Error 521 using cloudflare on two droplets same one pointing as subdomain.

Posted March 8, 2019 3.4k views
WordPressUbuntu 18.04


After installing the one click install I’ve faced a couple different issues. Any advice is appreciated:

Background: Two Droplets, Droplet A is primary domain (i.e. and Droplet B is subdomain ( For droplet A i have used cloudflare and updated appropriate DNS records. All is working fine on Droplet A and associated urls. For Droplet B, I am getting an Error 521 when trying to connect through the url name (i.e. –> Error 521), when I try via the IP address I get a failed page load.

Question to make sure I’m doing it right:

1) When establishing the DNS records for the subdomain (ie., should I just add the A, AAAA and NS records to the existing primary domain DNS records (i.e.

2) Do I need to run the Apache virtual host tutorial? (It seems that the one click wordpress install already does that)

3) For cloudflare integration, I added all of the subdomain records I could (A, AAAA)

4) I have used A and AAAA records in lieu of a CNAME, so A record for and A record for, and likewise for AAAA records of which each is independently pointing to its respective IP (from the relevant droplet).

Please note that I am not a programmer whatsoever but I want to learn because I’m tired of not understanding whats happening, i know its a slow process and I’m appreciative of any advice and directions.


These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Submit an Answer
2 answers


Thanks for taking the time to post this question here. I think this is where the problem can be identified:

when I try via the IP address I get a failed page load

It is my opinion that Droplet B does not have a web server listening. You can confirm this by checking what is listening, with a command like this:

netstat -tulpn

You should see your web server listening on port 80 or 443 (or both). If not, it isn’t running. If you’ve taken the appropriate steps to start the server and it still isn’t running, you may need to check the logs to find out why it failed.


Thank you Jarland for answering so quickly. I should say everything is working normally right now, and I’d like to share with you my experience in the hopes it benefits others.

Based on the above I decided to delete everything and start over (it was all in the early stages anyways). I was worried that I made so many amendments to various files that I needed a clean slate.

During the wordpress one click install (in no order, just all the mistakes I made):

  1. After logging in with root and BEFORE establishing the lets encrypt certification I set up my domain name and relevant DNS records (before i was going all the way through and the lets encrypt was like “what the heck man fix your records).

  2. Adding DNS records for the subdomain to the existing domain in DO console (I don’t know why, but i had a separate domain with records, maybe that would work but it didn’t for me).

  3. I got rid of all the AAAA records (i’ll consider adding them back but right now i’m gonna first read about it more, any advice is appreciative)

  4. Creating an A record and a CNAME record only for each domain (before i had 2 A records, one of which pointed to www thinking it was point to the CNAME alias)

  5. disabling the Cloudflare while establishing the lets encrypt certification (before there seemed to be an argument between Cloudflare SSL and Lets encrypt, so i paused Cloudflare – remember it was existing from previous droplet i destroyed — and then the lets encrypt let me install completely

  6. Generally this is about patience, I was making too many changes everywhere without waiting for them to propagate. An example is that I had read that the Cloudflare only works on flexible mode, so changing back and forth I got a bucket of different errors, Error 521, Error 522, Error 1016, Too Many HTTP redirects, This Connection is Not Private

  7. updating the wordpress urls in the settings to be the website domain and not the IP address (this fixed the connection is not private)

Anyways, i hope that my mistakes can help someone who may face similar challenges. Expect to hear more from me haha.