What is HTTP error code 520, and how do you fix it?

Error 520 is a Cloudflare-specific status code that means the origin server returned an empty, unknown, or unexpected response. It is not a standard HTTP code. Cloudflare reached your origin, but the reply was unparseable, so Cloudflare emits 520 as a catch-all for anything that doesn’t fit a more specific 5xx like 522 or 524.

Common causes

• Origin server or PHP application crash mid-request
• Firewall, WAF, or security plugin blocking Cloudflare’s IP ranges at origin
• Response headers exceeding 128 KB, usually from cookie bloat
• Empty response with no HTTP status line
• HTTP/2 misconfiguration at origin (ALPN announces support but the server breaks the protocol)
• Authenticated Origin Pull enabled on Cloudflare but origin not configured to accept the client cert

How to fix it

1. Check origin error logs at the timestamp recorded in the cf-ray ID on the error page.
2. Whitelist Cloudflare’s published IP ranges in your firewall and any origin WAF or security plugin.
3. Inspect response headers and trim oversized cookies.
4. If HTTP/2 is enabled at origin, verify the configuration or disable HTTP/2-to-origin in Cloudflare’s Speed settings to rule it out.
5. Switch the affected DNS record to grey-cloud (DNS-only). If 520 disappears, the cause sits between Cloudflare and the origin. If it persists, the origin is the source.
6. If unresolved, open a ticket with your host. Include the cf-ray ID and a HAR file captured during the failure.