522 on port 80 but 443 is fine

I am getting 522 error on my domain for http(plain text) requests.
However, there is no issue for https requests.

Tried to resolve the issue by changing dns settings for domains to “DNS only”. It worked in result.

I am testing at home.
Router is not configured to block any IP.

May I ask you if your app is actually working on both 80 and 443 port or only one of them?
Can you re-check the config file?
How did you checked if it is or not resolving on port 80 (should be at the origin to redirect to 443, HTTP to HTTPS in that case)?

Can you check what have you got selected under SSL tab at Cloudflare dashboard? Is it Full SSL or something other?

Regarding 522 error, here is an step-by-step instruction article:

https://support.cloudflare.com/hc/en-us/articles/115003011431-Troubleshooting-Cloudflare-5XX-errors#522error

Have you allowed Cloudflare IP addresses to connect to your new host/origin?
Maybe you need to allow Cloudflare IP addresses to connect to your host/origin server:

https://support.cloudflare.com/hc/en-us/articles/201897700-Allowing-Cloudflare-IP-addresses

Thank you for your response.
There is Nginx web-server which serves static files and reverse proxies to api-server. It is based on servername. Nginx is configured to work with both http, and https, for https it uses the certificates created on Cloudflare. Full SSL mode is enabled.

DNS resolves without any problems.
Checked by sending request using curl.
curl http://domain/
curl http://subdomain/

I would recommend you to use Full (strict) mode instead, better security.

Did you see any error logs regarding HTTP traffic?

Yes, turns out I set it actually to Full (strict) mode. Using Cloudflare’s self-signed certificate on origin server.

No errors were shown on Nginx’s side. (client sending http request) Checked using Wireshark if Cloudflare is really sending any request to origin server and no traffic was there…

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.