I have a client on the Managed WP service that has some rules added to the .htaccess for their (GD’s) purposes (they limit a few options on this particular plan like cache plugins, etc.).

Initial thought was just to bail entirely and move them to a better service, but before doing so…

Wondering if these rules are conflicting or causing issues with SSL rewrites required for CF to resolve properly.

Site is throwing 502 and 525 or at a crawling pace, then going up and back down again.

Are these rules a challenge for CF to operate - or do I need to alter something to resolve properly?

BEGIN GD-SSL

Options +FollowSymLinks RewriteEngine On RewriteCond %{HTTPS} !=on RewriteCond %{HTTP_USER_AGENT} ^(.+)$ RewriteCond %{SERVER_NAME} ^www\.clientsdomainname\.com$ RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L] Header add Strict-Transport-Security "max-age=300" # END GD-SSL

BEGIN WordPress

RewriteEngine On RewriteBase / RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] # END WordPress

Hey there. I’m unfamiliar with GD-SSL (so, sorry if this isn’t any help) but the rules in .htaccess may be causing a conflict. Are you able to disable them temporarily in a dev environment?

What hosting provider?

Also, what SSL mode are you using in the Cloudflare dashboard? Here’s something I found re: 525s - not sure if it’s any help to you

https://support.cloudflare.com/hc/en-us/articles/200278659-Error-525-SSL-handshake-failed

Here’s one on 502s that you may have also already read

https://support.cloudflare.com/hc/en-us/articles/218378978-What-should-I-do-after-seeing-a-502-or-504-gateway-error-on-my-site-