We have an implementation where :
- DNS is hosted on Cloudflare
- the A records are pointed to an AWS ec2 server
- Proxy feature has been enabled for the A records created
- HTTP to HTTPS feature has been enabled so that no 80 port-based requests are routed to AWS.
On AWS side :
- Have configured the security group to accept requests on 443 port only from a range of Cloudflare IP addresses that are being maintained over here https://www.cloudflare.com/ips/.
Now, every once in a while the website under this implementation goes down with gateway timeout errors or other gateway-related errors on the end-client browser side for a short duration of time in a whole day like max 5-10 mins.
During this same time, the error that gets registered in logs on the web-server side which is an Nginx web-server is 499 status code.
From surface level surfing on the internet for the meaning of this status code; the explanation that I could find was :
“Nginx specific response code to indicate when the connection has been closed by the client while the server is still processing its request, making server unable to send a status code back.”
also with a Note ending with “It is expected behavior to see these at your logs intermittently as clients close connections.”
All I want to confirm is since we have enabled the DNS Proxy feature on the Cloudflare level and are accepting requests originating only from Cloudflare’s IP range on AWS ec2 level; doesn’t this make the client (that closes the request before the server can process it) be Cloudflare.
We also have been monitoring the resource usage of the ec2 server in question and nowhere during the time that this issue occurs or when everything is working fine does the Server’s resource usage spike above 50%.
Also could not find much on the internet or anybody’s docs on what to do to resolve this 499 status code error as everybody considers this a client-side issue.
It would be of great help if anybody could guide us in this situation as to what we can do to further troubleshoot and resolve this intermittent error.