ERR_CONNECTION_RESET
ERR_CONNECTION_RESET appears in Chrome when a connection that had already started is forcibly closed before the page could finish loading. Something between you and the server, your firewall, a proxy, your ISP, or the server itself, sent a TCP reset packet that cut the link mid-transfer. This guide explains what really triggers it and how to fix it, whether you are a visitor or the website owner.
Updated June 2026 · 6 min read
-
Written by
Andrian Valeanu
Founder of Pulsetic
Andrian Valeanu founded Pulsetic and, before it, Designmodo. Across 15-plus years he has shipped web products, design tools, and monitoring software teams around the world rely on.
-
Reviewed by
Ionut Caval
Technical reviewer
Ionut Caval reviews Pulsetic's technical guides for accuracy. He works hands-on with web servers, networking, and uptime monitoring day to day, and makes sure the causes and fixes here hold up in production.
The short version: ERR_CONNECTION_RESET means a TCP RST packet abruptly tore down a connection that was already in progress. If it happens on every website, the cause is local: your network, firewall, antivirus, VPN, or TCP/IP stack. If it happens on one website only, the server or a device in front of it is rejecting the request.
Key takeaways
- ERR_CONNECTION_RESET is Chromium net error -101: a connection that already started was killed by a TCP RST packet. It is refusal, not silence, which is what separates it from a timeout.
- If every website resets, the cause is local (firewall, antivirus, VPN, or a corrupted TCP/IP stack); if only one website resets and it loads elsewhere, a server or a middlebox in front of it is sending the RST.
- The most common single fix is to disable an interfering VPN, proxy, or HTTPS-scanning antivirus, then reset the network stack with
netsh winsock reseton Windows. - A reset is not always a fault: ISPs and corporate filters read the cleartext SNI hostname in the TLS handshake and inject a forged RST to block websites, which looks identical to a server problem.
- Confirm a real RST with
curl -v https://yourdomain.com: 'Connection reset by peer' is the signature, and it tells you to stop hunting for slow servers and look for whatever is actively closing the connection.
- Error type
- Browser / network (TCP connection reset)
- Whose side
- Either
- Fix difficulty
- Varies
- Common cause
- A TCP RST packet from a firewall, antivirus, proxy, ISP, or the server closed the connection mid-transfer
What does ERR_CONNECTION_RESET mean?
Every web request rides on a TCP connection. Your browser sends a SYN, the server answers with SYN-ACK, and data begins to flow. ERR_CONNECTION_RESET means that after this handshake started, one side sent a TCP RST (reset) packet: an explicit, immediate order to tear the connection down. Chrome had a live conversation and it was hung up on, so it surfaces the error and pairs it with the headline This site can't be reached and the line The connection was reset.
The single most useful thing to understand is how a reset differs from a timeout, because the two point at completely different problems. A timeout (ERR_CONNECTION_TIMED_OUT) is silence: your browser sent packets and nothing ever came back, so it gave up. A reset is the opposite of silence: something actively and deliberately answered with a RST to kill the link. Timeout means a packet was dropped or ignored; reset means a packet was refused. That distinction tells you to stop looking for slow or unreachable servers and start looking for whatever is actively closing the door: a firewall rule, antivirus, a proxy, or the server's own software aborting.
A reset is not always a fault. ISPs, corporate firewalls, and national or parental filters often block websites by reading the cleartext SNI hostname inside the TLS ClientHello, and when it matches a blocklist they inject a forged TCP RST to both ends. To your browser this is indistinguishable from a server problem: you get ERR_CONNECTION_RESET even though the real server is perfectly healthy. This is why the same URL can fail on one network (say mobile data or office Wi-Fi) and load instantly on another. If a website resets only on a specific connection, suspect a middlebox before you blame the host.
Resets also come from MTU mismatches (oversized packets get dropped and the path resets), idle connections that a NAT or load balancer ages out and closes with a RST, and a corrupted local TCP/IP or Winsock stack that mangles packets so badly the peer rejects them. Narrowing down the source, your machine, your network path, or the server, is the whole game.
- ~20%
- of new TCP connections to Cloudflare globally see a reset or timeout within the first 10 packets (Cloudflare Radar)
- 443 / 80
- the HTTPS and HTTP ports a firewall or ISP most often resets to block a website
- Either side
- a RST can be sent by the client, the server, or any middlebox in between, which is why the cause varies
How the ERR_CONNECTION_RESET error appears
The wording changes depending on your browser, device, or server. Here is how this error commonly shows up:
This site can't be reached
The connection was reset.
ERR_CONNECTION_RESET
ERR_CONNECTION_RESETChrome and Edge net error code shown on the error pageThis site can't be reached / The connection was reset.The plain-language headline Chrome pairs with the codeThe connection was resetFirefox wording for the same TCP RST eventconnection reset by peerServer logs and curl wording when the remote end sends RSTERR_CONNECTION_ABORTEDClosely related Chrome code: the connection dropped, often after data started flowing
ERR_CONNECTION_RESET vs related connection errors
These Chrome errors look similar but point at different layers. Telling them apart saves hours of troubleshooting.
| Error | What actually happened |
|---|---|
| ERR_CONNECTION_RESET | A connection that already started was killed by a TCP RST packet (firewall, proxy, ISP, or server) |
| ERR_CONNECTION_TIMED_OUT | Packets were sent but nothing answered; the request was silently dropped, not refused |
| ERR_CONNECTION_REFUSED | The server answered immediately that nothing is listening on that port |
| ERR_CONNECTION_ABORTED | The connection dropped after data began flowing, often a mid-transfer interruption |
| ERR_NAME_NOT_RESOLVED | DNS failed: the hostname could not be turned into an IP address at all |
ERR_CONNECTION_RESET: cause, symptom, and who fixes it
Match the pattern you see to the layer sending the RST so you fix the right thing first.
| Likely cause | Tell-tale symptom | Who fixes it |
|---|---|---|
| Local firewall or antivirus | Resets across many websites; stops when the web shield is disabled | Visitor (whitelist or disable) |
| VPN or proxy | Works with VPN off; resets only while connected | Visitor (reconnect or remove) |
| SNI-based ISP or content filter | Resets on one network, loads on mobile data | Visitor (change network) or owner (cannot fix the filter) |
| Corrupted TCP/IP or Winsock stack | Every website resets even after reboot, no VPN involved | Visitor (netsh winsock reset) |
| MTU or keepalive mismatch | Large pages or long idle connections reset, small ones load | Owner / network (lower MTU, tune keepalive) |
| Server, WAF, or load balancer | Resets globally, confirmed by external checks | Website owner (review rules and logs) |
curl exit codes that look like a reset
Running curl -v narrows a reset down to the exact stage it happened; these are the codes you are most likely to see.
| curl exit code | Message | What it means here |
|---|---|---|
(56) | Recv failure: Connection reset by peer | A TCP RST arrived mid-transfer: the classic ERR_CONNECTION_RESET signature |
(35) | SSL connect error / reset during handshake | The RST hit during the TLS handshake, often SNI-based filtering |
(52) | Empty reply from server | Connection opened then closed with zero bytes, closer to ERR_EMPTY_RESPONSE |
(28) | Operation timed out | No answer at all: this is a timeout, not a reset, so look elsewhere |
(7) | Failed to connect to host | The port refused the connection outright, closer to ERR_CONNECTION_REFUSED |
What causes ERR_CONNECTION_RESET?
- Firewall or antivirus software treating the connection as a threat and killing it with a RST
- An unstable or congested network (weak Wi-Fi, flaky cabling, packet loss) that drops the session mid-transfer
- A VPN or proxy that is misconfigured, overloaded, or injecting resets of its own
- ISP, corporate, or parental filtering that inspects the SNI hostname and resets connections to blocked websites
- A corrupted local TCP/IP stack, Winsock catalog, or stale DNS cache producing malformed traffic
- The server (or a load balancer or firewall in front of it) actively closing the connection, due to a crash, a blocked IP, an MTU mismatch, or an idle-timeout RST
How to find the cause fast
- Try the same URL on another network (mobile data, a different Wi-Fi) and another device. If it loads elsewhere, the problem is your original network or a filter on it, not the server.
- Open the website in an incognito window with extensions disabled. If it works, a corrupted cache, cookie, or extension on the normal profile is the cause.
- Run curl -v https://example.com from a terminal. A line like 'Recv failure: Connection reset by peer' or 'OpenSSL SSL_connect: Connection reset by peer' confirms a real TCP RST and shows how far the handshake got before it died.
- Run ping example.com and traceroute example.com (tracert on Windows). If ping succeeds but the page resets, the host is reachable and the reset comes from the application layer or a filter, not basic connectivity.
- On the server or your machine, list reset counters with netstat -s | grep -i reset (Linux/macOS) or netstat -s (Windows). A rising reset count while you reproduce the error helps confirm where the RST originates.
How ERR_CONNECTION_RESET looks from the outside
From the outside, a reset looks like a connection that opens and then dies before a response arrives. An external monitor that runs an HTTP or TCP check will record a failed request with a 'connection reset by peer' style error rather than a clean status code, and a port check on 443 or 80 will show the port accepting then dropping the handshake. Pulsetic checks your website over HTTP, TCP, and ICMP from 15+ locations worldwide every 30 seconds, so if a firewall, load balancer, or filtering middlebox starts resetting connections to your server, the failing checks fire alerts by email, SMS, voice, Slack, Discord, Telegram, or webhook within seconds. Because the checks run from many regions, Pulsetic can also reveal a reset that only affects certain networks or geographies, exactly the SNI- or ISP-level blocking that is invisible from your own desk. Pulsetic tests from outside your server, so it confirms reachability and the reset symptom but does not inspect what happens inside the host.
How to fix ERR_CONNECTION_RESET
For visitors
- Reload the page and try it on a different network (switch to mobile data or another Wi-Fi) to rule out a local filter.
- Clear your browser cache and cookies, then retry in an incognito window with extensions turned off.
- Temporarily disable any VPN, proxy, firewall, or antivirus web shield, then reload. Re-enable it once you know whether it was the cause.
- Flush your DNS cache and reset your network stack (see the platform steps and commands below), then restart the browser.
- Restart your router and device to clear a stalled connection or a stuck NAT/keepalive state.
For website owners
- Check your server, load balancer, and CDN logs for RST or 'connection reset by peer' entries around the failure time to find which layer is closing connections.
- Review firewall, WAF, and rate-limit rules: an over-aggressive rule or a blocked IP range will reset legitimate visitors. Confirm ports 80 and 443 accept traffic.
- Verify TLS and SNI are configured correctly and your certificate matches the hostname, since some setups reset on an unrecognized SNI.
- Test for an MTU or keepalive issue: lower the path MTU or tune TCP keepalive so idle connections are not aged out and reset by a middlebox.
- Set up external monitoring (see below) so you learn about resets from real-world locations before your visitors report them.
Windows
- Open Command Prompt as Administrator (right-click, Run as administrator).
- Reset the stack: run netsh winsock reset, then netsh int ip reset, then ipconfig /flushdns.
- If only certain websites reset, lower the MTU: netsh interface ipv4 set subinterface "Wi-Fi" mtu=1472 store=persistent (replace Wi-Fi with your adapter name).
- Restart the computer, then reopen the website.
macOS
- Flush DNS in Terminal: sudo dscacheutil -flushcache && sudo killall -HUP mDNSResponder, then enter your password.
- Renew the network lease: System Settings > Network > Wi-Fi > Details > TCP/IP > Renew DHCP Lease.
- Turn off any VPN or content-filter profile and disable third-party antivirus web protection, then retry.
- Restart the Mac if the reset persists.
Chrome
- Clear cache and cookies: Settings > Privacy and security > Delete browsing data.
- Open the website in Incognito (Ctrl+Shift+N / Cmd+Shift+N) to bypass extensions and cached data.
- Disable extensions at chrome://extensions, especially VPN, proxy, or security extensions.
- Check chrome://settings/system and your OS proxy settings: make sure no stale or broken proxy is configured.
Still not fixed? Next steps
- Capture the reset on the wire with
tcpdump -ni any host yourdomain.com and tcp[tcpflags] & tcp-rst != 0(or Wireshark filtered ontcp.flags.reset == 1) to see which IP is actually sending the RST. - If the RST source is your own gateway or an upstream hop, the reset is being injected in the network path; test the same hostname over a different ISP or a mobile hotspot to confirm middlebox filtering rather than a server fault.
- On the server side, correlate the timestamp with WAF, rate-limit, and load-balancer logs: an over-aggressive rule or a blocked IP range will reset legitimate visitors, and the log line names the rule that fired.
- If captures show resets only on large responses, suspect an MTU or path-MTU-discovery problem: lower the interface MTU or clamp the TCP MSS at your edge, then retest.
Code & configuration
Copy-paste starting points. Replace example.com and the paths with your own, and test changes on staging before production.
Confirm the reset with curl
curl -v https://example.com
# A real RST shows: "Recv failure: Connection reset by peer"
# or: "OpenSSL SSL_connect: Connection reset by peer in connection to example.com:443"
Reset the network stack (Windows, run as Administrator)
netsh winsock reset
netsh int ip reset
ipconfig /flushdns
:: then restart the PC
Flush DNS (macOS)
sudo dscacheutil -flushcache && sudo killall -HUP mDNSResponder
How to prevent ERR_CONNECTION_RESET
Most resets you can prevent: keep firewall, WAF, and rate-limit rules tuned so they do not strangle legitimate traffic, validate TLS and SNI configuration, and tune MTU and keepalive so middleboxes do not age out and reset idle connections. What you cannot prevent is a filter or a load balancer that starts resetting connections without warning, so the real protection is knowing the moment it happens. Pulsetic monitors your website from 15+ global locations every 30 seconds and alerts you across email, SMS, voice, Slack, Discord, Telegram, and webhook the instant checks start failing, and a public or private status page keeps your users informed while you fix it.
Learn how Pulsetic's uptime monitoring detects this from the outside, across 15+ locations.
Frequently asked questions
-
Is ERR_CONNECTION_RESET a problem with my computer or the website?
It depends on the pattern. If it happens on every website, the cause is almost always local: your network, firewall, antivirus, VPN, or TCP/IP settings. If it happens on one website from one network but that website loads fine elsewhere, the server or a filter in front of it is resetting the connection.
-
What is the difference between ERR_CONNECTION_RESET and a connection timeout?
A timeout means your packets got no answer at all, the request was silently dropped. A reset means something actively answered with a TCP RST to close the connection on purpose. Timeout is silence; reset is refusal. They point at different causes, so the fix differs.
-
Why does a website reset on my Wi-Fi but work on mobile data?
A device on the first network is likely resetting the connection. ISPs, office firewalls, and parental filters often read the cleartext SNI hostname during the TLS handshake and inject a TCP RST for blocked domains. Switching networks bypasses that middlebox, so the same website loads normally.
-
Does clearing cache and disabling my VPN really help?
Often, yes. A corrupted cache or cookie can break the connection on one profile, which is why incognito frequently works. VPNs and proxies can be misconfigured or inject resets themselves, so disabling them temporarily is one of the fastest ways to isolate the cause.
-
Can Pulsetic tell me if my server is causing the reset?
Pulsetic checks your website over HTTP, TCP, and ICMP from 15+ locations every 30 seconds and alerts you the moment connections start failing or resetting, including resets that only affect some regions. It runs from outside your server, so it confirms the reset symptom and reachability but does not look inside the host to inspect application internals.
-
How do I fix ERR_CONNECTION_RESET as a website owner?
Check server, load balancer, and CDN logs for 'connection reset by peer' entries to find which layer closes the connection, review firewall and rate-limit rules for over-blocking, confirm TLS and SNI are correct, and test for MTU or keepalive issues that let middleboxes reset idle connections.
-
Does ERR_CONNECTION_RESET mean my data was intercepted or my connection is insecure?
Not by itself. A RST simply tears down the TCP connection; it does not expose or decrypt your traffic. The one nuance is that SNI-based filters read the hostname from the cleartext part of the TLS handshake to decide what to reset, but the encrypted payload stays private. A reset is a connectivity event, not a confidentiality breach.
-
Why does ERR_CONNECTION_RESET happen only on large file downloads or video?
That pattern points at an MTU or path-MTU-discovery problem. Small requests fit in a single packet and succeed, while large transfers send full-size packets that a middlebox drops, and the connection resets mid-stream. Lowering your MTU (for example to 1472 on Windows) or having the server clamp the MSS usually fixes it.
-
Can a browser extension cause ERR_CONNECTION_RESET?
Yes. Ad blockers, security extensions, and especially VPN or proxy extensions can intercept requests and tear down connections they do not like. Open the website in an incognito window with extensions disabled, or toggle extensions off at
chrome://extensions; if it loads, re-enable them one at a time to find the offender. -
Is ERR_CONNECTION_RESET the same as 'connection reset by peer' in my server logs?
They are two views of the same TCP RST. The browser shows ERR_CONNECTION_RESET; the server, curl, or a proxy logs 'connection reset by peer' when the remote end sends the RST. Matching a log entry's timestamp to a reported failure confirms which side initiated the reset.
-
How do I fix ERR_CONNECTION_RESET on Windows when it affects every website?
Open Command Prompt as Administrator and run
netsh winsock reset, thennetsh int ip reset, thenipconfig /flushdns, and restart the PC. This rebuilds a corrupted Winsock catalog and TCP/IP stack, which is the usual culprit when resets hit all websites rather than just one.
-
Catch the next outage before your visitors do.
2-minute setup · Cancel any time
-
No credit card needed