Its presence here suggests that your website visitors are getting error code 521 when they enter the URL in the browser, meaning your customers cannot access your website.
Knowing that such downtime can cost more than $300,000 for 91 percent of businessesLet’s quickly find out what error 521 means and how to fix it.
This is what we will cover:
Error code 521
Error code 521, or “Error 521: Web server is down,” is an error your visitors see if Cloudflare is unable to access your website’s server. In other words, your visitors can reach your content delivery network (CDN) servers, but the CDN cannot reach you.
Common causes of this error include an unavailable web server, a misconfigured Cloudflare configuration, or an invalid Secure Sockets Layer (SSL) certificate.
How to fix error code 521
Now that we know what error 521 is, let’s see how to fix it.
1. Check that your website is online
When you set up Cloudflare as a reverse proxy for your website server, it acts as a bridge between your clients and your website. Your website visitors go over this bridge to find your website at the other end.
If your visitors encounter the 521 error, the first thing to do is check if the bridge destination is still online.
You can use the cURL command to directly interact with your website’s server and request a response.
Open a command prompt or terminal (if you’re using macOS or Linux) and enter the following code:
curl –silent –output /dev/null –write-out “%{http_code}” https://yourwebsite.com
Note: Replace “https://yourwebsite.com” with the URL of your website.
You will get output in the form of an HTTP status code. If it’s 200, your website’s server is online.
For example, here is the output of this code if we use cURL to interact with our website.
If you don’t want to work with the command prompt or terminal, try KeyCDN HTTP Header Checker.
However, getting a 5xx status code means that the server did not respond to your request and you have a server error.
Note: If you get HTTP code 301, don’t worry. It means that WordPress has set up a 301 redirect for non WWW URL to WWW, or vice versa. This usually happens if your default website address is “https://www.nexcess.net” and you enter “https://nexcess.net”. You can enter the correct address to get the actual response code.
In case of a problem with the server, please bring it up with the hosting provider’s support team to see if they are doing any maintenance on the server. You can also check your hosting provider’s status page to see if the servers are offline.
Alternatively, if your hosting provider doesn’t offer immediate support, you can check the error logs through cPanel to troubleshoot the server.
If your hosting provider’s servers experience frequent downtime, consider Nexcess. We reliably offer almost 100 percent uptime with all our hosting plans. On top of that, our expert support team is available 24/7/365 to help you with any technical issues.
2. Remove blockers between Cloudflare and your website
If your website is online, the 521 error could be due to a misconfiguration that prevents Cloudflare from accessing your website files.
The problem may be in your .htaccess file, IP Blocker rules, or security plugin. Let’s see how to fix each one.
Whitelist Cloudflare IP addresses in your .htaccess file
Cloudflare uses a set of IP addresses to direct incoming traffic to its web server. Make sure all those IP addresses are whitelisted or allowed on your web server.
Here’s how to whitelist IP addresses in server settings:
1. Open the .htaccess file via an FTP client or using the file manager in cPanel.
2. Add the following code:
order deny, allow
deny everything
3. Add permission [Cloudflare IP addresses]. Replace [Cloudflare IP addresses] with one of the actual IP addresses on each line, as shown in the image below.
4. Save your .htaccess file.
Check IP blocker settings
If you are using a cPanel based host, IP Blocker can help you block your website from a specific IP address or a range of IP addresses.
Review your IP blocker settings to make sure one of your administrators hasn’t added Cloudflare IP ranges by mistake.
Disable your security plugin
There is a possibility that your security plugin or firewall is blocking requests from Cloudflare. To rule out that possibility, disable the plugin and see if it resolves the 521 error. If it does, contact the plugin developers or replace your security plugin.
3. Check Cloudflare’s DNS settings
Sign in to your Cloudflare account and navigate to [yourwebsite.com] > DNS > Records.
Once there, make sure that the contents of all A records match the IP address of the origin web server and that the contents of the CNAME records contain the domain name of your website.
If one of the records is incorrect, you can modify the record by clicking Edit.
4. Install valid SSL on the origin web server
If you have configured the SSL/TLS settings in Cloudflare to Full (strict), Cloudflare performs certificate validation between itself and your server.
And if your website’s SSL certificate shows as expired or self-signed or doesn’t match the domain, Cloudflare will drop the connection. In that case, your visitors will see the 521 error in their web browser.
You may need to install a Cloudflare Origin Certificate Authority (CA) certificate on your server to fix this issue. You can obtain a Cloudflare origin CA certificate by navigating to [yourwebsite.com] > SSL/TLS > Origin Server and clicking Create Certificate.
later, you can add the Cloudflare certificate of origin to your web server following the instructions of your hosting provider.
However, if you manage sensitive data or need to comply with PCI-DSS requirements, you might be better off with a premium SSL certificate.
5. Disable mod_reqtimeout and mod_antiloris
You may have enabled mod_reqtimeout and mod_antiloris modules in your Apache HTTP server to prevent Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks. The modules protect your web server from these attacks by limiting the number of times a host IP can connect to your server.
While mod_reqtimeout and mod_antiloris serve as a protective shield for your hosting server, they may have incompatibility issues with Cloudflare.
For example, Cloudflare relies on a limited number of IP addresses to direct traffic to its server, but modules can block those addresses due to consecutive connection attempts.
6. Contact customer service
If none of the above solutions work for you, it’s time to get some outside help.
Get support from Cloudflare via ticket, chat, or phone by navigating to Support > Contact Cloudflare if your website works fine without Cloudflare’s CDN.
If the website’s hosting server is down, please contact your web host’s support team. With Nexcess, you get 24/7/365 support from expert technicians who handle end-to-end troubleshooting, allowing you to focus on other business tasks.
Final Thoughts: 6 Ways to Fix Cloudflare Error Code 521 in WordPress
If you own an eCommerce business or run a business, you don’t want to keep seeing the 521 error code for long. Every second your website remains inaccessible leaves more money on the table.
Using the above tips, you can try to fix the error as soon as possible. However, prevention is better than cure.
At Nexcess, our experts take care of the server setup for you, so you’ll rarely have to worry about a 521 error. Not to mention, our business hosting plans come with 24/7/365 support from elite technicians, always. waiting if something comes loose. .
On top of that, you can also try our free built-in Nexcess Edge CDN, which is powered by Cloudflare, to bypass the 521 error code, as Nexcess experts handle everything, unlike Cloudflare where you have to set up the CDN manually.
Check out our hosting plans to get started today.