Cloudflare 525 error code and port scan

0

Today, Cloudflare return code 525 for some https connections. And I see many connections in iftop on the origin server. This connections - port scan.

I used iptables, and block all packets, not from 22, 80, 443 ports, but sometimes I get 525 code from Cloudflare anyway. Any tips?

kden

Posted 2019-07-07T18:02:34.460

Reputation: 1

Answers

0

First, check Cloudflare Status and DownDetector, There was an outage caused at Cloudflare itself, a few days ago.

Second, Cloudfalre provides documentation on Fixing Error 525: SSL handshake failed, e.g.

  • Make sure you have a valid SSL certificate installed on your origin server.
  • Check with your hosting provider to make sure they’re listening on port 443.
  • Check to make sure your origin server is properly configured for SNI.
  • Be sure the cipher suites your server uses match what is supported by Cloudflare.
  • If the errors are intermittent, it might be that the TCP connection between Cloudflare and your origin is being reset during the SSL handshake. Ask your hosting provider/system administrator to check if there are any server issues... [and check Cloudflare status].

DrMoishe Pippik

Posted 2019-07-07T18:02:34.460

Reputation: 13 291

I think the problem is not in a cloudflare. Hetzner notified that the server was attacked and I think that this port scan is to blame for everything. So, I block port scan, but traffic not disapear and some connections fails. – kden – 2019-07-07T18:42:15.690

Asked: 2019-07-07T18:02:34.460

Viewed: 85 times

Active: 2019-07-07T18:34:19.777