Googlebot smartphone HTTP 522

General
12

Ok, I was able to reproduce the 522 by sending a cURL request to your site using a googlebot agent:

> GET /es/ HTTP/2
> Host: cucutoys.es
> Accept: */*
> User-Agent: AdsBot-Google (+http://www.google.com/adsbot.html)
>
{ [5 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [238 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [238 bytes data]
* old SSL session ID is stale, removing
{ [5 bytes data]
* Connection state changed (MAX_CONCURRENT_STREAMS == 256)!
} [5 bytes data]
< HTTP/2 522
< date: Mon, 22 Mar 2021 15:37:52 GMT

I was also able to reproduce without the googlebot user-agent:

> GET /es/ HTTP/2
> Host: cucutoys.es
> Accept: */*
> User-Agent: 
>
{ [5 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [238 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [238 bytes data]
* old SSL session ID is stale, removing
{ [5 bytes data]
* Connection state changed (MAX_CONCURRENT_STREAMS == 256)!
} [5 bytes data]
< HTTP/2 522
< date: Mon, 22 Mar 2021 15:47:01 GMT

So, this doesn’t necessarily seem to be due to a user-agent related issue.

We know that a 522 can occur with the following:

  1. Before a connection is established, the origin web server does not return a SYN+ACK to Cloudflare within 15 seconds of Cloudflare sending a SYN.
  2. After a connection is established, the origin web server doesn’t acknowledge (ACK) Cloudflare’s resource request within 90 seconds.

You’ll want to check the following common causes at your origin web server:

  • (Most common cause) Cloudflare IP addresses are rate limited or blocked in .htaccess, iptables, or firewalls. Confirm your hosting provider allows Cloudflare IP addresses.
  • An overloaded or offline origin web server drops incoming requests.
  • Keepalives are disabled at the origin web server.
  • The origin IP address in your Cloudflare DNS app does not match the IP address currently provisioned to your origin web server by your hosting provider.
  • Packets were dropped at your origin web server.

The issue seems intermittent, and this wouldn’t be caused by a Firewall config from your Cloudflare Dashboard. Either a hop down the path to your origin if dropping packets, or your origin is causing this error.

I’d double-check with the hosting provider to ensure that there are no additional configurations in place that would cause packets to drop or requests to be rate-limited for Cloudflare IPs.