How to Fix Cloudflare Error 521 in WordPress: Easy Solutions

If you’re reading this blog, chances are that customers are leaving your website due to Error 521.

Did I guess that right?

This error is specific to websites using Cloudflare and occurs when there’s a connection timeout on the server side—meaning Cloudflare cannot connect with the origin server.

Downtimes can be expensive. Although numbers vary depending on the industry, the average cost of downtime is estimated to be around $10,000/minute.

But don’t worry, fixing “Error 521: Web server is down” is not too complicated. In this guide, I’ll walk you through a couple of fixes that can help you get rid of Cloudflare Error 521.

What Is Error 521?

As I briefly explained earlier, Error 521 occurs when Cloudflare cannot connect to your website’s server. When this happens, your website visitors will see an error message like this:

While you may think Cloudflare is to be blamed here, the 521 error is not caused by Cloudflare itself but rather an issue with the server on which your website is hosted.

Yeah, you’re the problem!

When your website encounters this error, your visitors can reach Cloudflare’s server, but Cloudflare can’t reach yours.

Accelerate WordPress Load Times by 70% With Cloudways Cloudflare Addon!

Improve your website performance & score higher on Core Web Vitals with Cloudflare’s Edge Page Caching for WordPress!

Learn More

Why Error 521 Happens on Websites Using Cloudflare?

Error 521 can occur for various reasons, but no matter the cause, it prevents Cloudflare from serving your website to your visitors.

Here are some reasons why Error 521 can occur on a website using Cloudflare:

• Server overload or resource constraints: If your server is under heavy load due to increased traffic or your server resources like RAM and storage are running out, this can prevent your server from responding to Cloudflare’s request in time. Cloudways Autonomous is designed to handle traffic spikes and concurrent users with its autoscaling and load-balancing capabilities.
• The server is offline: If your server is down, this can be a pretty straightforward reason for the error. While not many hosting providers can guarantee great uptime, Cloudways can without our 99% uptime guarantee.
• Misconfigured DNS settings: When configuring Cloudflare on your site, if your DNS settings weren’t properly configured or haven’t propagated properly (which can take around 24-48 hours ), this can also lead to Error 521. Our DNS Made Easy add-on cuts down propagation time to around 2 hours*.
• Firewall blocking Cloudflare: Your server’s firewall can block Cloudflare’s requests if it mistakenly considers it malicious.
• Cached data conflicts: If your server’s cache contains conflicting or outdated data, it can prevent your server from communicating with Cloudflare, resulting in the 512 error.

How to Fix Cloudflare’s Error 521 in WordPress (12 Quick Fixes)

As I said, Error 521 can occur due to a lot of reasons. So…let’s go through some of the most common causes and see how we can fix them to resolve the issue.

To resolve Error 521, you’d need access to your web server and Cloudflare. My website is hosted on Cloudways, and the Cloudflare Enterprise add-on has been integrated into it directly from the Cloudways dashboard.

Common causes include your origin server being offline, the server firewall blocking Cloudflare’s IP addresses, or SSL settings being misconfigured. Ensuring these are properly configured usually resolves Error 521 quickly.

1. Verify that your website is online

This one is the most basic. If your server is down, you’re obviously going to encounter the 512 error. Like I said earlier, when there’s a 512 error, your visitors can reach the Cloudflare servers, but Cloudflare cannot reach yours.

When Cloudflare is implemented on a website, it works as a reverse proxy, meaning your visitors reach Cloudflare’s servers first, and then they make their way to your site. Think of it like a bridge in between.

To check if your server is running, you can simply ping it. You can use the terminal on your computer and run the Ping command like this:

My website, in this case, is whichserversize.net. As you can see, with the Ping command, I sent 4 packets and received 4 packets in return, indicating that my server is active.

You can also use the Curl command to get a status response from your server. If the HTTP status code is 200, this means your web server is active. If not, this explains why the 521 error exists.

Here’s the command you should run: curl –silent –output /dev/null –write-out “%{http_code}” https://examplewebsite.com

If you don’t want to run the Curl command and prefer to use an online tool to check your server status, simply use HTTP Header Checker.

If you get an HTTP status code which is 5xx, this means you have a server error. If you see 301, or 403 status codes, for example, you don’t have to worry as they don’t indicate that your server is down.

2. Whitelist Cloudflare IP addresses in your .htaccess file or server settings

Blacklisted IPs can also prevent Cloudflare from accessing your web server. If Cloudflare can’t redirect incoming requests to your web server because its IPs are blacklisted, this can result in a 521 error.

Whitelisting IPs is very simple. You can simply edit the .htaccess file and add Cloudflare’s IPV4 and IPV6 IPs.

I will access my .htaccess file using FileZilla after establishing an SFTP connection with my server. Your .htaccess file can be found here: /applications/mamxbvhtce/public_html.

Replace this [mamxbvhtce] with your application name.

Access the .htaccess file and add this code:

order deny, allow
deny from all

After adding the code, paste Cloudflare’s IPs and add “allow from” before each IP. You can find Cloudflare’s IPs here.

Like this:

order deny, allow
deny from all
allow from 103.21.244.0/22
allow from 103.22.200.0/22
allow from 103.31.4.0/22
allow from 104.16.0.0/13
allow from 104.24.0.0/14
allow from 108.162.192.0/18
allow from 131.0.72.0/22
allow from 141.101.64.0/18
allow from 162.158.0.0/15
allow from 172.64.0.0/13
allow from 173.245.48.0/20
allow from 188.114.96.0/20
allow from 190.93.240.0/20
allow from 197.234.240.0/22
allow from 198.41.128.0/17
allow from 2400:cb00::/32
allow from 2606:4700::/32
allow from 2803:f800::/32
allow from 2405:b500::/32
allow from 2405:8100::/32
allow from 2a06:98c0::/29
allow from 2c0f:f248::/32

Add it after: </IfModule>

This should resolve the 521 error now since IPs are not going to be blacklisted.

3. Check firewall settings to ensure Cloudflare isn’t being blocked

A firewall or IP blocker can also be a culprit here. For example, I’m using Cloudways, so I can just go over to my firewall settings and whitelist Cloudflare’s IP addresses.

If your web host offers a Cpanel, you can check its IP Blocker feature and ensure that none of Cloudflare’s IP addresses are added to it. If Cloudflare’s IPs are not getting blocked, you will not encounter the 521 error.

4. Disable your security plugin (if it conflicts with Cloudflare)

Plugins can also cause Error 521. WordPress security plugins with firewall features can conflict with Cloudflare, preventing it from accessing your server.

Wordfence, for example, can conflict with Cloudflare. So, temporarily disable WordPress plugins and check if it resolves the error.

5. Check Cloudflare’s security settings

Raising Cloudflare security too high can also cause the 521 error. To determine if this is the issue causing the error, lower it to Medium or Low and then try accessing your site again.

To access Cloudflare’s security settings, go to the “Security” tab or click here to access the security settings directly.

6. Review Cloudflare DNS settings to confirm correct configuration

If your DNS records aren’t properly configured, this is a definite signal as to why your website is throwing the 521 error. To verify if this is the root cause of the error, log into your Cloudflare account and head to the DNS settings page.

Click on Records to check if your A records match your origin server’s IP address. Also, make sure your CNAME records contain your website domain name.

7. Install a valid SSL certificate on the origin web server

When you configure Cloudflare on your site, one of the settings you’d configure to manage security preferences is SSL/TLS. From multiple offered SSL/TLS modes, if you choose Full (strict), Cloudflare performs a validation check between their edge servers and your server.

If the SSL certificate on your server is expired or doesn’t match your domain, Cloudflare will block the SSL connection, resulting in the 521 error.

In my case, I’ve installed the free Let’s Encrypt SSL certificate with my Cloudways hosting and chose Full instead of Full (strict) as my current encryption mode.

But if yours is set to Full (strict), the solution is to install Cloudflare Origin certificates on your server. To get the Origin certificate, head to SSL/TLS > Origin server > Create certificate. This should hopefully solve the 521 error.

8. Deactivate mod_reqtimeout and mod_antiloris on your web server

Apache modules like mod_reqtimeout and mod_antiloris are designed to prevent DoS and DDoS attacks by limiting how client connections interact with your server. What I mean by this is that these modules manage connection timeouts and the number of simultaneous connections from a single IP.

If you have aggressively configured these modules on your Apache server, this can create compatibility issues with Cloudflare. Keep in mind that Cloudflare works as a proxy, forwarding client traffic to your server using its own IPs. Apache modules that we talked about earlier can block Cloudflare’s legitimate requests by perceiving them as timeout violations or consecutive connection attempts from a single IP.

If this is the case for you, you must whitelist Cloudflare’s IP address, which by the way, we have talked about earlier. Also, you must adjust the module settings on your Apache server. For example, increasing timeout limits.

Fastest Managed WordPress Hosting at Just $11/Month*

Experience blazing fast server speeds with Cloudways LAMP + NGINX hybrid stack. Improve your Core Web Vitals today.

TRY NOW

9. Clear server cache to resolve any conflicts caused by outdated data

I mentioned this at the beginning of this blog, as I can stress enough how simple yet effective this troubleshooting step can be in resolving the 521 error.

Clearing your server’s cache ensures that fresh requests from Cloudflare can access your server. Outdated requests can create a mismatch, triggering the 521 error.

To clear the cache, you’d simply need to log in to your server management panel and purge the cache. I’m using Cloudways, so I can easily purge the Varnish cache from within the Cloudways dashboard.

Clearing the cache is not a direct fix to resolve the error, but it does aid in ensuring that Cloudflare receives fresh responses from your server.

Outdated requests can trigger the 521 error. Database issues, like the incorrect format parameter error in phpMyAdmin, can also cause server problems, so check your tables and import/export settings.

10. Disable Cloudflare and check for other website issues

If you’ve tried everything and nothing seems to be working, you can temporarily disable Cloudflare to see if this fixes the issue. Check for other common WordPress errors to see if this solves the 521 error.

Go through WordPress logs to figure out what exactly is causing the issue. Once you’ve figured out the problem and fixed everything, enable Cloudflare again and check if the 521 error persists.

11. Upgrade your hosting plan to handle higher traffic or resource needs

If your server resources are inadequate (such as CPU, RAM, or bandwidth), preventing your server from responding to Cloudflare requests in time, this can trigger the 521 error for your visitors. A simple solution to this problem is upgrading your hosting plan.

Cloudways Flexible and Cloudways Autonomous make it very easy to adjust server resources. With the Flexible plan, you can scale resources up and down with a simple slider. Need more RAM…drag the slider, and you’re good to go. The same goes for CPU and bandwidth.

Autonomous takes this up a notch by offering true autoscaling, automatically scaling resources depending on the traffic.

12. Contact customer support for advanced troubleshooting

If nothing works, contact Cloudflare’s customer support. To get help from support, go to Support > Contact Cloudflare. But before you contact them, make sure there are no issues at your end.

If you have hosting-related issues, you better get those resolved by contacting support and then getting in touch with Cloudflare. Back and forth might seem like a lot of hassle, but this might just resolve the issue.

Learn which one to use: CDN or Edge Cache.

Conclusion

Resolving Cloudflare Error 521 is not difficult as long as you can troubleshoot what is causing the issue. Just a reminder, the 521 error occurs when Cloudflare attempts to access your origin server over port 80 or 443 but receives a connection refused error.

Hopefully, the troubleshooting steps I have covered in this article, such as whitelisting Cloudflare’s IPs, clearing server cache, setting Cloudflare’s security medium or low, etc., should be enough to resolve the issue.

If you still have any questions or suggestions, let me know in the comments.