522 Connection Timeout After Site Migration

Hello -

I have recently moved a site over to a new server and ever since, I am getting intermittent 522 Timeouts. However, if I “pause” Cloudflare, the site loads fine and there are no issues with origin server whatsoever. I have also dug through server logs and there are no errors on our end.

Could the potential of a corrupted SSL Cert issued by Cloudflare be causing this since I had migrated the site and that is what now causing these 522 Timeout issues? I have been banging my head off the desk for the last few days over this and at my wits end.

Any insight would be appreciated. Thanks.

How intermittent? I’d set up a script monitoring both channels (“site via Cloudflare” and “site direct”) and if the 522s do not coincide with timeouts on the site itself, we could (likely) at least rule out an issue on the server. There might be still a connectivity issue.

What errors were you looking for? Timeouts shouldnt show up as Cloudflare cant connect to your server in the first place, hence nothing to log.

Was there such a certificate issued? One cant ever rule out something :smile: but I wouldnt think it should be a certificate issue, as that should be a different error and not be intermittent.

Intermittent meaning it is not consistent. It is happening at random throughout the day and hard to pinpoint why. But like I said, I had “paused” CF over an hour ago and the 522 Errors have stopped completely, so it is now pointing at being a CF issue, not the server.

I checked the server logs because a 522 says it cannot establish connection with the origin server, so I wanted to rule out any possibility that it was a server issue, or maybe some bad script running on the site preventing it from loading correctly.

I mention the SSL thing because I have had issues with this in the past where corrupted SSL certs were effecting the site to load, but just didn’t want to rule that out as CF issues their own SSL and not entirely certain this wouldn’t prevent the site from loading properly.

I understood that but by “how intermittent” I meant how often on average. Is it a few times an hour or a day?

Not necessarily, it simply could be the issue hasnt happened in the meantime.

Sure, but as I said before, if the server does not respond there is a good chance it didnt get the request in the first place.

As mentioned initially, I’d set up that script and, additionally, forward the connection ID of one of the failed requests to Cloudflare’s support. Maybe they can find out what the issue was.

1 Like

I have had a monitor setup on the site and from midnight until roughly 9am EST this morning, it was happening a few times an hour. And given the fact that it was happening right up until the point of me “pausing” CF, it is coincidental that it has now stopped and hasn’t happened since. I keep checking it and dumping caches on my end to try and reproduce an error with no such luck.

Assuming that I can just forward that ID over to [email protected] correct?

You said you turned off Cloudflare an hour ago, right? I’d still wait a couple of hours and if still does not occur we can probably say it is unlikely to be your server. Still, if you want to be sure you should monitor both channels.

But yes, contacting the address in question would be correct. They should have more insight.

Well, it has been 24 hours since I have disabled Cloudflare for this specific site and all is good, my uptime monitor is reporting 100% uptime. So I guess now it is safe to say that it is a Cloudflare issue.

That being said, I am experiencing similar issues with a couple other sites that were also migrated where some files are returning 522 status codes after enabling CF and only half-loading the website. So now I have a handful of sites where I had to “pause” CF until I hear back from someone at CF.

This is a really weird thing to be encountering, especially since the only thing that changes is the A Record in the DNS, the sites are exactly the same, the URL’s have not changed, etc. Something is getting all screwy during propagation of the A Record change to the new IP.

Even the site I migrated last night, I actually “paused” CF, made the update to the DNS and left it paused until this morning (roughly 8 hours), then cleared all caches, re-enabled CF and within minutes starting seeing 522 status codes.

Something is not right.

I’d tweak the wording :slight_smile:

It is relatively safe to assume it is a connectivity issue between you and Cloudflare.

Nonetheless, I’d probably still run aforementioned script to check if it is not an - unlikely - coincidence. If it isnt, I would check what datacentre I’d be routed through and try to check it from another location (meaning, going via a a different datancentre) too, to verify if it is a specific PoP or something specific to Cloudflare.

For now I’d open a support ticket as mentioned earlier.

I did send support an email yesterday but I have not received any communication from them as of yet. When you say “script”, what script are you talking about?

The one I mentioned in my first response.

Yeah, but I don’t know what script you are referencing though :grinning:

Is there an article or something that you could point me two that shows what it is and how to set it up because I don’t fully understand how to test both channels simultaneously.

A script :slight_smile: I wasnt referring to an existing one but suggesting you put some together that checks both channels.

Disclaimer, talking about a Bash script and assuming you have somewhere where you can run that script 24/7.

I’d simply cook up a quick script that runs either wget or curl against your site directly and via Cloudflare and logs the result in a file. Then, I’d hook that script into cron and have it run every minute. After a day or so I’d compare the results.

Turns out I needed to update my iptables and whitelist all of CF’s IPv4 IP addresses and it resolved the issues I was having across all of my sites.

Thanks for your help though, much appreciated.


This topic was automatically closed after 14 days. New replies are no longer allowed.