nodejs.org: Getting random 500s on several file downloads and directory listings + downloads slow

• URL: https://nodejs.org/dist/v12.13.0/ , https://nodejs.org/dist/v12.13.0/SHASUMS256.txt.asc , https://nodejs.org/dist/v12.16.1/node-v12.16.1-darwin-x64.tar.gz
• Browser version: Chrome 80.0.3987.162 , curl 7.64.1
• Operating system: macOS 10.15.4

I’m getting a mix of slow / broken binary downloads, non-functional directory listings and file downloads both on my home internet connection in Germany, as well as from our CI server in AWS (don’t know the region). Sometimes it works without a problem, but more than half the times, I’m getting the error.

If an error occurs, it’s a 500 by nginx.

curl 7.64.1 (x86_64-apple-darwin19.0) libcurl/7.64.1 (SecureTransport) LibreSSL/2.8.3 zlib/1.2.11 nghttp2/1.39.2
Release-Date: 2019-03-27
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp smb smbs smtp smtps telnet tftp
Features: AsynchDNS GSS-API HTTP2 HTTPS-proxy IPv6 Kerberos Largefile libz MultiSSL NTLM NTLM_WB SPNEGO SSL UnixSockets
➜  ~ curl -v https://nodejs.org/dist/v12.13.0/SHASUMS256.txt.asc
*   Trying 2606:4700:10::6814:162e...
* TCP_NODELAY set
* Connected to nodejs.org (2606:4700:10::6814:162e) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/cert.pem
  CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-CHACHA20-POLY1305
* ALPN, server accepted to use h2
* Server certificate:
*  subject: OU=Domain Control Validated; OU=PositiveSSL Wildcard; CN=*.nodejs.org
*  start date: Oct 21 00:00:00 2019 GMT
*  expire date: Jan 18 23:59:59 2022 GMT
*  subjectAltName: host "nodejs.org" matched cert's "nodejs.org"
*  issuer: C=GB; ST=Greater Manchester; L=Salford; O=Sectigo Limited; CN=Sectigo RSA Domain Validation Secure Server CA
*  SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x7f82ff00d600)
> GET /dist/v12.13.0/SHASUMS256.txt.asc HTTP/2
> Host: nodejs.org
> User-Agent: curl/7.64.1
> Accept: */*
>
* Connection state changed (MAX_CONCURRENT_STREAMS == 256)!
< HTTP/2 500
< date: Mon, 06 Apr 2020 08:19:11 GMT
< content-type: text/html
< set-cookie: __cfduid=d491984f37389168cb113964828dd085c1586161151; expires=Wed, 06-May-20 08:19:11 GMT; path=/; domain=.nodejs.org; HttpOnly; SameSite=Lax
< cf-cache-status: BYPASS
< expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
< server: cloudflare
< cf-ray: 57fa151af99cdfd7-FRA
<
<html>
<head><title>500 Internal Server Error</title></head>
<body bgcolor="white">
<center><h1>500 Internal Server Error</h1></center>
<hr><center>nginx</center>
</body>
</html>
* Connection #0 to host nodejs.org left intact
* Closing connection 0