Connection Timed Out 522 Error out of the blue!

What is the name of the domain?

www.gkauthentic.com

What is the error number?

522

What is the error message?

Connection timed out Error code 522

What is the issue you’re encountering

The initial connection between Cloudflare’s network and the origin web server timed out. As a result, the web page can not be displayed.

What steps have you taken to resolve the issue?

Spoke with my hosting provider, verified the server is up and serving pages when CF is bypassed. Verified that the hosting provider is not blackisting CF IP’s in WAF or my server configuration.

I was advised by my hosting provider to remove the DNSSEC configuration from my DNS zone, Purge all CF Cache, Purge Browser cache and try loading the site again. The outcome was the same.

I have done zero configuration changes to my CF tenant for well over a year, I’m currently at a loss, given my provider is pointing the finger at CF.

What are the steps to reproduce the issue?

Attempt to load any page @ https://gkauthentic.com

Screenshot of the error

You seem to have incorrect IP addresses configured on Cloudflare.

Can you answer the following questions?

  • Which nameservers are assigned to your domain in your Cloudflare account?
  • What’s your encryption mode on Cloudflare?
  • Did you verify the configured IP addresses match your host’s?

Hi Sandro,

thanks for the reply. I have been working on migrating my DNS Zone to the hosting provider and also updating/matching the configuration in my registrar. If you are checking this now, I expect you to be seeing a different result. My priority is to get the site up and running so the CDN is being paused and everything including SSL certs is being moved to the Hosting provider.

To answer your questions, relating to “before” the aforementioned activities.

NS used to = vera and will (CF).
SSL used to be full-strict (CF)
IP’s+DNS configuration has not changed in over 2 years, before today.

Hence my confusion.

P.S. I’m currently waiting for NS changes to propagate, so I can start verifying where I stand. I appreciate this doesn’t help CF troubleshooting, but needs a must.

Regards

All right, nameservers and encryption mode are set correctly. But right now you don’t have any DNS entries on Cloudflare at all any more. You need to make sure they are correctly configured and then change nameservers at your registrar.

Ohh. Do you mean I should have left CF enabled until NS propagation/change occurs before disabling the CF end?

I would have thought that if my registrar’s DNS zone and NS servers are correctly configured, queries will go there and CF side will be a ghost temporarily. Unless Im missing something.

No, all the required DNS entries need to be configured on Cloudflare first.

Ok. I don’t understand why the reliance on the CF DNS entries. Once the NS’s have been reconfigured, surely they become the authoritative endpoints for DNS queries.

If you are talking about your host’s nameservers, then yes, sure. Once you set them, whatever is configured there will take effect, however Cloudflare won’t be involved. Otherwise, you need to make sure that Cloudflare is properly set up.

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.