An "Origin Error" occurs when your host (the origin server) fails to provide your website data to Ezoic as expected. This disrupts the connection between your server and your visitors. This guide will help you identify the symptoms of an origin error and provide the necessary steps to restore your site's performance.

Origin errors can be consistent or intermittent. Common error codes that indicate an origin issue include:

• 500 Internal Server Error: A general error indicating the server encountered a condition it couldn't handle.

• 520 / Origin Error: Specifically indicates the origin server returned an empty, unknown, or unexpected response.

• 503 Service Unavailable: Often occurs when the host server is overloaded or timed out.

• 403 Forbidden / 401 Unauthorized: Usually means the host is blocking Ezoic’s attempt to access the site (common with security plugins).

Note: If you see a 404 (Not Found) or 301 (Redirect) error, this is almost always an issue within your host's settings or your CMS (like WordPress) rather than an Ezoic integration issue. Please contact your host directly for these codes.

To resolve origin errors, particularly for sites that are cloud-integrated (sites that aren't will likely be better off contacting their host as the error will usually be with the origin server), follow these step-by-step solutions:

1. Check Site Status (All Integrations)

   Before adjusting Ezoic settings, verify if your site is down at the host level. If your origin server is offline, Ezoic cannot "reach" it to serve your content.

   • Check for host maintenance or expired SSL certificates.

   • If you recently moved to a new server, ensure your IP addresses are updated in your DNS settings.

2. Verify DNS and SSL Matching (Cloud Integrated Only)

   For sites using Cloud/DNS integration, Ezoic must perfectly mirror your host's connection settings. Even a small mismatch can trigger a 520 or "Origin" error.

   • DNS Record Audit: Compare the A-records and CNAMEs in your Ezoic dashboard against the records at your host. If your host moved your site to a new server/IP, you must update the origin server IPs in your Ezoic DNS records immediately.

   • SSL Setting Match: Your SSL settings in Ezoic (Flexible, Full, or Strict) must match the capabilities of your host.

     • If your host has a valid SSL certificate, ensure Ezoic SSL settings match your host.  

3. Whitelist Ezoic IP Addresses (Cloud Integrated Only)

   Because Ezoic acts as a proxy, your host sees all traffic as coming from Ezoic (Amazon Web Services). Some hosts misidentify this as "bot traffic" and block it.

   The Fix: Request that your host (and any security plugins like Wordfence) whitelist Ezoic’s IP ranges.

   • Full IP List:

            52.20.63.25
            3.225.202.138
            3.217.200.190
            54.212.71.227
            52.12.170.68
            34.218.21.81
            3.7.90.144
            13.127.240.219
            18.139.6.69
            18.140.184.0
            3.106.6.164
            3.106.176.61
            3.237.131.67
            15.222.77.144
            15.222.108.52
            18.157.131.187
            18.157.105.182
            23.126.25.160
            34.248.174.237
            52.16.85.139
            34.255.61.232
            15.236.165.82
            15.236.137.228
            15.236.166.30
            18.228.20.129
            18.228.107.195
            13.237.131.67
            3.106.176.6
            3.126.25.160
            2600:1f10:4c55:e200::/56
            2600:1f13:393:600::/56
            2406:da1a:e10::/56
            2406:da18:9d0:1400::/56
            2406:da1c:58a:e100::/56
            2600:1f11:f39:6f00::/56
            2a05:d014:776:a600::/56
            2a05:d018:dd:7800::/56
            2a05:d012:4d8:6800::/56
            2600:1f1e:342:2f00::/56

Action: After whitelisting, go to Settings > Connection > Troubleshooting in your Ezoic dashboard and click "Confirm Whitelisting."

4. X-Forwarded-For Headers (Cloud Integrated Only)

If your server struggles to identify the "real" user IP for features like login forms:

• • • Action: Ask your host to authorize requests based on the x-middleton-ip header, which Ezoic uses to pass the visitor's actual IP to your server.

Action: After whitelisting, go to Settings > Connection > Troubleshooting in your Ezoic dashboard and click "Confirm Whitelisting."

Here's a video with information about fixing origin errors:

Prevention

• Prioritize JavaScript Integration: To avoid the complexities of DNS matching, SSL handshakes, and IP whitelisting, we recommend using JavaScript integration. This allows your server to communicate directly with users while still utilizing Ezoic's optimization tools.

• Monitor Host Changes: If your host migrates your site to a new "Cloud" or "Pro" server, they often change your IP address without notice. Always verify your DNS records after a hosting upgrade.

Maintenance during an Error

• Don't Clear Cache Immediately: If your site is showing an origin error, Ezoic may still be serving a cached version of your site to visitors. If you clear the cache while the error persists, visitors will see the error page instead of your content.

• Clear Cache AFTER the Fix: Once the connection is restored, clear your Ezoic cache to ensure the "Error" page isn't stuck in the system.

If you need further assistance with getting your site back up and running, please log in via https://support.ezoic.com/ to make use of our dedicated resources for support. We're here to help!