Sporadic page load times with Cloudflare enabled

matthew.marven · May 6, 2021, 11:26am

Hi All,

We have set up our site on Cloudflare with the hope of improving performance and increasing the security of our site. Our website is built and maintained by a third party.

With Cloudflare switched on we have noticed that sometimes the site response times will sporadically take a nosedive with the worst result from webpagetest.org coming back with a fully loaded time of 36.4 seconds. The company who runs the site for us has asked us to switch Cloudflare off however we would like to keep it enabled, I have confirmed switching off Cloudflare seems to fix the issue.

I have noticed when we run the test at Diagnostic Center | Check SSL and Test Website Security | Cloudflare UK we received back the following error:

Error
slow_ttfb_on_cache

Description
The response was slower than 800ms and the requested resource is cacheable on Cloudflare.

I have followed this article to confirm settings are appropriate:
Troubleshooting and optimizing site speed

How do we get to the bottom of what would cause this problem? Thank you in advance for any thoughts or suggestions.

sandro · May 6, 2021, 1:02pm

Does your server IP address end in 202? If so, it would appear as if these timeouts happened on your server I am afraid. The following screenshot is based on a direct request to your server

Your server’s response times are somewhat erratic. Occasionally it responds swiftly, but it often either takes 10+ seconds or times out completely.

matthew.marven · May 6, 2021, 11:59am

Hi Sandro,

Thank you for running this test, yes it does end 202. Sorry if this is a silly question but how did you run that test against our web server directly, is that a tool anyone can use for this kind of troubleshooting?

Also, does your screenshot suggest that it’s taking a long time to negotiate a TLS session between your client and the server?

Thanks

sandro · May 6, 2021, 12:06pm

You can reproduce this on your end by pausing Cloudflare. Alternatively you also edit your hosts file - hosts (file) - Wikipedia

And yes, it does seem as if your server’s SSL setup was at least partially involved. You probably best pause Cloudflare for now and contact your host to fix that.

matthew.marven · May 6, 2021, 4:36pm

Hi Sandro, where exactly did you go to run the test you provided the screenshot for? That would be useful to me. I am running tests on https://www.webpagetest.org/ with cloudflare disabled and I’m yet to re-create the high page load time or timeouts since which is frustrating in trying to prove this point.

Thank you

sandro · May 6, 2021, 4:37pm

I mentioned it in my previous reply.

matthew.marven · May 6, 2021, 4:41pm

Apologies if I misunderstand, I want to run this test to produce the same graph myself:

To confirm, I have paused Cloudflare so I can run the test against the origin server directly.

Thanks

sandro · May 6, 2021, 4:42pm

Yes, you should now be able to run the test against your server.

matthew.marven · May 6, 2021, 4:43pm

Did you run that test from somewhere in the Cloudflare portal? Or is it a different website? Thanks

sandro · May 6, 2021, 4:44pm

That was a screenshot straight from Firefox.

Right now your server seems to be a bit more responsive than before.

matthew.marven · May 6, 2021, 4:49pm

I see, thank you for confirming I have found the timings section in Firefox.

Since I turned Cloudflare off at 2 PM I have run 10 tests and the page load speed is roughly the same every time. It seems that Cloudflare is creating some sort of load on the origin server (due to an incompatibility or setting conflict?) which is why it appears that the server is not handling requests in a timely manner.

sandro · May 6, 2021, 4:53pm

Cloudflare can’t really do such a thing. What could be is that your server goes nuts because all requests come from a small set of proxies addresses and your server either rate limits them or blocks them altogether, but that’s something for your host to figure out.

At this point I would suggest to unpause Cloudflare. If the issue is fixed, it was a temporary glitch on your server and your host might still want to look into it to fix that. Should the site be unavailable once more it would be that your server does not like requests via Cloudflare. One other alternative could be that your server is actually connecting to itself (which will somewhat not work when proxied) but that’s A) speculation and B) also something your host would need to fix.

Right now I can load your site fine via the proxies as well.

matthew.marven · May 6, 2021, 4:57pm

That’s great information thank you, I think you could be on to something regarding rate limiting/blocking requests from Cloudflare. The issue is sporadic, it happens for a while then it’s fine again. I will ask them to look into the idea that something is blocking the requests.

DaServaJesus · May 6, 2021, 4:58pm

Ideally if they haven’t already, they should remove any possible restrictions (and consider allow-listing them) on the IP ranges listed on IP Ranges | Cloudflare

matthew.marven · May 6, 2021, 4:59pm

Hi, thanks for the information there - I will ask them to confirm these are all whitelisted.

sandro · May 6, 2021, 5:09pm

It’s difficult to say as they did not only block Cloudflare connections but seemingly everything. Rate limiting is a possibility but by no means necessarily the reason. I am afraid only your host can check why your server did not respond.

matthew.marven · May 6, 2021, 5:11pm

Thank you Sandro, at least you have given me something to go by so I am glad I posted. It’s difficult as their solution is to switch it off rather than investigate the issue - I am at a loss!

sandro · May 6, 2021, 5:17pm

I understand that having an additional proxy in-between won’t necessarly make things easier, but of course just switching off things is not really helpful either.

It really comes down to your host to check why your server behaved the way it did. You unpaused Cloudflare, didn’t you? Right now it still loads fine.

matthew.marven · May 6, 2021, 5:22pm

Agreed.

We switched Cloudflare on to make use of the firewall filtering due to phoney account registrations which the website provider didn’t seem to fix for us, I have other concerns about the security of the site but I am not a web developer or a decision-maker in who we use for this site, I am trying to make the best of the situation by putting Cloudflare in front of the site.

Yes I have, I am going to leave it on for now as the site is responding again, I’ve passed your comments and the IP list to the website provider. I will update this thread with their comments, hopefully for closure!

sandro · May 6, 2021, 5:22pm

Sure, should it start to time out again you can also try aforementioned hosts file approach.