP".

We’re having the same issue. As soon as we Proxy our A record we get 520’s. Sometimes it’s the full screen Cloudflare 520 error graphic, sometimes the page partially loads but with missing images on the page (reporting 520’s in developer console), and sometimes the page loads fully. Pressing refresh on any page is a lucky dip, providing one of the above described results apparently randomly.

When proxied, in our GoDaddy Managed WordPress hosting management (we’re on the Basic plan with free SSL btw), under ‘settings’, we get an information warning next to our Primary Domain… “Change your DNS A record to point to IP {address} and come back here to confirm”. Our A record IP in Cloudflare is the correct address. Pressing “Refresh” to confirm that our DNS is pointing to the correct IP address does not clear the warning.

If we select DNS Only for our A record in Cloudflare, the whole site functions properly PROVIDING that our Cname isn’t also proxied. If our Cname is proxied, we get 520’s but they’re much more infrequent. With the DNS A Record set to DNS Only, the information warning in our GoDaddy Managed WordPress hosting management is cleared and reports no errors. With both A Record and Cname Record set to DNS only, the site functions properly and fully but obviously without all the Cloudflare proxied rainbows and stardust we’re after.

All of the above is with our Cloudflare SSL set to flexible, with us having SSL for free with our managed hosting.

If GoDaddy already provides you free SSL then you should set the SSL encryption to Full (strict) instead.

1 Like

Hi, I’m not sure if this is the right place for my problem but it may be close. I installed cloudflare to my Godaddy hosted site (Χτίζω το σπίτι μου) and since then my views have dropped to less than 5% of what they used to be. Whenever I try to reach my site it appears to be in perfect order though. But when I ran diagnostics from Cloudflare it gives me this:2021-09-13 CloudflareError. So I click resolve issue but I admit that what appears from that point on is in a “language” that I don’t understand. Thank you!

That actually sounds like a Godaddy Free SSL domain verification mechanism you have to complete BEFORE Godaddy issues your origin Free SSL certificate. And it can’t verify your domain and real origin IP while Cloudflare Orange cloud proxy is enabled. So what you probably need to do is

  1. disable Cloudflare Orange cloud proxy temporarily, then go to Godaddy Free SSL to confirm and verify the domain first so that Godaddy sees the real origin IP.
  2. once verified and confirmed, re-enable Cloudflare Orange cloud proxy and enable Cloudflare Full SSL mode, so that Cloudflare servers connect to your origin via HTTPS with Godaddy Free SSL certificate.

what’s the CNAME for ? the www version of your domain while domain non-WWW is A record? Some SSL certificate issuance verification servers need to check both non-www and www version of the domain’s DNS so you could be failing on the proxied CNAME version.

Unfortunately setting Full (strict) returns 525 SSL Handshake error for our Managed WordPress Hosting.

1 Like

We have limited configurability with our hosting tools. The closest I can get to performing task 1 as you described is to set our A record to DNS Only in cloudflare, make sure the error clears on our primary domain in our server (which it does, and our free GoDaddy SSL comes back to life), and then re-enable proxy in Cloudflare. Whether I do this with Flexible, Full or Full (strict), the 520 error returns very quickly. In fact with Full or Full (strict), we also intermittently get 525 SSL Handshake errors.

Yes, our CNAME record is the www version of our domain. I’m not sure whether it’s there for SSL certificate issuance verification or not. It’s been there from the beginning so we’ve just left it. Whether we have it Proxied or DNS Only whilst our A Record is either Proxied or DNS only makes no difference to the 520 results described earlier unfortunately.

Thank you for starting this topic. I’m facing the same issue and it seems that there’s no solution for this as of now! I purchased a cheap SSL certificate but since Godaddy is hosting my website under the “Managed Wordpress” plan I can’t access cpanel which means I can’t even install the SSL I’ve purchased! Godaddy is F**** useless to be fair!

PS: If anyone knows how to install a SSL with something like Filezilla or any free alternative to cpanel, I’d appreciate it greatly!

Ray ID: 68f5e053eb56ff1c

We have been experiencing the error 520 on our website for a couple of weeks. We have tried all the options shown in this forum and we still cannot solve the problem. When we deactivate cloudflare the web doesn’t work either, we no longer know what to do. We are desperate.

what should we do from now on? If we do not find a solution, many websites will disappear because being active has an economic cost.