HTTP 522 Cloudflare — Connection Timed Out to Origin

Cloudflare error 522 means Cloudflare could not establish a TCP connection to the origin web server within the timeout period. This guide covers everything you need to know about this topic, including common causes, step-by-step solutions, and answers to frequently asked questions.

Here are the key things to understand: 522 is a Cloudflare-specific status code. Cloudflare could not reach the origin server at all (TCP level failure). Different from 524 where the connection succeeds but the response takes too long. The origin server may be down, overloaded, or blocking Cloudflare IPs. Cloudflare waits 15 seconds for a TCP connection before returning 522. Understanding these fundamentals will help you diagnose and resolve this issue more effectively.

The most common reasons this occurs include: Origin server is completely down or unresponsive. Origin server firewall blocking Cloudflare IP addresses. Origin server CPU/RAM overloaded and unable to accept new connections. Incorrect origin IP configured in Cloudflare DNS settings. Hosting provider network issue preventing inbound connections. Identifying the root cause is the first step toward finding the right solution.

To resolve this, follow these recommended steps: Verify the origin server is running: SSH in and check web server status. Whitelist Cloudflare IP ranges on origin firewall: download from cloudflare.com/ips. Check origin server resource usage: top, htop, or hosting control panel. Verify the origin IP in Cloudflare DNS settings matches your actual server IP. Contact hosting provider if the server appears up but Cloudflare cannot reach it. If these steps do not resolve the issue, consider consulting additional resources or a qualified professional.

This article is part of our HTTP Status Codes collection on Error Codes Wiki. We provide comprehensive, up-to-date information to help you find solutions quickly.