The Setup
A client running an OpenCart store and a WordPress site reported intermittent Cloudflare 520 errors. Initial reports mentioned issues with custom security software they were running (a proof-of-work challenge being injected via auto_prepend_file), which we helped them disable. The 520s continued.
The Pattern That Made No Sense
Over the following days, the client did remarkably thorough testing on their end and identified a pattern none of us could explain:
- 520 errors only occurred when traffic routed through Cloudflare’s LAX (Los Angeles) PoP
- Other Cloudflare PoPs worked perfectly
- DNS-only mode (no proxy) worked perfectly
- Direct origin access via hosts file worked perfectly
- A clone of the site on a different host, behind the same Cloudflare configuration, worked perfectly
By every measure available to them, the issue was specific to the combination of their site + Cloudflare LAX + our infrastructure.
Continue reading “The Cloudflare 520 Mystery: How a Threat Intel Feed Took Down One Customer Through One Specific PoP”
We recently identified a bug in the latest versions of WHMCS including version 6.3.1. The bug consists of unexpected behavior when modifying a client’s product details and using the “Enter” key to submit the changes when the product is a cPanel Account. In previous versions of WHMCS you could change a field, such as the renewal price, and press “Enter” to submit the form. Over the years we had become accustomed to changing client product settings in this manner as we found it was the most efficient way to do it.