Wrong site when proxy on and for speed test - HELP

Help! Our whole site switched to a wrong IP address for some people over the weekend.

Even now when I run speed test, CloudFlare is picking up a site which can’t possibly be our one. We changed servers just over a week ago and I updated the IP address but when I turn CloudFlare proxy on (or do your speed test) it pulls up the Apache2 default page from I guess the old server.

I don’t have Apache2 on the new server… This is for beany.com - should map to 35.189.21.17 but sometimes it maps to this: 172.67.163.184 and I don’t know what that is.

I’ve “paused” CloudFlare for now until I get this resolved, seems to fix it. I even upgraded to Pro but still broken. Did a purge cache, but still gets the wrong site.

Not working:

[email protected]:~ $ ping beany.com
PING beany.com (172.67.163.184) 56(84) bytes of data.

Working with proxy:

(env) [email protected]:~/git/beany (master)$ nslookup
> beany.com
Server:		127.0.0.53
Address:	127.0.0.53#53

Non-authoritative answer:
Name:	beany.com
Address: 35.189.21.17

Working when paused:

(env) [email protected]:~/git/beany (master)$ nslookup
> beany.com
Server:		127.0.0.53
Address:	127.0.0.53#53

Non-authoritative answer:
Name:	beany.com
Address: 35.189.21.17

  1. is a proper IP address for a proxied website, so that’s not it. There’s something going on internally when it’s in :orange: Proxied mode.

Did you change hosting as well?

Yes, moved from some hosting company (from web dev company) to Google Cloud / Sydney (our own).

It’s quite possible that the hosting company has their own Cloudflare integration that they need to completely disconnect in order for your new proxied site to work.

If they can’t fix it, you’ll have to open a ticket here, then when it’s our tomorrow (West Coast US), someone can take a look.

Tickets via email to: support AT cloudflare DOT com
And then post the ticket # here when you get the autoreply.

Is that at a domain name level? I set up this CloudFlare account in order for the original hosting company to use it. Then we decided to get control of our own site back on our server and I simply updated the existing CloudFlare DNS records to point at the new server.

However I’ve gone out to the ex-hosting company and asked them. Thanks for your help so far!

  • John
1 Like

It turns out that apache2 default html is actually being served up by my nginx webserver as its default html.

So the question becomes why is CloudFlare requesting a page from my server with my IP address rather than domain name? I have a few other sites running off the same IP so I can’t assume the default will be any of them.

I’m sure I’m misunderstanding some config issue here, but you must be able to run CloudFlare on a domain name basis rather than IP right?

Thanks - John

Ip address + the browser’s “Host” header gives you your site, it sounds like your server isn’t respecting the Host header

1 Like

That doesn’t explain why it works when :grey: DNS Only, but not :orange: Proxied.

1 Like

Hi @sdayman - I just raised this ticket number: 2278226

Thanks - j

1 Like

I escalated, but I’m curious. Which SSL mode are you using in the SSL/TLS settings? It should be Full (Strict).

And why does it look like it’s a Google IP address, but shows a GoDaddy certificate?

Do I need to implement the Full (strict)? I didn’t go through that process yet. It implies it should be fine with just “Full” is that not the case?

It’s hosted on a Google server, domain registered and SSL cert issued by GoDaddy.

I’m moving one of my other, less mission critical sites to Cloudflare to test. Will generate the full certificate stuff next.

It’s a valid cert, so Full (Strict) will work, and is always the best choice.

1 Like
  1. Put it onto Full (Strict).
  2. Turned Cloudflare back on (with orange cloud)
  3. Immediately www.beany.com page fails to load
  4. Clicked Pause again.
  5. Page starts working again.

Loaded another website onto Cloudflare a few hours ago. It’s proxying fine off the same IP address / server as the Beany one (kloud.co.nz)

I’ve gone and rebuilt my nginx config file for beany.com, realigned it with the mozilla best practices and it seems to be holding this time.

The only differences seem to be:
listen [::]:443 ssl http2;
vs
listen 443 ssl;

and listen [::]:80 in the redirect HTTP block instead of just listen 80

Also inclusion of the ssl_trusted_certificate param pointing to the GoDaddy cert bundle.

Still seems to be up 5 minutes later… and the Speed Test in Cloudflare is showing the right site in its thumbnails. Fingers crossed, could be fixed… will confirm tomorrow.

3 Likes

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.