Random 522 Messages

Good afternoon.

I have been fighting random 522 errors for Cloudflare for several weeks recently for the website app.sycamoreschool.com. This originally started in February. I have had the site owners check with Cloudflare and they have walked through all the steps under the 522 header in the help section. I have also done the same with my provider. The only thing we can point to is something on our network causing the issue. If we use an outside network, there is no issue

Unfortunately, I have been unable to resolve what that can be as we can get to everything else on the internet (including other Cloudflare related sites), and it is a totally random experience for my users. (ie, one person works perfectly fine all day, while another is down all day. One person experiences the issue in the morning while another experiences it in the afternoon).

I have run virus checks on the computer in question as well as the sole server we have on site. I have rebooted the network and local firewall. The only change we have made that helped for about two weeks was when we upgraded our network from a 100 meg to 200 meg connection. That required a network hardware upgrade and the site worked after this (for about 2 to 3 weeks). I think it may have been a week or two previous that it started giving me 522 errors again.

Granted, the systems we have in place have been here for more than five years and we have been using Sycamore Schools for all that time. Nothing has been changed code-wise in either the network or server before this issue began (I was in quarantine when the issue originally started, and I am the only one who has access to the network)… It is both random how often and how quickly it comes and goes. All my trace routes have shown decent times and traffic, and I never seem to have an issue pinging the server IP address even when having issues. My bandwidth is not being throttled and this happens regardless of the day or number of people on at the time. It is just completely random.

Oh yeah, and we are the only school in their entire system reporting this issue.

I am currently working with my network provider to get a network connection outside of my firewall as one last test. Has anyone experienced an issue like this in the past?

I’m guessing it’s dropping some people’s connections. This maybe a result of high traffic, which can cause the 522: Connection Timed Out error, check your traffic rate and the times of the 522 errors, if there is a high amount of traffic when the 522 error occurs, then that maybe the cause as your web server is overloaded. Otherwise look below for troubleshooting steps.

Error 522: connection timed out

Error 522 occurs when Cloudflare times out contacting the origin web server. Two different timeouts cause HTTP error 522 depending on when they occur between Cloudflare and the origin web server:

  1. Before a connection is established, the origin web server does not return a SYN+ACK to Cloudflare within 15 seconds of Cloudflare sending a SYN.
  2. After a connection is established, the origin web server doesn’t acknowledge (ACK) Cloudflare’s resource request within 90 seconds.

An HTTP 524 error occurs if the origin web server acknowledges ( ACK ) the resource request after the connection has been established, but does not send a timely response.


Contact your hosting provider to check the following common causes at your origin web server:

  • (Most common cause) Cloudflare IP addresses are rate limited or blocked in .htaccess, iptables, or firewalls. Confirm your hosting provider allows Cloudflare IP addresses.
  • An overloaded or offline origin web server drops incoming requests.
  • Keepalives are disabled at the origin web server.
  • The origin IP address in your Cloudflare DNS app does not match the IP address currently provisioned to your origin web server by your hosting provider.
  • Packets were dropped at your origin web server.

If none of the above leads to a resolution, request the following information from your hosting provider or site administrator before contacting Cloudflare support:

  • An MTR or traceroute from your origin web server to a Cloudflare IP address that most commonly connected to your origin web server before the issue occurred. Identify a connecting Cloudflare IP recorded in the origin web server logs.
  • Details from the hosting provider’s investigation such as pertinent logs or conversations with the hosting provider.

Yep. Have stepped through that whole document multiple times. I will say that we’ve found a culprit that Sycamore is trying to work through with Cloudflare. There are two DNS entry points for the website. It appears our issue extends with a connection to one of the two entry points. When we connect to the 172.x.x.x entry, we have issues. The 104.x.x.x entry point works fine. All hops in the trace route are the same except the entry point into the server itself.

My IP did a good bit of testing over the weekend to see what was going on. Now I need to either find a way for my firewall to refuse the 172 entry in favor of the 104 entry, or wait for Sycamore to see if Cloudflare can route us to the 104 exclusively.

Thanks for the help so far. I’m hoping to report on an exact resolution soon.

Are you getting the error or not?

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.