Try the suggestions in this Community Tip to help you fix Error 522.
A 522 error happens when a TCP connection to the web server could not be established. This typically happens when Cloudflare requests to the origin (your webserver) get blocked. When this happens, you’ll see “Error 522: Connection timed out”.
Quick Fix Ideas
Make sure that you’re not blocking Cloudflare IPs in .htaccess, iptables, or your firewall.
Make sure your hosting provider isn’t rate limiting or blocking IP requests from the Cloudflare IPs and ask them to whitelist the IP addresses here: https://www.cloudflare.com/ips. If the IPs that fail are consistent each time, that indicates some of the IPs in Cloudflare’s IP ranges are either being rate-limited or blocked by a network device at your hosting provider. Because Cloudflare operates as a reverse proxy the IP address your server will see is one of a limited number of Cloudflare IPs. In that sense, many actual visitors may all come from the same IP address, which can cause firewalls or security software that is not appropriately whitelisting the Cloudflare IP ranges to block this traffic as it may see it as excessive or malicious
If you are seeing 522 errors in certain locations only, it means you likely forgot to whitelist one of our ranges that corresponds to these locations, so double check to ensure all our IPs are whitelisted appropriately.
Please reach out to your hosting provider or site administrator to confirm if there are any load problems on your infrastructure.
It may be there was a temporary problem on the path or at your origin preventing connections from completing. If they are no longer happening, here are two actions to take: a) Check with your hosting provider to see if they had any issues with packet loss or if your server was under load at the time the errors happened and b) Have your hosting provider or server administrator confirm that all Cloudflare IP ranges are fully whitelisted from any rate limits.
If your firewall is configured to DROP packets rather than refuse connections, it will cause a 521; meaning an incorrectly configured firewall can actually masquerade as a connection timeout 522 error.
If You Need More Help
This community of other Cloudflare users may be able to assist you, if not, login to Cloudflare and then contact Cloudflare Support. When you contact support, make sure to include as much of this information as possible: time stamped log files from your origin server, RayID, domain name, error messages, screen shots, and/or HAR file(s).
Expert Comments Appreciated
This Community Tip will remain open for input from Community experts and those familiar with this issue. We really appreciate comments that start with words like: “The three things I always try”, or “Do this first” or “In my experience”.