Weird intermittent HTTP 526 Error, different subdomain is requested
On my webserver I occasionally (about 1 in 20 requests) get an HTTP Error 526 that I can't figure out. If I request the same URL in a browser, about 1 in 20 requests will return an error 526. I checked the SSL config with various tools and it seems fine (also works the majority of times).
I then enabled the SSL debug in apache2 and found that the requests that fail do so, because for some reason it requests a different subdomain which on this server there is no SSL certificate installed. So all the requests (sub1.mydomain.com) work fine but although I request the exact same URL suddenly I can see another subdomain is requested (sub2.mydomain.com) which I also own and operate but on a different server. Since this server can't provide an SSL certificate for that subdomain, the request fails and I get an error 526. I have no idea what happens here and how to debug this error. To me right now the only explanation is, that the Cloudflare cashing somehow messes with the subdomains and requests... Can anybody help?
19 Replies
Can you tell from your logs when this issue started?
And could you also share the domain so I can try to reproduce the issue?
I first noted it on February 4th but it then disappeared a day or so after without any action I took, now it reappeared today
Could you give a specific time for today?
I can't, I noticed around 2 hours ago but I don't know if it occured before
maybe another important information I noticed: this happens across multiple subdomains that go trhoug cloudflare and multiple servers
And can you share a domain on which I can reproduce?
the domains are very restricted by country/origin and provider, I doubt you can access them
do you have a support ticket open about this which identifies the domains?
I don't. Discord is my first support approach I have taken with this issue. I use a free plan so far.
Do your logs contain the Cloudflare RayID?
They do not.
Looking into changing that.
it would be helpful for cf employees to be able to pinpoint the issue if you could share the domain
here, in DMs, me or directly to them is fine
I will share to you in DM
I think it would be best if you could create a ticket in which you mention the domain, the RayID of a 526 that you receive as well as server logs that show that the specific request had a wrong host header/SNI.
If you then share the ticket nr here, someone will look into it.
Thanks. I have trouble navigating the support section, I thought on a free plan I cannot open a ticket?
You can create a ticket with the account category.
Thanks for your help so far. I will create a ticket tomorrow and work on providing the necessary logs but it is late here already for me.
Sure, good night!
Hey there. I'm having trouble getting the cloudflare ray id into the log where I need it to be
The ray id only shows up in the access.log in my apache web server but not in the debug log (which goes to a different file)
Anyhow, I added a case 01409336
https://support.cloudflare.com/support/s/case/500Nv00000KL5R7IAL
it's okay, we found the logs already, but it's origin related so we'll follow up via the support case