InMotion Hosting Support Center

Error 522 using CloudFlare


rely30
Asked:
2013-08-25 9:37 am EST

Hits: 8,346
I'm again experiencing the error 522 on my domain www.la-thailande-et-l-asie.com

It's still not clear to me if the problem is related to Cloudflare itself and so i should consider using it or nor, or is it from inmotion side ?

Thanks

You must login before you can ask a follow up question.

You must login before you can submit an answer.

According to their page : https://support.cloudflare.com/entries/23670002
It means the server (you) is overloaded, is that true ?
rely30
22 Points
2013-08-25 09:40 am EST
Did you ever figure out an answer to this? I'm having a similar problem. Mysterious 522 errors with javascript get queries.
davidp
6 Points
2015-01-17 10:58 pm EST

OTHER ANSWERS

0

John-Paul
Staff
31,633 Points
2013-08-26 10:37 am EST
Hello rely30,
Thank you for contacting us. I am not aware of any issues on the sever that houses your account. We are happy to help,but will need a little more information.

What problems are you experiencing with your website when the error 522 occurs?

Are you getting any errors on your actual website?

In a shared server setting, you are literally "sharing" the server's resources with other websites. This means there may be times when you are affected by another website, because it is running a script, or getting a rush of traffic.

Here is a helpful link to an article that explains the difference between Shared, VPS, and Dedicated servers.

Our System Admins monitor the servers 24/7 for accounts abusing the resources, so we can keep the sites functional.

If you have any further questions, feel free to post them below.
Thank you,

-John-Paul

You must login before you can post a comment about this answer.

Thank for your response, I basically know the bad sight of a share hosting, just wondering because it's happenning more often than before lately.

My website is also experiencing the 522 errors if I cannot access the admin page for the same reason.

I see that for VPS hosting you put "High-growth businesses & moderate web traffic.", to get a reference, what is a moderate traffic for you ?

Thanks
rely30
22 Points
2013-08-27 11:52 am EST
Hello rely30,

It is difficult to say how much traffic is too much, because it depends how your website is coded. We would have to monitor your site over a time-frame to get a good picture of how the site performs.

I did perform a GTMETRIX performance test, and your site got a 99%, and 100% score out of 100, which is the highest I have seen.

On a Pingdom Tools web speed test, it got 100 out of 100, which is really good.

It is also possible that cloudflare is having a connectivity problem getting to our servers.

Also, it may be better to contact live support next time this occurs, so they can check the server logs in real-time for issues, and attempt to replicate the problem.

If you have any further questions, feel free to post them below.
Thank you,

-John-Paul
John-Paul
31,633 Points
Staff
2013-08-27 12:25 pm EST
No offense but you did not check carefully, when you did perform the test the site was down (nothing related to my problem above, just because of wordpress update) the page was then very light 'cause blank...

It's actually78/100 with pingdom, 88% and 71% with GTMetrix.

However I don't know if it's related to this or not but I'm also facing very regularly now this problem :

"WordPress Login Temporarily Disabled We apologize for the inconvenience! You are seeing this message because your site has recently been targeted by attackers attempting to gain access to your WordPress Dashboard. In order to protect your site your WordPress Login page has been temporarily disabled. Unfortunately, you will be unable to login to the Dashboard until the block expires."

I already did what they advise to do about avoiding this problem but this start to be very annoying...

Any help would be greatly appreciated.

Thanks
Romain
rely30
22 Points
2013-08-28 12:30 am EST
Hello rely30,

Thank you for your comment. Performing a Pingdom tools test, or GTMETRIX test when wordpress is having problems is still beneficial, Plugin/Theme problems aside, it shows the site is being served quickly.

The Low grades you are referring to (actually78/100 with pingdom, 88% and 71% with GTMetrix), are due to the page coding, not anything server related.

The Disabled Wordpress login, means we had to block a brute force attempt to access your Wordpress Dashboard, here is a little more information:

A large botnet of around 90,000 compromised servers has been attempting to break into WordPress websites by continually trying to guess the username and password to get into the WordPress admin dashboard. This issue is not isolated to InMotion Hosting, and is currently affecting multiple providers.

You can wait 15 to log back in, but I recommend following our full article on this Wordpress Brute force issue, which will let you in immediately, and going forward.

If you have any further questions, feel free to post them below.
Thank you,

-John-Paul
John-Paul
31,633 Points
Staff
2013-08-28 12:11 pm EST
Hi John,

I did know the low rate is due to page coding don't worry, but I just learned you are still facing brute force attack.

I realized one of my mistake is I tend to not log out from my site... Reading the article shows that a lot of people are facing the same problem... Why these people are so annoying with their attack !!

I did mostly all the recommandations, my password is not that simple but ok probably I'll change it, also did the lock access via htaccess file, default username is changed already, google doesn't see any problem when I check safe browsing, I've already set Cloudflare, limit revisions and so on, still I got attacked... I know nothing is from your side it's just annoying...
rely30
22 Points
2013-09-02 12:32 am EST
Hello rely30,

Thank you for your comment. I definitely agree with your frustration, as it causes a lot of headaches for us too.

Wordpress is a popular target for hackers since millions of people use it for their websites. As long as you have taken those security measures, it should protect your site.

We are looking for better long-term solutions to this problem at this time, and will hopefully get it mitigated.

If you have any further questions, feel free to post them below.
Thank you,

-John-Paul
John-Paul
31,633 Points
Staff
2013-09-05 10:48 am EST
0

John-Paul
Staff
31,633 Points
2015-01-19 11:19 am EST
Hello davidp,

Thank you for contacting us about an Error 522 with CloudFlare. In this instance, I believe the error was caused by a brute force attempt on the users website.

If this is the case for you, our guide on Stopping brute force and spam attacks, can help you mitigate this issue on your site.

We can also provide specific guides based on your CMS, if you let us know what you are using. For example, are you using WordPress, Joomla, etc.

If you have any further questions, feel free to post them below.

Thank you,
John-Paul

You must login before you can post a comment about this answer.

Hi John-Paul,

I'm actually not an Inmotion subscriber - I was having this issue with Godaddy and left them because of the very same issue. I would be an Inmotion subscriber at this point if it weren't for this issue having occurred on your servers as well.

Here's the reason for this error that I've discovered and confirmed after days - yes, days of diagnosing and combing through raw access server logs, and then cloning the very same installations on others servers and seeing the issue immediately disappear. I've confirmed this reason, and if Godaddy had resolved it or if Inmotion took a different approach, I would have migrated my website to your servers. I still might, if you do one thing. But first, I'll explain the reason for the error, in case other readers happen to stumble upon this post.

A 522 error occurs when Cloudflare sends a GET query to your server (yours is the origin server) and doesn't receive a response back. There is a 15 second timeout after which the 522 error occurs. The reason this is happening is that one (or more) of Cloudflare's IP addresses has been blacklisted by your servers, presumably with iptables. What may have appeared as a brute force attack was probably a false positive, as Cloudflare itself is a top-notch security platform, and is endorsed by countless other hosts. It's an excellent, excellent solution.

Here's where Godaddy's server techs then said: "This is a Cloudflare issue. If we were blocking Cloudflare IPs, your whole site wouldn't load." This isn't true, and it stems from a misunderstanding about how Cloudflare works. Cloudflare uses a wide range of IP addresses to connect to an origin server, and all at once. I'll give an actual example of this that caused a 522 error. When you load the Wordpress editor in the backend, it loads over 10 javascript files all at once to load the different functions in the built-in TinyMCE editor (the toolbar that allows you to make fonts bold, lists, etc.). What would happen to me is that just one of these files would return the 522 error, and that caused weird errors on my site. Why did this occur with just one file? Each of these files are loaded simultaneously from different Cloudflare IP addresses - it's how it loads everything so fast. In your case, as well as with Godaddy, just one of these IP addresses has been blacklisted on your servers, and that's causing the problem.

"OK David, what you say sounds plausible, but I'm still doubtful." I've confirmed this issue in several ways. First I disabled Cloudflare entirely, and the problem resolved itself. OK - it works from my IP address, not Cloudflare's. Next, I reenabled Cloudflare, purged the cache, and opened the Wordpress editor again. The same problem occurred - but this time with a different file! The file that didn't load before now does without issue, but a different javascript file is experiencing the 522 error. The reason for this is that, once again, Cloudflare simultaneously loads the 10+ different javascript files using different IP addresses, and only one of those IP addresses has been blacklisted. The final way I've confirmed this issue is by migrating my websites to two separate hosting providers - one a Godaddy VPS where I had the ability to whitelist Cloudflare IPs and the second, a Mediatemple server. Immediately, the issues resolved. No blocked IPs = no errors.

There is a simple solution. Join the slew of other Cloudflare hosting providers and whitelist the Cloudflare IP set (https://www.cloudflare.com/ips). Done. The Godaddy technicians refused to do this, and so I left. If you did this, I would consider trying Inmotion, because I need a solid server that's quick for my websites. I would also ask, on behalf of your customers, that you take this request seriously, not only to save them hours and hours of frustration, but because it will cut down on your customer support. Do your due diligence on Cloudflare if need be, and whitelist their IP set. They're trustworthy and an excellent security platform. They routinely block attacks on my website, and that's saved me a number of times. They also take the load off of your servers as a top-notch free CDN, and fast websites make everyone happy.

John-Paul, I know this was not what you were expecting when you replied to this thread, but I wanted to make you and any other readers aware of the cause of this error. I wish you all the best and I hope this helps! Please let me know if you do whitelist the Cloudflare IPs on your end, because I'll sign up for an Inmotion account to see if you're as good as everybody says you are. Your customer service is top notch - I can tell that already.

All the best,
David P.
davidp
6 Points
2015-01-19 2:25 pm EST
Hello David,

Thanks for you explanation. I also discussed with the team (including John-Paul). Your explanation of the 522 error sounds feasible, though we are unable to verify it ourselves. As the majority of our clients will not necessarily use Cloudflare, there are modsecurity rules which are put in place to help us fight the brute force attack that has been affecting WordPress sites. This does not include the CloudFlare servers by default. You can however whitelist servers in the cPanel . Cloudflare is a third-party service, which is the reason that many hosting services will not directly endorse it (though they may recommend it).

I hope this helps to answer your question. If you have any further questions or comments, please let us know.

Kindest regards,
Arnel C.
Arn
42,973 Points
Staff
2015-01-19 3:33 pm EST
You just sold me. Godaddy doesn't allow people to whitelist IPs and you do. I'm signing up now.
davidp
6 Points
2015-01-19 3:38 pm EST
Like this Question?

Forum Login

You are NOT logged in. You can still browse our Support Center.

To participate within our Community Support Forum:

Need more Help?

Ask the Community!

Get help with your questions from our community of like-minded hosting users and InMotion Hosting Staff.

Current Customers

Chat: Click to Chat Now E-mail: support@InMotionHosting.com
Call: 888-321-HOST (4678) Ticket: Submit a Support Ticket

Not a Customer?

Get web hosting from a company that is here to help. Sign up today!