A 521 error occurs when the origin web server refused the connection from CloudFlare. It means that when tried to connect your origin on port 80 or 443 but received a ‘connection refused’ error. Something on the web server or hosting provider’s network get blocks the CloudFlare’s requests. Since it acts as a reverse proxy, all connections enter into the server from a Cloudflare IP. This error will get display when the web server is down.
The error 521 occurs due to the following conditions:
- The origin web server process isn’t running or has crashed. Check whether the web server is running normally. And also check the server’s error logs to know the reason for this error.
- Something on the web server or hosting provider’s network is blocking CloudFlare’s requests. Since this acts as a reverse proxy, all connections to your server come from a CloudFlare IP. Since the same amount of traffic now comes from a smaller number of IPs, server-side security solutions will consider this as a mistake that the increase in connections from this smaller set of IPs is an attack even when they are legitimate. This can block some IPs or rate-limited.