If the official documentation at the link below didn’t help: https://community.cloudflare.com/t/community-tip-fixing-error-520-web-server-is-returning-an-unknown-error/44205
I checked all the important things:
- I checked Nginx/PHP/Application logs and nothing.
- Server logs and monitoring, and nothing
- Firewall rules allow all Cloudflare IP ranges, all good here.
- Checked requests/responses on tcpdump and all looks good
tcpdump command to check full request/responses below:
sudo tcpdump -i ens5 -s 0 -A ‘tcp dst port 80 and tcp[((tcp[12:1] & 0xf0) >> 2):4] = 0x47455420 or tcp[((tcp[12:1] & 0xf0) >> 2):4] = 0x504F5354 or tcp[((tcp[12:1] & 0xf0) >> 2):4] = 0x48545450 or tcp[((tcp[12:1] & 0xf0) >> 2):4] = 0x3C21444F’
In my case, it seems that a combination of Ansible and YAML indenting, caused some whitespace and new lines to infiltrate the CSP headers in our Nginx configuration. After fixing that the problem promptly went away.
The most strange thing is that while the header is static, Cloudflare is able to parse it sometimes, sometimes it fails?
Also would be handsome if Nginx itself would clean up any data being transmitted.