- Plesk 12.5 for Linux
- Plesk Onyx for Linux
- Plesk 12.0 for Linux
- A website used as a reverse-proxy;
- CloudFlare is used;
- When visiting the website, it fails to load with error 521. The error occurs because the origin web server refused the connection from CloudFlare:
CloudFlare IP addresses were blocked by
nginx because of outdated contents of
/etc/nginx/conf.d/cloudflare.conf contains old CloudFlare IP addresses list.
- Make sure that you're not blocking CloudFlare IPs in
iptables, or your firewall;
- Make sure that
/etc/nginx/conf.d/cloudflare.confis up to date and contains all IP addresses found here: https://www.cloudflare.com/ips;
- Make sure your provider doesn't rate limiting or blocking IP requests from the CloudFlare IPs and ask them to whitelist the IP addresses found here: https://www.cloudflare.com/ips;
- Make sure that you're operating off of the most recent versions of Bad Behavior or
mod_security. You want to ensure that mod_security's core rules aren't blocking CloudFlare requests;
- If you are running custom Apache modules, such as
mod_reqtimeout, disable and unload the modules. These modules will block any time an IP that connects more than 22 times. Since all connections are now coming from a CloudFlare IP, you will definitely hit the limit causing the error page. As soon as you unload the module, the issue will disappear.
- If the issue persists, please visit CloudFlare article regarding this issue.