We apply uptrends.com’s uptime check and find out that the site displays http protocol error.
1 Like
Maybe because it’s working over HTTPS and has got HTTP->HTTPS redirection?
Meaning, if you track HTTP (80) it could get that result as expected?
Not using this tool, just assuming. Could be I am wrong.
May I ask have you checked with their Help Center or Documentation about this error?
Or this error appear on the Cloudflare end (Analytics, log …)?
Is the website accessible or shows error in your Web browser?
2 Likes
Thanks for your help!
The web site can be accessible(depend the countries and it is not stable) and some browsers will display Error 1020.
We use Clouldflare’s Pro. plan and SSL certificate(monthly paid) and setup “On” for the following:
-SSL/TLS Recommender
-Always Use HTTPS
-Opportunistic Encryption
-Automatic HTTPS Rewrites
-Certificate Transparency Monitoring
For Firewall setting is as follows:
-Security Level - Medium
The “On” setting items are as follows:
-Privacy Pass Support**
-Web Application Firewall**
-Cloudflare Managed Ruleset (ALL)
-Package: OWASP ModSecurity Core Rule Set(ALL)
(Sensitivity->Medium, Action->Changllenge)
For the Network "ON"setting are as follows:
-HTTP/2
-HTTP/3 (with QUIC)
-0-RTT Connection Resumption
We do not know if our setting has a problem as Uptrends.com help us monitor the uptime check.
1 Like
As far as, for example, what if Cloudflare Firewall Rules + your Pro Plan which has got Managed WAF Rules (if there are some of them enabled and active) + Security Options like Bot Management, etc., from my understanding and usage, I believe somewhere it could “trigger” it and block the Uptrends “monitoring tool” as far as it could either be suspicious to it due to:
- Accessing the same URL/request over HTTP or HTTPS to the website/domain via protocol HTTP/1.0 from the same IP address(es) in the same time-frame frequency …
Maybe the repeating behaviour can be suspicious, as far it could be from the same IP address(es), same user-agenet, same request URL path, and also in the same frequency and time-frame like every minute, or even every few minutes from the same sources, etc.
Which makes me to think a bit for a while, depending if you are on a shared hosting or a VPS, dedicated server or even a cloud server, if so, may I suggest using HetrixTools - which can be defined to use “ping” to the host, rather than going over HTTP/HTTPS (and also other options available as you have to track HTTPS for example for an SSL certificate, etc.).
- of course, either to much “pinging” can, depending on the host, trigger some firewall that some IP is pinging too much and would result in a block on the host itself …
From as much as I use them, I am not advertising them, neither their employee, but you can even install the “agent” to monitor other stuff like network usage, disk, cpu, etc.
All that for $0, while they have an option (requirement) for which we can pay $5/year for no need to login to the dashboard (at least once in a month for them to see our account is active).
Nevertheless, if we want to get uptime/downtime events on our mobile phone, 100 SMSs are $10 one-time.There are even combinations to get the events on E-mail (default), Telegram and other services for free 
As far as you are experiencing sometimes error 1020 or getting your alert “your website is down” due to what?
Cloudflare could potentially block the request so it’s not HTTP 200, rather some other, but your website is working?
If you understand my point here.
Maybe, could be I am wrong, but yes I agree it’s okay for example to monitor the uptime via HTTPS - that way, if the SSL certificate somehow fails to renew itself (for example Let’s Encrypt), the Website could stop being “online” and accessible, which is exactly the thing we want to track “uptime”, is that correct?
My suggestion would be, either try to find out if the Uptrends has got published their IP addresses or IP address ranges from which do they track the Uptime.
That so, you could add all of them to either IP Access Rules or a Firewall Rule with action “allow” or “bypass” (for the security measurements and options being enabled) them.
- for example, I just had to allow at my host/origin server the HetrixTools’s, which has them published here: Uptime Monitoring IP Addresses – HetrixTools
UpTrends IP addresses to allowlist are available here:
May I ask, have you already allowlisted them or not?
As you stated, obviously the website owner (or in this case You as the owner) is using Cloudflare and security options available to him to protect his website.
Which I understand and is good to have them so far.
Unfortunately, if you get this error while visiting someone else’s website, I am afraid you cannot do anything. You can try to access it using a VPN or over a TOR, but I do not guarantee because it could also be blocked and restricted.
As stated from below article:
The site can block for any number of reason, that’s up to them and not something this Community nor cloudflare can do anything about.
If there are any contact information provided on the website or their social account, maybe you can try to contact them and ask for the access regarding issue?:
I hope it helps a bit and that you will figure it out why it happens to you 
1 Like
We apply the dedicated server and use Origin CA SSL. Meanwhile, we
by passes Uptrends’s IP addresses for allowlisting
Anyway, it was fine for Uptime Check from Uptrends (no HTTP Protocal error) one year ago. We do not know if we set up something wrong in WAF rule or other
What is the main reason for happening “http protocol error” in Cloudflare’s service?
Thanks for your help!
1 Like
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.