mlex Posted December 7, 2017 Share Posted December 7, 2017 (edited) Hi folks, got two questions: 1) Had a long-long discussion with CF support team about getting 522 error sometimes. At the end, it seems like there some connectivity issues with one of their IPs. From one of their answers:I have ran repeat TCP connection tests example location where we saw the errors and you can see there are some failures: : Connection to 65.19.143.6 80 port [tcp/http] succeeded! 65.19.143.6 true 162.158.93.70: Connection to 65.19.143.6 80 port [tcp/http] succeeded! 65.19.143.6 true 162.158.93.71: Connection to 65.19.143.6 80 port [tcp/http] succeeded! 65.19.143.6 true 162.158.93.72: Connection to 65.19.143.6 80 port [tcp/http] succeeded! 65.19.143.6 true 162.158.93.73: Connection to 65.19.143.6 80 port [tcp/http] succeeded! 65.19.143.6 false 162.158.93.74: nc: connect to 65.19.143.6 port 80 (tcp) timed out: Operation now in progress 65.19.143.6 true 162.158.93.69: Connection to 65.19.143.6 80 port [tcp/http] succeeded! 65.19.143.6 true 162.158.93.70: Connection to 65.19.143.6 80 port [tcp/http] succeeded! 65.19.143.6 true 162.158.93.71: Connection to 65.19.143.6 80 port [tcp/http] succeeded! 65.19.143.6 true 162.158.93.72: Connection to 65.19.143.6 80 port [tcp/http] succeeded! 65.19.143.6 true 162.158.93.73: Connection to 65.19.143.6 80 port [tcp/http] succeeded! 65.19.143.6 false 162.158.93.74: nc: connect to 65.19.143.6 port 80 (tcp) timed out: Operation now in progressWhat is interesting here is that the IPs that fail are consistent each time. For your reference here are the top IPs of ours that experienced these errors in the last 24H:cacheExternalIp count 162.158.93.74 2162.158.91.232 1162.158.92.123 1162.158.92.69 1This is a very clear indication that some of the IPs in Cloudflare's IP ranges are either being rate-limited or blocked by a network device at your hosting provider. Because CloudFlare operates as a reverse proxy the IP address your server will see is one of a limited number of CloudFlare IPs. In that sense, many actual visitors may all come from the same IP address, which can cause firewalls or security software that is not appropriately whitelisting the CloudFlare IP ranges to block this traffic as it may see it as excessive or malicious. We publish a full list of our IP ranges here so that you can whitelist:https://www.cloudflare.com/ips 2) I've installed Wordpress lately with softaculous to avoid chmoding folders/files by myself and it seems like everything is ok, but sometimes I'm experiencing some delays while wordpress is loading: Sometimes it just goes beyond this to extreme numbers with total delay of more than minute.Usually I get(should) this(cached-clear etc, of course): Is this issue related to database in general(overloaded sometimes etc) or/and is it related to several downtimes(tommy) past couple of days(http://heliohost.grd.net.pl/monitor/archive/?2017-12-04)? Edited December 7, 2017 by mlex Link to comment Share on other sites More sharing options...
wolstech Posted December 7, 2017 Share Posted December 7, 2017 but sometimes I'm experiencing some delays while wordpress is loading:This may be an Apache restart. Whenever anybody on the server modifies a domain, all the sites experience a 15-60 second period where they won't load/take forever to load. My site uses a fraction of the resources of WP and still sees these delays on occasion. Usually the duration is short enough that it just goes through anyway, but on rare occasion it times out first. This is probably the cause of the 522 errors, since the server will not respond to requests during this time. Is this issue related to database in general(overloaded sometimes etc) or/and is it related to several downtimes(tommy) past couple of days(http://heliohost.grd...ive/?2017-12-04)?Load spikes like that are usually users causing load or occasionally a DDoS hitting the server. These generally auto-remediate within minutes (it suspends the user or blocks the IP). A user did get suspended for high load on Tommy on the 4th, so a user overloading the server looks likely. 162.158.93.74This CloudFlare IP was blocked due to failed cPanel logins in Germany. Unblocked. I'll also escalate this to see if Krydos has additional comments and/or can whitelist the CF IPs. Link to comment Share on other sites More sharing options...
mlex Posted December 7, 2017 Author Share Posted December 7, 2017 Thanks wolstech. But just to make things clear: This is probably the cause of the 522 errors, since the server will not respond to requests during this time.It's probably was due the blocked IP of CF, not the 15-60 delay. Link to comment Share on other sites More sharing options...
Krydos Posted December 7, 2017 Share Posted December 7, 2017 162.158.91.232 was blocked due to failed cpanel logins as well. Unblocked. 162.158.92.69 was blocked due to failed cpanel logins as well. Unblocked. Link to comment Share on other sites More sharing options...
Recommended Posts