Cloudflare "520 Error" - OpenLiteSpeed/DirectAdmin

#1
Hello!

I'm using openlitespeed with directadmin. I am getting 520 errors on some websites. Could a wrong configuration on the openlitespeed side cause this? where should I start debugging? I've been trying to solve this problem for a long time.

Note: Today I upgraded the openlitespeed version from 1.7.4 to 1.7.5 and the problem started to appear more and more.

Thanks.
 

Cold-Egg

Administrator
#2
Hi @slvmr,

Can you check if OpenLiteSpeed is still running?
If you add IP & Domain to hosts file to bypass CloudFlare, what does site shows?

When 520 shows, do you see any error log?
 
#3
Hi, i'm getting a lot of 520 errors with cloudflare lately (i'm running OLS 1.7.5 and litespeed plugin for wordpress). Not sure when it started, but it's a couple weeks maybe.

I activated debug in OLS server and noticed some SSL errors so I decided to lower SSL settings to "Flexible mode" in cloudflare (before that it was set to "Strict Mode"). I didn't see any errors since.

520 errors are very hard to debug because cloudflare says it's a unexpected error. Can someone share his experience and some hints if SSL is causing some problem ?

Thanks
 

gilles

Active Member
#4
I have experienced the exact same thing. I ended up bumping up my server capacity and the errors then went away. My best guess is the server was not able to keep up. Not sure what it was responding to Cloudflare to generate the 520 errors.

For the record, I was using a 2 vCPUs / 4GB server on DigitalOcean. Now using a 4 vCPUs / 8 GB server. I am hosting 3 Wordpress websites (with fairly low traffic) and 2 nodeJS apps (which are idle most of time).
 
#6
I did experience the 520 error once recently but I cannot reproduce it, even if I keep refreshing the page.
You might not be able to reproduce it every time. A 520 from Cloudflare could literally mean any error returned by the Webserver. It could be a timeout, it could be a partial response before Cloudflare TImeout ended, It could also be PHP returning an error.

Hi, i'm getting a lot of 520 errors with cloudflare lately (i'm running OLS 1.7.5 and litespeed plugin for wordpress). Not sure when it started, but it's a couple weeks maybe.

I activated debug in OLS server and noticed some SSL errors so I decided to lower SSL settings to "Flexible mode" in cloudflare (before that it was set to "Strict Mode"). I didn't see any errors since.

520 errors are very hard to debug because cloudflare says it's a unexpected error. Can someone share his experience and some hints if SSL is causing some problem ?

Thanks
However, SSL won't be the issue, in this case, Setting SSL to Flexible just makes Cloudflare send HTTP requests instead of HTTPS, and I believe that is just a coincidence. First of all, the actual Webserver error should be figured out.

To investigate such an issue, it is always best to check the server resources by simply using the top command on your server to see if it is an overload issue, In addition, tail the server logs to see if any errors comes at the same time, which should tell you more about the exact error which is happening. If you are a Cloudflare Business or Enterprise customer, Cloudflare should also be able to provide you with logs pertaining to what exactly happened then with the origin.

If the 520 error is easily reproducible, It is very easy to locate what is happening by simply disabling Cloudflare right at that moment(Grey Cloud), and then get the actual error from the Webserver, If not, the only way is to fiddle through the logs and figure out the actual error first.
 
#7
Thks, I agree with your analysis, but in my case there's no server overload, I'm using a good machine on google cloud platform.
And I also tried to bypass cloudflare and never got any server error.
And since I disabled cloudflare strict mode there is no more 520 error (it's been 1 week now)
What i see in debug logs are some SSL related errors like this one : "invalid library (0):OPENSSL_internal:invalid library (0), last error: error:00000000:invalid library (0):OPENSSL_internal:invalid library (0)"
 
#8
Thks, I agree with your analysis, but in my case there's no server overload, I'm using a good machine on google cloud platform.
And I also tried to bypass cloudflare and never got any server error.
And since I disabled cloudflare strict mode there is no more 520 error (it's been 1 week now)
What i see in debug logs are some SSL related errors like this one : "invalid library (0):OPENSSL_internal:invalid library (0), last error: error:00000000:invalid library (0):OPENSSL_internal:invalid library (0)"
If you still have these logs, Consider creating a Bug Report ticket with LiteSpeed with the relevant logs(Definetely include a few lines above the error).
 

gilles

Active Member
#9
I had the same experience. Once I disabled Cloudflare, the errors would go away. I have not tried disabling strict mode.

I also saw the OPENSSL error above but it seemed unrelated. I think the errors are still there if I enable medium/high debug level on the server. Actually just confirmed:
2020-11-11 12:58:12.554424 [DEBUG] [SSL: 0x5690b38] checkError returned 2, first error: error:00000000:invalid library (0):OPENSSL_internal:invalid library (0), last error: error:00000000:invalid library (0):OPENSSL_internal:invalid library (0)
 
Top