I set up CloudFlare for using SSL, however recently, when a form is Posted only once, the server continually receives additional posts every few seconds until the it finally generates a 520 error. Anyone have any ideas as to why this is happening? I think it is related to CloudFlare as this did not happen before we implemented CloudFlare.
In which case you’d have a security issue.
1 Like
What does this have to do with my problem. Your answer is completely unrelated to the form posting multiple times.
The point is that you have an insecure site and you don’t seem to be aware of that.
1 Like
Have you tried the troubleshooting advice that’s below?
Error 520: web server returns an unknown error
Error 520 occurs when the origin server returns an empty, unknown, or unexpected response to Cloudflare.
Resolution
A quick workaround while further investigating 520 errors is to either grey cloud the DNS record in the Cloudflare DNS app or temporarily pause Cloudflare.
Contact your hosting provider or site administrator and request a review of your origin web server error logs for crashes and to check for these common causes:
- Origin web server application crashes
- Cloudflare IPs not allowed at your origin
- Headers exceeding 16 KB (typically due to too many cookies)
- An empty response from the origin web server that lacks an HTTP status code or response body
- Missing response headers or origin web server not returning proper HTTP error responses
520 errors are prevalent with certain PHP applications that crash the origin web server.
If 520 errors continue after contacting your hosting provider or site administrator, provide the following information to Cloudflare Support:
- Full URL(s) of the resource requested when the error occurred
- Cloudflare cf-ray from the 520 error message
- Output from http://www.example.com/cdn-cgi/trace (replace www.example.com with your hostname and domain where the 520 error occurred)
- Two HAR files:
- one with Cloudflare enabled on your website, and
- the other with Cloudflare temporarily disabled.
Oh. So you are trying to tell me that the services that we get from Cloudflare are insecure. Is that correct?
No, I was saying your site is insecure because you don’t have a certificate on your server, right?
Though, to an extent you are certainly right, that Cloudflare does offer insecure settings as well.
The whole point of us using Cloudflare for SSL is because its an old IIS5 server that doesn’t support the latest SSL standards so we can’t install a certificate there…
That’s the very issue, your server needs to be secure as well.
I’d suggest to either upgrade IIS or place a local proxy in front of it. Cloudflare alone can’t secure that.
1 Like
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.