Had a kernel panic on a DigitalOcean VM today and had to create a new one from a previous backup. Managed to get everything back up and running fairly quickly with no data loss and everything setup apart from Docker which I had to remove and re-install due to it hanging on start (the VM has Wordpress sites on Docker).

I have found that even though all the rules etc are still the same and setup correctly all the sites on the VM give a CloudFlare 502 error as soon as I start firewalld, I have the exact same setup on all the other VMs with no issues. Ive checked and double checked every rule and setting and they are all correct, as soon as I stop firewalld the sites load fine though.

This is the output from firewall-cmd --list-all ( I dont normally whitelist ips but these ones here I just added are all Cloudflare)

​

target: default
  icmp-block-inversion: no
  interfaces: docker0 eth0
  sources: 173.245.48.0/20 103.21.244.0/22 103.22.200.0/22 103.31.4.0/22 141.101.64.0/18 108.162.192.0/18 190.93.240.0/20 188.114.96.0/20 197.234.240.0/22 198.41.128.0/17 162.158.0.0/15 104.16.0.0/12 172.64.0.0/13 131.0.72.0/22
  services: ssh dhcpv6-client http https smtp
  ports: 80/tcp 443/tcp 25/tcp 2244/tcp 9090/tcp 9323/tcp 19999/tcp 8899/tcp 8080/tcp 4243/tcp
  protocols: 
  masquerade: no
  forward-ports: 
  source-ports: 
  icmp-blocks: 
  rich rules:

so right now Im having to leave the sites running with no firewall...