Today, Cloudflare return code 525 for some https connections. And I see many connections in iftop on the origin server. This connections - port scan.
I used iptables, and block all packets, not from 22, 80, 443 ports, but sometimes I get 525 code from Cloudflare anyway. Any tips?
1 Answer
First, check Cloudflare Status and DownDetector, There was an outage caused at Cloudflare itself, a few days ago.
Second, Cloudfalre provides documentation on Fixing Error 525: SSL handshake failed, e.g.
- Make sure you have a valid SSL certificate installed on your origin server.
- Check with your hosting provider to make sure they’re listening on port 443.
- Check to make sure your origin server is properly configured for SNI.
- Be sure the cipher suites your server uses match what is supported by Cloudflare.
- If the errors are intermittent, it might be that the TCP connection between Cloudflare and your origin is being reset during the SSL handshake. Ask your hosting provider/system administrator to check if there are any server issues... [and check Cloudflare status].
