502, 504 or redirect error when I open my website after Web Application Firewall (WAF) setup
Sometimes when you set up the WAF that comes with Website Security, you might see an error like HTTP 502 - Unable to Connect to the Origin Server, 504 - Gateway Timeout or a redirect error when you try to go to your site. There are two settings that can cause your site to not open after you set up the WAF.
Check the Hosting IP Address Settings
Make sure that the hosting IP address in the firewall settings matches that of your hosting server.
- Go to your GoDaddy product page.
- Under Website Security and Backups, select Manage next to the Website Security account you want to manage.
- Under Firewall, select Details.
- Select Settings.
- Select Hosting IP Address.
- If the host IP in the settings is incorrect, add the correct IP and select Add Address.
- Select the box next to the old IP address and then select Delete Selected.
- If you made a change to the host IP settings, clear your WAF cache. It may take up to 5 minutes for changes to take place.
Change the SSL mode on your WAF
If you already have an SSL certificate set up on your website and then enable the Web Application Firewall (WAF), you may need to adjust your SSL mode for your website to work correctly.
- Go to your GoDaddy product page.
- Under Website Security and Backups, select Manage next to the Website Security account you want to manage.
- Under Firewall, select Details.
- Select Settings.
- Select HTTPS/SSL.
- Scroll down to SSL mode. Choose the SSL mode that makes sense for your website and then select Save.
- Full HTTPS - This is our preferred method for protecting your website, but it requires you to install an SSL certificate on your hosting server. This fully secures your traffic from your customers, to our firewall, to your website.
- Partial HTTPS - If your website doesn't have an SSL installed, we'll proxy one on your behalf. This helps prevent Man in the Middle (MitM) attacks by securing the part of your traffic that takes place between your customers and our firewall.
- After you make a change to your SSL mode, clear your WAF cache.
- It may take up to 5 minutes for changes to take place. If you are still unable to access your site after 5 minutes, continue to change the Force passing the hostname via TLS/SSL setting.
Change the Force passing the hostname via TLS/SSL setting
- Go to your GoDaddy product page.
- Under Website Security and Backups, select Manage next to the Website Security account you want to manage.
- Under Firewall, select Details.
- Select Settings.
- Select Security.
- Under Advanced Security Options, make sure the option Force passing the hostname via TLS/SSL is selected and then select Save Advanced Security Options.
- If you make a change, clear your WAF cache. It may take up to 5 minutes for changes to take place.
If you are still unable to access your site, open a support ticket and we will help you.
- Go to your GoDaddy product page.
- Under Website Security and Backups, select Manage next to the Website Security account you want to manage.
- Under Firewall, select Details.
- Select Help near the top right of the page.
- Select Product Support and then select New ticket.
- From the Regarding menu, select Website Firewall.
- From the I'm having trouble with: menu, select My site is down.
- Type "Site down after WAF setup" for your Subject.
- Add any details you want to include and then select Submit Request.
To minimize downtime, please contact our GoDaddy Guides to escalate your ticket.