MCP.directory

cloudflare-troubleshooting

by daymade
1
0
Source

Investigate and resolve Cloudflare configuration issues using API-driven evidence gathering. Use when troubleshooting ERR_TOO_MANY_REDIRECTS, SSL errors, DNS issues, or any Cloudflare-related problems. Focus on systematic investigation using Cloudflare API to examine actual configuration rather than making assumptions.

Install

mkdir -p .claude/skills/cloudflare-troubleshooting && curl -L -o skill.zip "https://mcp.directory/api/skills/download/7158" && unzip -o skill.zip -d .claude/skills/cloudflare-troubleshooting && rm skill.zip

Installs to .claude/skills/cloudflare-troubleshooting

About this skill

Cloudflare Troubleshooting

Core Principle

Investigate with evidence, not assumptions. Always query Cloudflare API to examine actual configuration before diagnosing issues. The skill's value is the systematic investigation methodology, not predetermined solutions.

Investigation Methodology

1. Gather Credentials

Request from user:

  • Domain name
  • Cloudflare account email
  • Cloudflare Global API Key (or API Token)

Global API Key location: Cloudflare Dashboard → My Profile → API Tokens → View Global API Key

2. Get Zone Information

First step for any Cloudflare troubleshooting - obtain the zone ID:

curl -s -X GET "https://api.cloudflare.com/client/v4/zones?name=<domain>" \
  -H "X-Auth-Email: <email>" \
  -H "X-Auth-Key: <api_key>" | jq '.'

Extract zone_id from result[0].id for subsequent API calls.

3. Investigate Systematically

For each issue, gather evidence before making conclusions. Use Cloudflare API to inspect:

  • Current configuration state
  • Recent changes (if audit log available)
  • Related settings that might interact

Common Investigation Patterns

Redirect Loops (ERR_TOO_MANY_REDIRECTS)

Evidence gathering sequence:

  1. Check SSL/TLS mode:

    curl -X GET "https://api.cloudflare.com/client/v4/zones/{zone_id}/settings/ssl" \
  -H "X-Auth-Email: email" \
  -H "X-Auth-Key: key"

    Look for: result.value - tells current SSL mode

  2. Check Always Use HTTPS setting:

    curl -X GET "https://api.cloudflare.com/client/v4/zones/{zone_id}/settings/always_use_https" \
  -H "X-Auth-Email: email" \
  -H "X-Auth-Key: key"

  3. Check Page Rules for redirects:

    curl -X GET "https://api.cloudflare.com/client/v4/zones/{zone_id}/pagerules" \
  -H "X-Auth-Email: email" \
  -H "X-Auth-Key: key"

    Look for: forwarding_url or always_use_https actions

  4. Test origin server directly (if possible):

    curl -I -H "Host: <domain>" https://<origin_ip>

Diagnosis logic:

  • SSL mode "flexible" + origin enforces HTTPS = redirect loop
  • Multiple redirect rules can conflict
  • Check browser vs curl behavior differences

Fix:

curl -X PATCH "https://api.cloudflare.com/client/v4/zones/{zone_id}/settings/ssl" \
  -H "X-Auth-Email: email" \
  -H "X-Auth-Key: key" \
  -H "Content-Type: application/json" \
  --data '{"value":"full"}'

Purge cache after fix:

curl -X POST "https://api.cloudflare.com/client/v4/zones/{zone_id}/purge_cache" \
  -H "X-Auth-Email: email" \
  -H "X-Auth-Key: key" \
  -d '{"purge_everything":true}'

DNS Issues

Evidence gathering:

  1. List DNS records:

    curl -X GET "https://api.cloudflare.com/client/v4/zones/{zone_id}/dns_records" \
  -H "X-Auth-Email: email" \
  -H "X-Auth-Key: key"

  2. Check external DNS resolution:

    dig <domain>
dig @8.8.8.8 <domain>

  3. Check DNSSEC status:

    curl -X GET "https://api.cloudflare.com/client/v4/zones/{zone_id}/dnssec" \
  -H "X-Auth-Email: email" \
  -H "X-Auth-Key: key"

Look for:

  • Missing A/AAAA/CNAME records
  • Incorrect proxy status (proxied vs DNS-only)
  • TTL values
  • Conflicting records

SSL Certificate Errors

Evidence gathering:

  1. Check SSL certificate status:

    curl -X GET "https://api.cloudflare.com/client/v4/zones/{zone_id}/ssl/certificate_packs" \
  -H "X-Auth-Email: email" \
  -H "X-Auth-Key: key"

  2. Check origin certificate (if using Full Strict):

    openssl s_client -connect <origin_ip>:443 -servername <domain>

  3. Check SSL settings:

    • Minimum TLS version
    • TLS 1.3 status
    • Opportunistic Encryption

Common issues:

  • Error 526: SSL mode is "strict" but origin cert invalid
  • Error 525: SSL handshake failure at origin
  • Provisioning delay: Wait 15-30 minutes for Universal SSL

Origin Server Errors (502/503/504)

Evidence gathering:

  1. Check if origin is reachable:

    curl -I -H "Host: <domain>" https://<origin_ip>

  2. Check DNS records point to correct origin:

    curl -X GET "https://api.cloudflare.com/client/v4/zones/{zone_id}/dns_records" \
  -H "X-Auth-Email: email" \
  -H "X-Auth-Key: key"

  3. Review load balancer config (if applicable):

    curl -X GET "https://api.cloudflare.com/client/v4/zones/{zone_id}/load_balancers" \
  -H "X-Auth-Email: email" \
  -H "X-Auth-Key: key"

  4. Check firewall rules:

    curl -X GET "https://api.cloudflare.com/client/v4/zones/{zone_id}/firewall/rules" \
  -H "X-Auth-Email: email" \
  -H "X-Auth-Key: key"

Learning New APIs

When encountering issues not covered above, consult Cloudflare API documentation:

  1. Browse API reference: https://developers.cloudflare.com/api/
  2. Search for relevant endpoints using issue keywords
  3. Check API schema to understand available operations
  4. Test with GET requests first to understand data structure
  5. Make changes with PATCH/POST after confirming approach

Pattern for exploring new APIs:

# List available settings for a zone
curl -X GET "https://api.cloudflare.com/client/v4/zones/{zone_id}/settings" \
  -H "X-Auth-Email: email" \
  -H "X-Auth-Key: key"

API Reference Overview

Consult references/api_overview.md for:

  • Common endpoints organized by category
  • Request/response schemas
  • Authentication patterns
  • Rate limits and error handling

Consult references/ssl_modes.md for:

  • Detailed SSL/TLS mode explanations
  • Platform compatibility
  • Security implications

Consult references/common_issues.md for:

  • Issue patterns and symptoms
  • Investigation checklists
  • Platform-specific notes

Best Practices

Evidence-Based Investigation

  1. Query before assuming - Use API to check actual state
  2. Gather multiple data points - Cross-reference settings
  3. Check related configurations - Settings often interact
  4. Verify externally - Use dig/curl to confirm
  5. Test incrementally - One change at a time

API Usage

  1. Parse JSON responses - Use jq or python for readability
  2. Check success field - "success": true/false in responses
  3. Handle errors gracefully - Read errors array in responses
  4. Respect rate limits - Cloudflare API has limits
  5. Use appropriate methods:
    • GET: Retrieve information
    • PATCH: Update settings
    • POST: Create resources / trigger actions
    • DELETE: Remove resources

Making Changes

  1. Gather evidence first - Understand current state
  2. Identify root cause - Don't guess
  3. Apply targeted fix - Change only what's needed
  4. Purge cache if needed - Especially for SSL/redirect changes
  5. Verify fix - Re-query API to confirm
  6. Inform user of wait times:
    • Edge server propagation: 30-60 seconds
    • DNS propagation: Up to 48 hours
    • Browser cache: Requires manual clear

Security

  • Never log API keys in output
  • Warn if user shares credentials in public context
  • Recommend API Tokens with scoped permissions over Global API Key
  • Use read-only operations for investigation

Workflow Template

1. Gather: domain, email, API key
2. Get zone_id via zones API
3. Investigate:
   - Query relevant APIs for evidence
   - Check multiple related settings
   - Verify with external tools (dig, curl)
4. Analyze evidence to determine root cause
5. Apply fix via appropriate API endpoint
6. Purge cache if configuration change affects delivery
7. Verify fix via API query and external testing
8. Inform user of resolution and any required actions

Example: Complete Investigation

When user reports "site shows ERR_TOO_MANY_REDIRECTS":

# 1. Get zone ID
curl -s -X GET "https://api.cloudflare.com/client/v4/zones?name=example.com" \
  -H "X-Auth-Email: user@example.com" \
  -H "X-Auth-Key: abc123" | jq '.result[0].id'

# 2. Check SSL mode (primary suspect for redirect loops)
curl -s -X GET "https://api.cloudflare.com/client/v4/zones/ZONE_ID/settings/ssl" \
  -H "X-Auth-Email: user@example.com" \
  -H "X-Auth-Key: abc123" | jq '.result.value'

# If returns "flexible" and origin is GitHub Pages/Netlify/Vercel:

# 3. Fix by changing to "full"
curl -X PATCH "https://api.cloudflare.com/client/v4/zones/ZONE_ID/settings/ssl" \
  -H "X-Auth-Email: user@example.com" \
  -H "X-Auth-Key: abc123" \
  -H "Content-Type: application/json" \
  --data '{"value":"full"}'

# 4. Purge cache
curl -X POST "https://api.cloudflare.com/client/v4/zones/ZONE_ID/purge_cache" \
  -H "X-Auth-Email: user@example.com" \
  -H "X-Auth-Key: abc123" \
  -d '{"purge_everything":true}'

# 5. Inform user: Wait 60 seconds, clear browser cache, retry

When Scripts Are Useful

The bundled scripts (scripts/check_cloudflare_config.py, scripts/fix_ssl_mode.py) serve as:

  • Reference implementations of investigation patterns
  • Quick diagnostic tools when Python is available
  • Examples of programmatic API usage

However, prefer direct API calls via Bash/curl for flexibility and transparency. Scripts should not limit capability - use them when convenient, but use raw API calls when needed for:

  • Unfamiliar scenarios
  • Edge cases
  • Learning/debugging
  • Operations not covered by scripts

The investigation methodology and API knowledge is the core skill, not the scripts.

More by daymade

View all skills by daymade

ppt-creator

daymade

Create professional slide decks from topics or documents. Generates structured content with data-driven charts, speaker notes, and complete PPTX files. Applies persuasive storytelling principles (Pyramid Principle, assertion-evidence). Supports multiple formats (Marp, PowerPoint). Use for presentations, pitches, slide decks, or keynotes.

3118

macos-cleaner

daymade

Analyze and reclaim macOS disk space through intelligent cleanup recommendations. This skill should be used when users report disk space issues, need to clean up their Mac, or want to understand what's consuming storage. Focus on safe, interactive analysis with user confirmation before any deletions.

3111

markdown-tools

daymade

Converts documents to markdown with multi-tool orchestration for best quality. Supports Quick Mode (fast, single tool) and Heavy Mode (best quality, multi-tool merge). Use when converting PDF/DOCX/PPTX files to markdown, extracting images from documents, validating conversion quality, or needing LLM-optimized document output.

332

repomix-unmixer

daymade

Extracts files from repomix-packed repositories, restoring original directory structures from XML/Markdown/JSON formats. Activates when users need to unmix repomix files, extract packed repositories, restore file structures from repomix output, or reverse the repomix packing process.

242

qa-expert

daymade

This skill should be used when establishing comprehensive QA testing processes for any software project. Use when creating test strategies, writing test cases following Google Testing Standards, executing test plans, tracking bugs with P0-P4 classification, calculating quality metrics, or generating progress reports. Includes autonomous execution capability via master prompts and complete documentation templates for third-party QA team handoffs. Implements OWASP security testing and achieves 90% coverage targets.

82

pdf-creator

daymade

Create PDF documents from markdown with proper Chinese font support using weasyprint. This skill should be used when converting markdown to PDF, generating formal documents (legal, trademark filings, reports), or when Chinese typography is required. Triggers include "convert to PDF", "generate PDF", "markdown to PDF", or any request for creating printable documents.

22

You might also like

flutter-development

aj-geddes

Build beautiful cross-platform mobile apps with Flutter and Dart. Covers widgets, state management with Provider/BLoC, navigation, API integration, and material design.

9521,094

drawio-diagrams-enhanced

jgtolentino

Create professional draw.io (diagrams.net) diagrams in XML format (.drawio files) with integrated PMP/PMBOK methodologies, extensive visual asset libraries, and industry-standard professional templates. Use this skill when users ask to create flowcharts, swimlane diagrams, cross-functional flowcharts, org charts, network diagrams, UML diagrams, BPMN, project management diagrams (WBS, Gantt, PERT, RACI), risk matrices, stakeholder maps, or any other visual diagram in draw.io format. This skill includes access to custom shape libraries for icons, clipart, and professional symbols.

846846

ui-ux-pro-max

nextlevelbuilder

"UI/UX design intelligence. 50 styles, 21 palettes, 50 font pairings, 20 charts, 8 stacks (React, Next.js, Vue, Svelte, SwiftUI, React Native, Flutter, Tailwind). Actions: plan, build, create, design, implement, review, fix, improve, optimize, enhance, refactor, check UI/UX code. Projects: website, landing page, dashboard, admin panel, e-commerce, SaaS, portfolio, blog, mobile app, .html, .tsx, .vue, .svelte. Elements: button, modal, navbar, sidebar, card, table, form, chart. Styles: glassmorphism, claymorphism, minimalism, brutalism, neumorphism, bento grid, dark mode, responsive, skeuomorphism, flat design. Topics: color palette, accessibility, animation, layout, typography, font pairing, spacing, hover, shadow, gradient."

571699

godot

bfollington

This skill should be used when working on Godot Engine projects. It provides specialized knowledge of Godot's file formats (.gd, .tscn, .tres), architecture patterns (component-based, signal-driven, resource-based), common pitfalls, validation tools, code templates, and CLI workflows. The `godot` command is available for running the game, validating scripts, importing resources, and exporting builds. Use this skill for tasks involving Godot game development, debugging scene/resource files, implementing game systems, or creating new Godot components.

548492

nano-banana-pro

garg-aayush

Generate and edit images using Google's Nano Banana Pro (Gemini 3 Pro Image) API. Use when the user asks to generate, create, edit, modify, change, alter, or update images. Also use when user references an existing image file and asks to modify it in any way (e.g., "modify this image", "change the background", "replace X with Y"). Supports both text-to-image generation and image-to-image editing with configurable resolution (1K default, 2K, or 4K for high resolution). DO NOT read the image file first - use this skill directly with the --input-image parameter.

673466

fastapi-templates

wshobson

Create production-ready FastAPI projects with async patterns, dependency injection, and comprehensive error handling. Use when building new FastAPI applications or setting up backend API projects.

514280

Related MCP Servers

Browse all servers
GlobalpingGlobalping

Run a ping test worldwide with Globalping. Diagnose connectivity issues using Cloudflare Workers for accurate network tr

480 tools
CloudflareCloudflare

Manage DNS, CDN, and security configs with Cloudflare API. Automate web infrastructure using cloudflare dns and cloudfla

90 tools
Security ScannerSecurity Scanner

Use our Security Scanner as a website virus scanner to detect site scanner virus threats, vulnerabilities, and exposed s

20 tools
Security ScannerSecurity Scanner

Security Scanner analyzes code repositories to find exposed secrets, vulnerabilities, dependency flaws and misconfigurat

20 tools
GitHubGitHub

Extend your developer tools with GitHub MCP Server for advanced automation, supporting GitHub Student and student packag

27,6470 tools
Oh My PoshOh My Posh

Validate Oh My Posh theme configurations quickly and reliably against the official schema to ensure error-free prompts a

21,7202 tools

Stay ahead of the MCP ecosystem

Get weekly updates on new skills and servers.