The error code 523: Origin is unreachable error means there has been some connection or network issue due to which the Cloudflare server cannot connect or communicate with the origin server.
In simple words, suppose a user or client sends a request to the origin/website’s server to gather the content. But for some reason, the request is unable to reach its destination i.e. to the origin server, and returns an error message “Error 523: Origin is unreachable“.
Error 523: Origin is unreachable
This error message acknowledges the user about the severe i.e. the website content is temporarily unavailable.
How to fix error 523: Origin is unreachable?
The error code 523 is generally displayed along with an error message “Origin is unreachable” which implies that Cloudflare is unable to communicate with the origin server.
It means the first troubleshooting method thing you need to follow is to check whether the origin server is active and DNS settings. Here is the Error 523 Cloudflare fix you must try.
Most of the web hosting services, generally provide you a custom and intuitive dashboard to monitor, regulate and manage deployed servers. All you have to just log in to your hosting account control panel and check the stats of the server whether it’s active and functional.
Here are some of the points you need to keep in mind.
Check out all the notifications or warning messages displayed on your hosting dashboard.
Look at the server health report and stats to see if there is any potential issue.
Check whether the resources are available or not. Sometimes lack of resources such as storage, RAM and Excessive CPU usage can lead to 523 errors.
If all the above points seem okay and no potential threats are found, Contact your web hosting support team for further help. They can help you to determine hidden configuration issues, as well as any network issues if there.
1.2. Check the Cloudflare server status
Since the error code 523 is connected to Cloudflare, another thing you need to do is to check whether the Cloudflare servers are active or not in your location. Possibilities are Cloudflare in your region or area is currently down or redirected and it is under maintenance.
where you’ll find a complete list of Cloudflare sites and services as well as global networks with their statuses.
Cloudflare services status on the Global Network
Scroll down and locate your location to see if the servers are operational in your region or not. If the status shows re-routed or inactive instead of operational, it means the server is down and you cannot do anything about this rather than just wait for it to be fixed.
2. Check DNS Settings
Incorrect, outdated, or mismatched DNS configurations in we host as well as the Cloudflare account can also lead to trigger error code 523. Therefore, log in to your web hosting as well as your Cloudflare account and match the following checklists.
In Cloudflare Dashboard, check whether you have entered the correct IP address next to your domain name or not.
Cloudflare Dashboard showing A records
Now log in to your web hosting dashboard and check whether the IP address in your cPanel matches with the one under DNS record type “A”. (The IP addresses should match in both your web host as well as Cloudflare).”
WPOven’s dashboard shows DNS A records
Check for typing mistakes in DNS records, because even a slight silly mistake can trigger the 523 error.
If you have recently migrated your website from one hosting service to another, Check the DNS is propagated correctly using tools like dig or nslookup.
3. Use alternate DNS settings
For Windows 10 and Windows 11 users:
Step 1: If you are a Windows 10 or 11 User, you have to open the control panel by simply typing “Control Panel” in the search bar.
Step 2: In the Control Panel select Network & Internet > Network and Sharing Center.
Step 3: From the menu on the left, select Change adapter settings.
Step 4: Right-click on your network and select Properties.
Step 5: In the window that opens, click on Internet Protocol Version 4 (TCP/IPv4) from the list, then select Properties again.
Network Properties
Step 6: Click on Use the following DNS server addresses.
Step 7: Enter “8.8.8.8” for the Preferred DNS server and “8.8.4.4” for the Alternate DNS server.
Entering Preferred DNS server
Step 8: Click on the OK button to save your changes.
Step 9: After that double click on Internet Protocol Version 6 (TCP/IPv6) to open its properties.
Step 10: Now, select the “Use the following DNS server addresses” and enter the following into it:
Preferred DNS server: 2001:4860:4860::8888
Alternate DNS server: 2001:4860:4860::8844
Preferred DNS Server IPv6
Step 11: Once done, Click the OK button on each window to save > Restart your PC and check if the error 523 is solved.
4. Whitelist Cloudflare IP address and Ports
For security reasons, servers are configured to block any IP addresses that are suspicious and not added to their whitelist. Similarly, if Cloudflare sends requests from IP addresses that are not whitelisted, it can also get blocked and display error 523.
To avoid this, you should make sure that the Cloudflare IP address ranges are included in the origin server’s whitelist.
Check the .htaccess file and firewall rules and Whitelist Cloudflare IP address by adding them to it.
Check your security plugins if installed, whether they are blocking any Cloudflare’s IP address. If possible, deactivate them temporarily and see if the error persists.
Make sure that the latest version of mod_security is used and that its settings are properly configured to allow traffic from Cloudflare’s IP addresses.
If your web hosts use Web application firewalls (WAF), check out the logs and make sure Cloudflare’s IP addresses are not blocked.
5. Check Railgun settings
Railgun is a web optimization technology that is provided by Cloudflare and is best used to accelerate the delivery of dynamic content.
But it there is any misconfiguration happens, it can show you an error code 523. To check if this causing the issue, try disabling the Railgun for a while and try again to access the website.
6. Temporarily Deactivate any 3rd party Firewall
If you have enabled third-party firewalls and are experiencing Error Code 523, it might be that the firewalls treat the incoming requests from Cloudflare as malicious traffic and block them.
In case you are sure that, the website you are trying to access is safe and secure, try deactivating the third-party Firewalls to see if this causing the issue.
If this is the culprit, try to add Cloudflare’s 80 (HTTP) or 443 (HTTPS) ports and IP addresses to the Firewall’s whitelist.
Reconfigure your Firewall security rules and settings so that requests from Cloudflare’s IP addresses are considered safe not malicious.
You can also uninstall or delete the current 3rd party Firewall and try another one.
7. Check SSL/TLS Certificates
If you have configured Cloudflare to use secure connections then it is also mandatory for you to ensure the origin server uses a valid SSL/TLS Certificate.
This is because Cloudflare might reject any connection request from the origin server’s SSL/TLS certificate that is expired or invalid.
Here are some of the points to consider:
Check the origin server’s SSL/TLS certificate validity by using an SSL checker tool and make sure it is not expired.
Configure your Cloudflare to accept self-signed certificates.
Make sure the domain name entered in the SSL/TLS certificate matches the domain you are trying to access.
8. Cloudflare’s routing issue
If you have experienced a 523 error, it may happen due to a connection issue between Cloudflare and the origin server. Therefore, you advised reporting this issue to Cloudflare’s Customer support by providing them a unique identifier i.e. Cloudflare Ray ID generally displayed with the error message,
Cloudflare Ray ID
This will help Cloudflare’s support team to efficiently conduct the investigation and fix the issue.
9. Use DNS-O-Matic
The DNS-O-Matic is a third-party tool that is very useful if your web host changes the IP address of servers more often.
Generally, you will find that the web hosts do not change the IP addresses of the server. But when it happens, it’s more likely on a shared hosting server. If this does happen anyhow, you are more likely to get an “Error 523: Origin Unreachable error” message.
Therefore, to fix this issue, the best thing you can do, as even Cloudflare itself recommends, is to use the DNS-O-Matic service.
Cloudflare DNS-O-Matic
This service monitors any change in the IP address and automatically updates the DNS records. Using this is a very simple process, all you need to do is to
Some of the most common reasons that trigger Error 523 are:
Server Down or Misconfigured:
The origin might be offline, temporarily down, or overloaded with too many requests due to which Cloudflare is not able to connect.
It is also possible that the origin server is misconfigured, preventing it from responding to Cloudflare’s requests.
Firewall or Security Plugin issues:
The firewalls at the origin server might be mistakenly blocking the requests from Cloudflare.
If you are using any Security plugin, it can also be the culprit to trigger error 523.
DNS Issues:
If you have misconfigured your DNS settings, the requests will not be able to reach the origin server. Check your DNS settings and make sure DNS records are correctly configured.
Network Issues:
If there could be network issues between Cloudflare and the origin server due to routing or connectivity issues, error 523 will be shown.
Incorrect IP address
If you have configured the IP address in Cloudflare wrong, it can disallow requests to reach the origin server.
Blacklisted Cloudflare IPs
Too many connection requests from Cloudflare can get a blacklisted origin server to protect it from DDoS or DoS attacks. This can happen if you have not included Cloudflare’s IP address range in the origin server’s access control list.
Invalid SSL/TLS certificate
To establish any sort of communication between the servers, the connection should be safe and encrypted. To make this possible, Cloudflare requires a valid SSL/TLS certificate. However, in case the origin server has an invalid or expired certificate, it can trigger a 523 error.
Improper DNS Propagation
Some web admins or owners who migrate their websites from one hosting provider to another must not forget to update their DNS records to the new server’s IP address. This is because the changes you have made in DNS will take some sort of time to propagate throughout the network globally. Or it will show you an error 523.
Conclusion
The above post shows How you can fix Error code 523 also commonly seen as error 523: Origin is unreachable and What are the reasons that cause it.
Also, you can learn more about common Cloudflare errors such as:
The error code 523: Origin is unreachable error means there has been some connection or network issue due to which the Cloudflare server cannot connect or communicate with the origin server.
How do I fix error 523?
1. Check Server Status 2. Check DNS Settings 3. Use alternate DNS settings 4. Whitelist Cloudflare IP address and Ports 5. Check Railgun settings 6. Temporarily Deactivate any 3rd party Firewall 7. Check SSL/TLS Certificates 8. Cloudflare’s routing issue 9. Use DNS-O-Matic
Rahul Kumar is a web enthusiast, and content strategist specializing in WordPress & web hosting. With years of experience and a commitment to staying up-to-date with industry trends, he creates effective online strategies that drive traffic, boosts engagement, and increase conversions. Rahul’s attention to detail and ability to craft compelling content makes him a valuable asset to any brand looking to improve its online presence.
