Knowledgebase: CloudFlare
How to Fix Cloudflare Error 520: Web Server is Returning an Unknown Error

Web server is returning an unknown error

A common Cloudflare 520 error triggered when the origin server returns an empty or unexpected response. The server-side diagnostic message indicates that even though a request reached the origin web server, the server received an invalid HTTP response or didn’t know how to interpret the request at all and was unable to proceed.


Following are common reason for this error including:-

  1. Origin web server application crashes.

  • Execution of a resource-intensive script is the most probable reason that leads to web server application crash. As a result, the server will not be able to respond to the requests in a timely manner.

  1. The origin server does not allow connection from Cloudflare IP.

  • Your firewall settings may be blocking non-whitelisted IP addresses. Check whether Cloudflare’s IP address is not one of them. 

  1. The origin web server TCP idle timeouts.

  • The TCP (Transmission Control Protocol) establishes a connection between client and server, allowing them to exchange data. If its timeout value is too low, it can trigger the unknown error.

  1. Cloudflare-incompatible response headers.

  • HTTP headers allow a web server and a client to communicate. Excessive use of cookies or the use of cookies that are large will increase the size of the headers. As Cloudflare has a limit of 8kb for the header size limit, it won’t be able to process the header.

  1. Empty response from the origin web server.

  • Generally it could happen when configuration of domain DNS is incorrect.

Now, let’s take a look at some tips to fix Cloudflare 520 error:-

  1. Ensure Cloudflare DNS records pointing correctly.

  • Improper configuration of DNS entry at Cloudflare end can cause an empty response from the origin web server. Hence, it is not a bad idea to check the existing DNS records to the domain to ensure the pointing made correctly.

  1. Check the response header.

  • There could be various reasons for the missing response header. Check your origin response headers in your Cloudflare server’s HAR (HTTP Archive) files - How do I generate a HAR file?

  • If you see a response for an outdated web browser, thus it's a signal that the connection is coming from an old version of Internet Explorer or Safari.Make sure your site is compatible with common web browsers, although fringe user agent connections will sometimes appear no matter what.

  • If you find that the excessive use of cookies or cookies that are too large are causing the error 520, consider using a cookie-free domain.

  1. Investigate error log.

  • Error messages typically offer little information about how to resolve them. Therefore, error logs exist to help identify their source and quickly troubleshoot them.

  1. Use a cURL command.

  • A client URL or cURL command is used for sending HTTP/HTTPS requests but can also help troubleshoot HTTP error responses. For example, use the following cURL command to obtain information about HTTP response and request headers.

curl -svo /dev/null

  1. Disable Cloudflare.

  • You may isolate the Cloudflare factor from it. Disable Cloudflare by logging to Cloudflare Dashboard and clicking on the DNS tab. Choose a domain, then toggle the Proxy status button. Alternatively you can temporarily pause the Cloudflare will block traffic from going through Cloudflare’s network, revealing the IP address of your origin server. Then search for the error logs to find further details of the error for the crash.

  1. Restart web server.

  • The major reason for the 520 error is the failure of the web server application. It primarily happens due to excessive resource usage on the server. you can also find out whether any of your PHP applications are crashing or over consuming system resources since PHP applications may support critical services on your site from the application layer. Restarting the affected application or web server should clear the 520 error.

  1. Whitelist Cloudflare origin server IP Address.

  • As a part of Cloudflare’s built-in security protocols, you have to whitelist your origin web server IP addresses in your Cloudflare dashboard. Sometimes Cloudflare returns a more descriptive error code when an IP address is explicitly blocked.

In short, the 520 error in Cloudflare happens when the origin server returns an empty, unknown, or unexpected response to Cloudflare. The 520 error not only affect user experience but also prevent you from logging in to your site’s dashboard. Therefore, you need to find out ways to fix it right away.

Comments (0)