Error Analytics has been designed to provide customers with a deeper insight into the distribution of errors that are occurring on their website per colo. A colo (short for colocation, also refer to as PoP or Point of Presence) is a data center facility where Cloudflare runs its servers that make up our edge network. You can find a list of all of our colo’s here. 

HTTP status codes that we see in a response passing through our edge are display in analytics. These codes can be split into three groups: ‘edge network errors’, ‘origin errors’ and ’52x errors’.

Errors that originate from our edge servers -such as 502, 503, and 504 with ‘Cloudflare’- are not report as part of the error analytics.

Users may see a 100x error, which are not report. These will be display as either 403 or 409 (edge) errors.

Edge Network errors

• 400 – Bad Request intercept at the Cloudflare Edge (e.g. missing or bad HTTP header)
• 403* – Security functionality (e.g. Web Application Firewall, Browser Integrity Check, CAPTCHAs, and most 1xxx error codes)
• 409* – DNS errors typically in the form of 1000 or 1001 error code
• 413 – File size upload exceed the maximum size allowed (configured under the Speed app)
• 444 – Used by Nginx to indicate that the server has return no information to the client, and closed the connection. This error code is internal to Nginx and is not return to the client.
• 499 – Used by Nginx to indicate when a connection has been close by the client while the server is still processing its request, making the server unable to send a status code back.

Origin errors

• 400 – Origin rejected the request due to bad, or unsupported syntax sent by the application.
• 404 – Only if the origin triggered a 404 response for a request.
• 4xx
• 50x

52x errors

• 520 – This is essentially a “catch-all” response for when the origin server returns something unexpect, or something that is not tolerate /cannot be interprete by our edge (i.e. protocol violation or empty response).
• 522 – Our edge could not establish a TCP connection to the origin server.
• 523 – Origin server is unreachable (e.g. the origin IP changed but DNS was not updated, or due to network issues between our edge and the origin).
• 524 – Our edge established a TCP connection, but the origin did not reply with a HTTP response before the connection timed out.

Frequently Asked Questions

What information does the Tool Tip show?

• The error code returned in the response
• The time-stamp for the “bucket” you selected
• The total count of that specific error code for that time-stamp
• The % of total requests that serves that error
• The top 5 colos (data-centers) where we served that error by count

Can I filter based on specific error(s)?

You can filter out specific error(s) by selecting one or more in the legend. Once you select an error it will be grey out in the drop down menu, and the error will no longer display as part of the graph.

In this example, by clicking on “404” in the legend we remove it from being display in the UI. 

Can I differentiate between errors coming from my origin vs Cloudflare?

In this version, we only count errors served from Cloudflare’s edge. However, errors such as 52x, can inform you about problems with your server.

What are the different sources for 503 errors?

We do count 503 errors from your origin that are pass as a response from the edge, though in this version 503 errors from the edge has multiple potential sources.

• Your origin server had a 503.  We received this from the origin and the status code was in the response from the on the edge
• Cloudflare detected malicious  Layer 7 traffic  and automatically issued a JS challenge that blocked the request
• IUAM — This also logs every blocked request
• Websocket rate-limit error