Welcome to Centmin Mod Community
Become a Member

Cloudflare Domains SSL Cloudflare 521 + Centminmod

Discussion in 'Domains, DNS, Email & SSL Certificates' started by Rodrigo Vazquez, Apr 3, 2017.

  1. Rodrigo Vazquez

    Rodrigo Vazquez New Member

    2
    1
    3
    Mar 14, 2017
    Ratings:
    +1
    Local Time:
    6:04 AM
    Hello..
    I am getting a 521 error:
    [​IMG]
    (https://content.screencast.com/user...197-ab75-a72e737b1a16/2017-04-02_22-13-41.png)

    Not sure why, I installed centminmod, create a vhost with wordpress instance, then I went to my Cloudflare DNS Management and added a A Record using server IP and the subdomain I just created with the CLI help from centminmod.

    Am I missing something?
     
  2. eva2000

    eva2000 Administrator Staff Member

    36,860
    8,068
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,426
    Local Time:
    10:04 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    If you use a reverse proxy in front of Centmin Mod Nginx, you need to setup nginx realip to be passed onto Nginx.

    See Getting Started Guide step 4 and setting correct real ip via nginx module config at http://centminmod.com/nginx_configure_cloudflare.html.

    If using Centmin Mod 123.09beta01 and newer, there's an added tools/csfcf.sh script to aid in this. Details at:
    You just need to setup a cronjob to run
    Code (Text):
    /usr/local/src/centminmod/tools/csfcf.sh auto

    and ensure your nginx.conf http{} context has the include file /usr/local/nginx/conf/cloudflare.conf and/or your individual nginx vhost's server contexts has the same include file
    Code (Text):
    http {
    map_hash_bucket_size 128;
    map_hash_max_size 2048;
    server_names_hash_bucket_size 128;
    server_names_hash_max_size 2048;
    
    limit_req_zone $binary_remote_addr zone=xwplogin:16m rate=40r/m;
    #limit_conn_zone $binary_remote_addr zone=xwpconlimit:16m;
    
    more_set_headers "Server: nginx centminmod";
    more_set_headers "X-Powered-By: centminmod";
    
    include /usr/local/nginx/conf/cloudflare.conf;
    include /usr/local/nginx/conf/maintenance.conf;
    include /usr/local/nginx/conf/vts_http.conf;
    include /usr/local/nginx/conf/geoip.conf;
    #include /usr/local/nginx/conf/pagespeedadmin.conf;
    include /usr/local/nginx/conf/fastcgi_param_https_map.conf;

    Then restart nginx server via command shortcut
    Code (Text):
    ngxrestart

    or
    Code (Text):
    service nginx restart
     
  3. Mrbo

    Mrbo Member

    65
    3
    8
    Jun 17, 2018
    Ratings:
    +3
    Local Time:
    7:04 PM
    Hi, What else can I do for troubelshooting?

    I ran "/usr/local/src/centminmod/tools/csfcf.sh auto" and included the cloudflare conf file but i still get 521, 503, 502 and/or 500 errors on some of my sites, while others work fine. I cant seem to find why some work without a problem and some gives me the errors. ( While using the same installation process for all of them, wordpress via option 22, and the same cloudflare settings)

    ( I havent changed to include cloudflare in the SSL conf files though, idk if I should do that)


    I also checked the logs but they are all empty.
    /usr/local/nginx/logs/access.log
    /usr/local/nginx/logs/error.log
    /home/nginx/domains/domainname.com/log/access.log
    /home/nginx/domains/domainname.com/log/error.log
    /var/log/mysqld.log

    Nothing special in the /var/log/lfd.log just showing blocked users from different countries.


    Only error is in /var/log/php-fpm/www-php.error.log which just repeats this error
    Code:
    [04-Jul-2018 03:24:39 UTC] PHP Fatal error:  Declaration of ElementorExtras\Core\Settings\General\Manager::get_model_for_css_file(Elementor\CSS_File $css_file) must be compatible with Elementor\Core\Settings\Base\Manager::get_model_for_css_file(Elementor\Core\Files\CSS\Base $css_file) in /home/nginx/domains/kjellhaglund.nu/public/wp-content/plugins/elementor-extras/core/settings/global/manager.php on line 154
     
    Last edited: Jul 5, 2018
  4. Mrbo

    Mrbo Member

    65
    3
    8
    Jun 17, 2018
    Ratings:
    +3
    Local Time:
    7:04 PM
    Ive narrowed it down to being some conflict with cloudflare. When I set cloudflare to full SSL, Always use HTTPS or Automatic HTTPS Rewrites I get those errors. While on two sites I get the 521 redirected to 502 or 500 even if I turn everything off or even pausing cloudflare.
     
    Last edited: Jul 5, 2018
  5. eva2000

    eva2000 Administrator Staff Member

    36,860
    8,068
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,426
    Local Time:
    10:04 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    if you use full SSL you need to make sure to remove any centmin mod nginx http to https redirects otherwise you can go into a redirect loop
     
    • Like Like x 1
  6. Mrbo

    Mrbo Member

    65
    3
    8
    Jun 17, 2018
    Ratings:
    +3
    Local Time:
    7:04 PM
    Ok thanks! What about those two websites that give errors even with ssl or cloudflare of, how do I troubleshoot them? ( since there was nothing in the logs, but they worked the first they when I moved them over but might have something to do with the time it takes for cloudflare to take effect)
     
  7. eva2000

    eva2000 Administrator Staff Member

    36,860
    8,068
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,426
    Local Time:
    10:04 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    if you turn cloudflare ssl off, all https requests are redirected to non-https which will cause issues if you only have https nginx site so do not turn off ssl at cloudflare level
     
    • Like Like x 1
  8. Tarek Elgebaly

    Tarek Elgebaly New Member

    11
    1
    3
    Oct 22, 2018
    Ratings:
    +1
    Local Time:
    2:04 PM
    @eva2000
    I have the same problem but when I write this command :
    /usr/local/src/centminmod/tools/csfcf.sh auto

    this message show me up (No such file or directory)
    Please reply me as soon as possible
     

    Attached Files:

  9. eva2000

    eva2000 Administrator Staff Member

    36,860
    8,068
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,426
    Local Time:
    10:04 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    are you using 123.09beta01 or 123.08stable ? the csfcf.sh script is only available in 123.09beta01

    what is exact output for these 2 commands
    Code (Text):
    /usr/local/src/centminmod/tools/csfcf.sh auto
    

    Code (Text):
    cd /usr/local/src/centminmod
    git branch
    

    for posting code or output from commands to keep the formatting, you might want to use CODE tags for code How to use forum BBCODE code tags :)
     
  10. Tarek Elgebaly

    Tarek Elgebaly New Member

    11
    1
    3
    Oct 22, 2018
    Ratings:
    +1
    Local Time:
    2:04 PM

    Attached Files:

    • 1.png
      1.png
      File size:
      4 KB
      Views:
      0
    • 2.png
      2.png
      File size:
      4 KB
      Views:
      0
  11. eva2000

    eva2000 Administrator Staff Member

    36,860
    8,068
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,426
    Local Time:
    10:04 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    you're using 123.08stable so csfcf.sh doesn't exist.

    So you need to follow Getting Started Guide step 4 and setting correct real ip via nginx module config at Nginx Cloudflare & Incapsula (reverse proxy HttpRealIpModule) - CentminMod.com LEMP Nginx web stack for CentOS to do it manually instead for setting up real ip detection in Nginx.

    If only using Centmin Mod 123.09beta01 and newer, there's an added tools/csfcf.sh script to aid in this. Details at:
     
  12. Tarek Elgebaly

    Tarek Elgebaly New Member

    11
    1
    3
    Oct 22, 2018
    Ratings:
    +1
    Local Time:
    2:04 PM
    I do not know how I do that, is there any specific steps can do to fix this problem?
     
  13. Tarek Elgebaly

    Tarek Elgebaly New Member

    11
    1
    3
    Oct 22, 2018
    Ratings:
    +1
    Local Time:
    2:04 PM
    ????
     
..