Unusual website down issue

On June 11, around 10AM Pacific time, I got a website-down alert. Upon requesting the site, I found a Cloudflare error page showing a code 526 server error, invalid SSL certificate error. Around the same time, I received an automated notice from our hosting company that we were experiencing a DDoS attack, that they were monitoring the situation and taking steps to mitigate the attack.
This was unusual because we have been with this host and server and with a Cloudflare Pro account since last December with essentially no issues and no downtime.
Upon checking the origin server, I found the installed SSL certificates to be valid and good until the end of November 2024. Using RDP, rebooting it and other than the Cloudflare error page continuing, all appeared normal. I couldn’t find any direct evidence of an ongoing DDoS attack.
On the Cloudflare portal, I found that after pausing Cloudflare for the site the site began resolving again but missing a few graphics. By re-enabling Cloudflare, I was back to the same 526 server code. Checking my configuration, I found the installed Cloudflare certificates were also valid.
After a few hours of trying everything, I began to read the documentation on server code 526, and found the suggestion to change the SSL/TSL encryption configuration from “Full (strict)” to “Full”. After making this change, the site began available immediately. Then I recalled that during our initial setup last December I had the exact opposite issue. The site would only resolve if “Full (strict)” was selected.
This experience leaves me a bit uneasy since I don’t understand what caused it. My best guess is that possibly an internal Cloudflare configuration change caused our site to stop resolving and the origin server mistakenly assumed a DDoS attack. While the issue appears to have been fixed, it is still a mystery what happened. Any ideas?

I hope this was not in the documentation, because the encryption mode should always stay Full Strict, otherwise you have no proper security for your site.

The error you got indicates that your certificate expired. I understand that you said you still had a valid certificate, but you server will have used another, expired certificate in this case. Maybe your host used a different configuration or returned a different response because of the denial-of-service.

At this point it will be impossible to say what the exact issue was, but the error you experienced only occurs when your server certificate expired. It usually is best to pause Cloudflare and verify the site is loading fine on HTTPS without Cloudflare (you mentioned it didn’t).

But the bottom line is, the encryption mode should always stay Full Strict

1 Like

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.