Origin Is Unreachable
Production Risk
Critical — entire site is down. Usually caused by infrastructure changes without updating Cloudflare configuration.
523 Origin Is Unreachable is a Cloudflare-specific error indicating that Cloudflare cannot reach the origin server at the network level — the origin is not reachable via DNS, IP routing, or TCP. Unlike 522 (TCP timeout), 523 means the route to the origin does not exist.
- 1The origin server's IP has changed but DNS is not updated.
- 2The origin server is offline or has been deprovisioned.
- 3A network routing issue makes the origin unreachable from Cloudflare's network.
- 4The DNS A record for the origin is deleted or points to a non-existent IP.
The origin server's cloud instance was terminated without updating the DNS record in Cloudflare.
# Cloudflare resolves origin IP → no route to host # EHOSTUNREACH or ENETUNREACH
expected output
HTTP/1.1 523 Origin Is Unreachable
Fix
Update the origin DNS record in Cloudflare
WHEN The origin IP has changed.
# In Cloudflare dashboard: DNS → update A record to new origin IP
# or via API:
curl -X PUT 'https://api.cloudflare.com/client/v4/zones/{zone_id}/dns_records/{record_id}' \
-H 'Authorization: Bearer TOKEN' \
-d '{"type":"A","name":"origin","content":"new.ip.address"}'Why this works
Points Cloudflare to the correct origin IP address.
Cloudflare-specific. 523 = no network path to origin; 522 = network path exists but TCP times out.
Cloudflare 5xx error documentation
https://en.wikipedia.org/wiki/List_of_HTTP_status_codes#523 ↗Content generated with AI assistance and reviewed for accuracy. Found an error? hello@errcodes.dev