Troubleshooting FAQ for new Cloudflare customers

​​ Overview

Below are the most common customer questions and issues experienced when getting started with Cloudflare.

​​ Questions

• Why are Cloudflare’s IPs in my origin web server logs? Open external link
• Why is my site served over HTTP instead of HTTPS? Open external link
• Why is my Cloudflare Universal SSL certificate not active?

​​ Is Cloudflare attacking me?

There are two common scenarios where Cloudflare is falsely perceived to attack your site:

• Unless you restore the original visitor IP addresses, Cloudflare IP addresses appear in your server logs for all proxied requests.
• The attacker is spoofing Cloudflare’s IPs. Cloudflare only sends traffic to your origin web server over a few specific ports unless you use Cloudflare Spectrum.

Ideally, because Cloudflare is a reverse proxy, your hosting provider observes attack traffic connecting from  Cloudflare IP addresses Open external link . In contrast, if you notice connections from IP addresses that do not belong to Cloudflare, the attack is direct to your origin web server. Cloudflare cannot stop attacks directly to your origin IP address because the traffic bypasses Cloudflare’s network.

​​ Issues

• SSL errors in appear in my browser
• I’m noticing 525 or 526 errors or redirect loops
• SSL isn’t working for my second-level subdomain (i.e. dev.www.example.com)
• Why is my site content not properly rendering? Why am I receiving mixed content errors?
• My domain’s email stopped working
• Why was my domain deleted from Cloudflare?

​​ Related resources

• SSL FAQ
• DNS FAQ
• Understanding the Cloudflare dashboard Open external link
• Gathering information to troubleshoot site issues Open external link
• Contacting Cloudflare support Open external link