Trying to understand a 522 error

My site www.robertstan.be was working perfectly until a week or so ago. Now I keep getting 522 errors.
I am using Cloudflare as DNS but the hosting is done using nginx on a Odroid SBC behind my router using port forwarding…
I looked at the community tips for it but i have no rate limiting that i can see on nginx. no iptables rules that block Cloudflare ips. i can ping my site and it will respond below 25 ms using wifi but i always get error 522 when I try to connect. I fail to understand what can suddenly cause this and I would be very happy if anyone was able to give some additional explanation on how this works so I can understand this issue.

Thanks in advance!!

Does the site work when Cloudflare is paused?

Hi, thanks for responding. I’ll give it a try. Does pausing Cloudflare only disable the reverse proxy or also the DNS? because i use Cloudflare as dns as well. I’m trying to understand the things that i’m doing instead of just flipping switches so if you have the time to elaborate, i’d be very grateful.

Update: the site works now but it seems like some of my css isnt getting applied properly since the fonts are all wrong lol.

Pausing only skips the proxy and connects directly.

However, it does not seem as if your site worked now → sitemeer.com/#https://robertstan.be

That explains why Cloudflare throws a 522. You need to make sure Cloudflare can connect to your machine.

Weird, on my laptop i am able to connect but that might be because of the home network. Weirdly enough all the components of the connection seem to be working though. Otherwise pinging my site should not have worked, or am I wrong on that?

That may be because you are on your network.

I’d suggest to keep Cloudflare paused for now, fix your firewall or server configuration to let Cloudflare connect, check that with Sitemeer, and once Sitemeer shows a working connection, you can unpause Cloudflare.

Just make sure that your encryption mode is on Full Strict as well.

Full Strict and SSL was already set up. I’m just a bit confused at to what settings I need to change since this config was working perfectly last week.

Perfect, in that case you just need to fix the network settings. As long as your setup does not allow Cloudflare connections, it won’t work.

it seems that Sitemeer does give a green light when i use http in the address instead of https. Does that have to do with the fact that my SSL is tied up with Cloudflare and now that is paused?

That suggests your port 80 configuration is working, but port 443 is not.

Hmm, ok, it doesn’t seem like anything has changed, either on port forwarding or on my nginx config… ssl certificate on the server is also still valid, as is the origin cert on Cloudflare. What else should I check for?
Also, thanks for your help so far, really appreciate it!

Maybe your ISP blocked port 443. Impossible to tell, I am afraid. You could check out Tunnel instead, that would let your service connect to Cloudflare.

can’t check right now, seems like their system is under maintenance till tomorrow. do you have a link for Tunnel? i obviously get a bunch of unrelated results if i google this.

https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/

ok, i’ll look into it!!

i havent tried Tunnel yet but out of curiosity i completely removed my site from Cloudflare and went back to the original dns (GoDaddy default) and now my site was accessible.

The site is still using Cloudflare.

seems like it doesnt since i had “under Attack” mode active and it does not show the prompt any longer before giving the error.
Why do you think it’s still using Cloudflare when everything is removed, nameservers have been changed and the dns records have propagated the changes? I did not register my domain using Cloudflare, if that is what you mean.

Because you haven’t changed the nameservers :wink:

Sitemeer will also still show the Cloudflare servers.