Error 522 connection timed out occurs when a network cannot connect to a web server.
There are several leading causes for this 522 connection timed out error, including:
- The web server is overloaded to respond to requests.
- The web server has a firewall blocking your request.
- The web server is offline, or the assigned IP address has incorrect DNS settings.
- There is a network routing problem between the network you are using and the webserver of a website.
- The server has keepalives disabled.
In all these cases, it’s essential to ensure that the webserver is up and accepting requests from HTTP before you go any further and that your DNS settings are correctly configured. If you have followed the repair steps below:
What you need to do if the webserver is overloaded
Make sure the server is not overloaded. If so, it could cause error 522 to appear. In general, a good thing to check is the load average. On Linux/Unix, you can check this by running the ‘w’ command on the command line or by checking using the ‘top’ command. What is meant by a high load based on a load rating may vary depending on the computer and the software it runs on, but generally, a load average of 10-20 or more can mean that the server is overloaded. It’s a good idea to contact your Webhosting or system administrator about this if you’re unsure how to fix it.
A network with a firewall (or rate-limiter) blocking our request Resulting in error 522 On Cloudflare Service
In this case, I use the Cloudflare service.
This is the most common cause of error 522. Important things to check are:
- Ensure you’re not blocking the Cloudflare IP in your .htaccess, iptables, or firewall.
- Ensure your hosting provider does not restrict or block IP requests from Cloudflare IPs and have them enter the IP address mentioned at http://www.cloudflare.com/ips address.
When traffic flows through Cloudflare on a website, it will initially see requests coming from Cloudflare itself. Most requests for websites through Cloudflare will come up with just a few IP addresses. Because of this, it can often trigger firewalls and IP rate-limiters to block requests from us, thinking the site is under attack. CPHulk (which comes with cPanel) and other services have been known. To work around this, make sure the IP addresses mentioned here are allowed or disable them.
There is a network routing issue between Cloudflare and your web server.
It is more difficult to solve than other causes, and it is best to make sure other potential causes have been ruled out before examining this. If you believe this is the cause, I recommend creating a ticket to Cloudflare.
Disable keepalives fitur
Cloudflare uses the Keepalive header to improve performance. Disabling it will cause the connection to fail and cause error 522 in some situations. This feature is enabled by default on the web server, so disable this feature.
From some of the cases above, what triggers this 522 error?
The error response 522 appears when Cloudflare cannot establish a TCP connection to the website’s origin server.
When someone visits a Cloudflare-enabled website, a connection is established between Cloudflare and the website’s origin server. To establish a relationship, TCP uses three directions.
- SYN: Cloudflare sends three SYN packets to the origin server.
- SYN + ACK: The origin server replies with an SYN + ACK in response.
- ACK: Finally, Cloudflare sends an ACK back to the origin server.
At this point, Cloudflare and the origin server have received an acknowledgment of the connection and communication. If the origin server does not send an SYN + ACK back to Cloudflare within 15 seconds, an error 522 will occur, and the connection will be closed.
The following diagram illustrates a successful Cloudflare TCP handshake: