Cloudflare and Nginx Connection Error 522

OK. I just wanted to cover all the bases.

When I asked that question, I could not ping the IP address in your A records.

As of this comment, now:
I can ping you from my laptop, on and off my Cloudflare VPN.
Cloudflare can ping you from the edge servers.

I can curl your IP address through my Cloudflare VPN and see the connection open up but nothing is sent back before I get a 504:

(IP obviously replaced for privacy)

$ curl -svo /dev/null W.X.Y.Z
*   Trying W.X.Y.Z:80...
* Connected to W.X.Y.Z (W.X.Y.Z) port 80 (#0)
> GET / HTTP/1.1
> Host: W.X.Y.Z
> User-Agent: curl/8.1.2
> Accept: */*
>
< HTTP/1.1 504 Gateway Timeout
< Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
< Referrer-Policy: same-origin
< Expires: Thu, 01 Jan 1970 00:00:01 GMT
< Proxy-Status: Cloudflare-Proxy;error=connection_timeout
< Content-Length: 10164
< Date: Mon, 28 Aug 2023 20:07:07 GMT
<
{ [786 bytes data]
* Connection #0 to host W.X.Y.Z left intact

Cloudflare’s edge servers cannot curl your origin at all:

*   Trying W.X.Y.Z:443...
* connect to W.X.Y.Z port 443 failed: Connection timed out
* Failed to connect to W.X.Y.Z port 443 after 15256 ms: Couldn't connect to server

If I try to directly curl your origin without my Cloudflare VPN enabled, it times out completely:

$ curl -svo /dev/null W.X.Y.Z
*   Trying W.X.Y.Z:80...
* connect to W.X.Y.Z port 80 failed: Operation timed out
* Failed to connect to W.X.Y.Z port 80 after 75006 ms: Couldn't connect to server

$ curl -svo /dev/null W.X.Y.Z:443
*   Trying W.X.Y.Z:443...
* connect to W.X.Y.Z port 443 failed: Operation timed out
* Failed to connect to W.X.Y.Z port 443 after 75005 ms: Couldn't connect to server

This looks like you may have configured things to only allow Cloudflare IPs to your webserver (which is fantastic), but we are trying to make the connection and nothing is being served back.

Possibilities:

  • Server DHCP IP changed, invalidating any port forward.
  • NGINX didn’t come back up properly.
  • Invalid NGINX Configuration file.
  • Hardware failure (LAN cable from router/switch to server, etc.)
  • Server firewall settings running in memory but not saved to re-implement at boot.
1 Like