[Solved] Cloudflare Error 502 for specific files

[piltonca]

My website is returning Error 502 for specific files.

After reading Cloudflare support, it appears that Tommy is sending cloudflare invalid data for these files.

 

My (non-Cloudflare) site still works fine.

 

Non-Cloudflare (Working) - https://callumpilton.tech/img/tv_on_desk2.svg

Cloudflare (Not Working) - https://callumpilton.co.uk/img/tv_on_desk2.svg

[wolstech]

Both links work fine for me...

[piltonca]

I've tried multiple devices on multiple networks and the cloudflare link still wont work for me... :/

 

I've even asked other people to take a look and it's not working for them either

[wolstech]

I just did some digging...the CF data centers in the UK and Germany were blocked for abuse, which would explain why it works for me but not you (I'm in the USA). All the blocks are for failed cPanel and mail logins (typical for abuse trying to guess passwords).

 

I've unblocked all the IPs associated with these data centers

[piltonca]

That's great, working now! 

 

Would you be able to tell me when the blocks were active from, so I can get some idea of why they happened?

 

I had an issue a while back with the mail server which was resolved. If th blocks were from this then thats fine as all is now resolved, otherwise something else must be happening which i need to look into. 

 

Thanks!

[wolstech]

The usual cause of this is cybercriminals running bots through CF to break into servers.

 

It's not something you did, but rather the fact that your connections to our server appear as a CloudFlare IP. which you share with thousands of other people (some of which are abusing it).

[piltonca]

Ah okay,

 

How will I know if this happens again though?

 

Say the USA got blocked, i'd lose a large amount of potential visitors and I wouldn't even know that it had been blocked?

 

As i'm in the UK and it was the UK which was blocked, i noticed.

 

But for anywhere else, i'd never know and it would surely stay like that indefinitely?

[wolstech]

They unblock themselves over time by falling off the bottom of the block list (there's a max number of blocks that can exist at one time), but that can take a week or two typically. Considering Tommy is stable, I'd personally recommend just not using CF if this is a concern.

[piltonca]

Okay thank you. 

 

Out of interest, why aren't the CF IP's on the ignore list?

 

Considering CFs primary purpose is security, surely you have nothing to worry about?

CFs own security will handle these kinds of issues

[wolstech]

Whitelisting them means accepting the abuse instead, which would lead to more compromised accounts. The whole reason the IP blocks exist is to prevent someone from easily sitting there and guessing passwords. You'd need a large botnet to overcome it (so you have all the public IPs of the bots at your disposal, with each bot having 5 tries). If you have a botnet, you're probably DDoSing instead of breaking into servers anyway.

 

If we whitelisted a ton of IPs that anyone can easily use, we've defeated the purpose of our own protection.

 

Besides, contrary to what many think, CF is not just for security...they also offer platforms for running applications like Amazon and Google do.

[piltonca]

I never said CF was just for security, i know what it does 

 

But your explanation as to why you can't white-list them clears things up for me.

 

Thank you for all your help.

[wolstech]

No problem. Let us know if you need anything else