i’m self hosting n8n with cloudfare and cloudflared and constantly get 503 errors when trying to access the website im hosting n8n on. I treid to follow the tips to check the html response body,
I dont see cloudflare or cloudflare-nginx in the response body HTML,
But when i inspect the HTML i see this:
Unsafe attempt to load URL [insert url here] from frame with URL chrome-error://chromewebdata/. Domains, protocols and ports must match.
What am I doing wrong and how can I fix this issue?
The issue is N8N_PROTOCOL=https in your compose. When using Cloudflare Tunnel, Cloudflare handles SSL termination — the tunnel connects to your n8n container over plain HTTP internally. Setting N8N_PROTOCOL=https tells n8n to generate https:// URLs for itself, but the container isn’t actually serving HTTPS, which causes the mixed-content/503 error you’re seeing.
Fix: change to N8N_PROTOCOL=http and make sure N8N_HOST is just your domain (e.g. n8n.yourdomain.com) without any protocol prefix. Your WEBHOOK_URL should still be https://n8n.yourdomain.com/ since webhooks are accessed via Cloudflare externally.
Also double-check your Cloudflare Tunnel config points to http://n8n:[port] (the internal container address), not https://.
Hi @jht, welcome to the n8n community!
So, in your script it’s not possible to see the necessary data to evaluate.
Can you confirm if the n8n host is the same as the domain used in the tunnel, if the webhook has the correct and complete URL, and if cloudflared is pointing to the correct port. Also, I researched this and it’s recommended to avoid using double https between cloudflared and n8n at the beginning of debugging.
Try accessing n8n through the local port without cloudflare. If it works locally but breaks when public, then we confirm that the problem is in the configuration.
quick follow up question which parameters should i check to confirm the n8n host is the same as the domain used in the tunnel? and if cloudflared is pointing to the right port as well as the webhook url . Thank you
if you mean the N8N_HOST and WEBHOOK_URL they are the same except the N*N_HOST doesn’t have https//, the WEBHOOK_URL the complete and correct URL with https:/[url goes here]
not sure how to check if cloudflared is pointing to the correct port .
Can you test accessing n8n directly via the local port (e.g. http://localhost:5678) without cloudflare in front? If that works fine, the 503 is definitely a cloudflare tunnel config issue, not n8n itself.
If local works, run cloudflared tunnel info <your-tunnel-name> and check what address cloudflared is routing to - it should be http://localhost:5678, not https://. Also share the output of docker logs <n8n-container> when you hit the 503 - that will tell us if n8n is even receiving the request or if cloudflare is dropping it before it arrives.
these parameters exactly, N8N_HOST and WEBHOOK_URL
An extra point I would check is whether cloudflared and n8n are really on the same Docker network. If the tunnel is configured for http://n8n:5678, that name will only resolve if both containers are on the same Compose network. It’s also worth verifying that the tunnel service is using the correct public hostname in the ingress and if there’s a final fallback rule, for example service: http_status:404. A 503 error usually appears when the tunnel exists, but the internal origin configured in the ingress is not accessible.