To sum up : i’m the devops of a website which server is domain-level protected by CF, and i cannot HTTP access it anymore through CF firewall, it goes timeout.
So basically, the website DNS point towards 2x CF’s proxies, so when someone tries to reach it, it meets CF’s firewall first. Then the request may reach my server where some more internal protection may occur until the html is eventually sent back.
Since today, i can no more see my website via its domain from home, no matter what device nor browser i used (so it’s not local). I checked my server logs to see other clients are visiting normally via CF (so it’s not server). I even could see the site myself by cheating local host file so that i skip CF proxy to reach server directly, which works fine. Works okay also if i visit website through TOR or any proxy hidding my home IP.
But as soon as i try the protected way, CF seems to ignore me and server log receive no request from CF proxy nor me. I checked all Security settings, i even added my own home IP in whitelist at WAF and so on, nothing changes. I restarted server and computer even if it made no sense as they didn’t seem causing the issue, but did just in case, no change.
Seems CF blacklisted my home IP at a level i cannot see nor edit …
Anybody ever had such problem, and possibly, a fix ?
We seem to be having the same issues with a specific IP range with some random ISPs.
The affected blocks seem to be:
We’ve had reports from NL, AT and TR so far.
I can’t reproduce it myself (RO), but random parts of the world seem to fail on those IP ranges.
Okay so that could be something linked to worldwide internet pipelining - in those particular times of eastern europe tension that may or may not be related …
So for the record i can “fix” this artificially by duping my computer with local host file and skipping therefore the CF proxy protection, but i do not like the idea that some other webuser may be blocked also with no way to solve it, i’d rather see it fixed by CF (or by www service providers if that comes from routing …).
Same issue here. I have tested with different countries using a VPN. Italy, France were not working, instead there was no issue using Belgium, Poland IP
Thanks, sort of confirms znuffy’s suggestion upper.
Hello, i have the same issue for my website which is in HTTP can’t accesss it with dns random but some other dns it works also in some other countries its a worldwide problem please Cloudflare your dns have problems fix that for the love of god …
Same here from the Netherlands:
➜ curl --resolve hiber.global:80:22.214.171.124 http://hiber.global --connect-timeout 60
curl: (28) Connection timed out after 60001 milliseconds
The proxy works when I use https/port 443.
It works from Germany, so maybe some (too) broad blocking going on?
All these locations report a timeout on port 80.
RU-Moscow(Anders)-1 | 126.96.36.199 / 2a00:11c0:1b:777::4
ES-Madrid(Interxion)-1 | 188.8.131.52 / 2a00:11c0:1e:777::4
AT-Vienna(Interxion)-5 | 184.108.40.206 / 2001:ac8:29:62::2
GB-London(Volta)-13 | 220.127.116.11 / 2a0d:5082:0:5::4
DE-Frankfurt(Interxion)-3 | 18.104.22.168 / 2604:4500:c:e::4
NL-Amsterdam(IronMountain)-2 | 22.214.171.124 / 2001:1af8:4400:a008:12::4
There is a problem on the following Cloudflare block, it is impossible to access to websites by port 80 (HTTP) that are in the following CF block from the listed countries while HTTPS (443) works.
Tested countries: TR, AT, IT, FR,NL I dont know if there are other countries or not, probably there are.
Basically no one can access your website from above countries if your website is in the above CF IP block if they type your url as domain.com or http://domain.com on their browsers. Since no one types https://domain.com to their browser, therefore this issue is taking a serious level now as nobody can reach from above countries.
There is also another problem on the block 126.96.36.199/20 that if you open https://domain.com/foldername it will fail and return timeout, but if you open https://domain.com/foldername/ then it will work. This is wrong.
I hope my message reach to CF network support people.
Hello, i have the same issue for my website which is in HTTP , mavanimes.co we can’t accesss it with dns random but some other dns it works also in some other countries its a worldwide problem please Cloudflare your dns have problems fix that for the love of god …
There is same problem all CF competible HTTP ports until yesterday. NL and TR Cloudflare domains not working, if remove proxy option working DNS only. but CF proxy not working . we cant access any web site if active CF proxied from NL and TR
how can we connect CF support staff ?
not only ipv4 is affected but also ipv6
[email protected]:~# wget mydomain.ro
–2022-03-18 07:29:55-- http://mydomain.ro/
Resolving mydomain.ro (mydomain.ro)… 2a06:98c1:3121::, 2a06:98c1:3120::, 188.8.131.52, …
Connecting to mydomain.ro (mydomain.ro)|2a06:98c1:3121::|:80… ^C
What’s the proper way to open a support ticket?
Same problem here on block 184.108.40.206 and 220.127.116.11 IPs.
Started about 19:00 UTC+1 on thursday.
Only port 80 is not working, 443 is fine.
Only working port is 443,
other ports 2053,2083,80 etc. ports aren’t working
Same problem here, on theese IPs:
Port 80 not working
Same issue here, IP’s 188.114.97.* and 188.114.96.*, also on IP6 2a06:98c1:3120 / 2a06:98c1:3121
Port 8443 not working
Same isssue here, 443 works fine but other ports like 80 or 2083 get timed out.
Same problem here, HTTP website didin’t respond but HTTPS version did.
The problem seems to appear between yesterday and this morning (France)
DNS CF IPs
Well, it seems that the problem affects whole Europe
And same here, port 443 works but not port 80. Some providers work, others don’t. Same devices, different ISP in Sweden.
Tried turning on dev-mode and waited an hour, still no difference.
Tried the Cloudflare diagnostic tool and it hangs, nothing happens.
Cloudflare DNS 18.104.22.168 works but not Googles 22.214.171.124 or my home ISP’s DNS (Bahnhof). My mobile phone DNS works (Comviq).
Funny thing is that my old domains work normally but not the ones I created this monday.