Cloudflare 522 (Connection Timed Out)
HTTP 522 is a Cloudflare-specific status, not part of the IANA/RFC standards. Cloudflare returns 522 when the TCP connection to the origin timed out before it could be established — Cloudflare reached out but the origin did not complete the handshake in time. It usually reflects an overloaded origin, network/routing problems, or a firewall silently dropping packets.
What 522 means (Cloudflare-specific)
522 belongs to Cloudflare's 52x range and is not an IANA-registered status. Cloudflare documents it as 'Connection timed out': the edge initiated a TCP connection to the origin, but the origin did not respond within Cloudflare's timeout window, so the handshake never completed.
It differs from 521 (connection actively refused) and 524 (connection made but the response took too long). 522 is specifically about the initial connection silently not completing in time.
Common causes and diagnosis
Typical contributors are an origin that is overloaded and cannot accept new connections promptly, network or routing problems between Cloudflare and the origin, or a firewall that drops packets without replying — which looks like a timeout rather than a refusal.
To diagnose, check origin CPU and connection limits during the 522s, confirm the origin accepts connections from Cloudflare's IP ranges without silently dropping them, and review any intermediate network devices. Resolving load or firewall-drop issues typically clears the timeouts.
- Cloudflare-specific, not an IANA/RFC status
- Means the edge-to-origin connection timed out at setup
- Causes: overloaded origin, routing issues, packets dropped
How it appears in analytics and logs
A 522 means Cloudflare's connection to the origin timed out during setup. The request never reached a responsive server. To crawlers it is a 5xx-style failure, so affected URLs are not indexed while it persists.
Diagnostic use case
Diagnose 522 by checking origin load, routing, and firewall rules that may silently drop Cloudflare's connection attempts before the handshake completes.
What WebmasterID can help detect
WebmasterID surfaces the status codes crawlers receive at the edge, helping you catch Cloudflare 522 timeouts that indicate an overloaded or unreachable origin.
Common mistakes
- Confusing 522 (connection timeout) with 521 (refused) or 524 (response timeout).
- Overlooking a firewall that silently drops Cloudflare packets, mimicking a timeout.
- Treating 522 as a standard HTTP code — it is Cloudflare-specific.
Privacy and accuracy notes
A 522 is an edge-to-origin timing status with no personal data. WebmasterID records the status without linking it to a visitor identity.
Related pages
- Cloudflare 521 (Web Server Is Down)
HTTP 521 is a Cloudflare-specific status, not an IANA/RFC standard. Cloudflare returns 521 when it cannot establish a TCP connection to the origin — the origin actively refused the connection or is down. A frequent cause is the origin firewall blocking Cloudflare's IP ranges, or the web server process being stopped. It points squarely at origin reachability.
- Cloudflare 524 (A Timeout Occurred)
HTTP 524 is a Cloudflare-specific status, not an IANA/RFC standard. Cloudflare returns 524 when it successfully connected to the origin but the origin did not return an HTTP response within Cloudflare's time limit. Unlike 522 (the connection itself timed out), 524 means the connection succeeded but the response was too slow — typically a long-running request on the origin.
- HTTP 504 Gateway Timeout
504 Gateway Timeout means a server acting as a gateway or proxy did not receive a timely response from the upstream server it needed to reach. Unlike 502 (an invalid upstream response), 504 is specifically about the upstream being too slow or unreachable. Persistent 504s degrade crawl health much like sustained 5xx errors.
- Website observability
Spot edge-to-origin connection timeouts crawlers hit, recorded server-side.
Sources and verification notes
- Cloudflare — Troubleshooting Cloudflare 5XX errors (522)Cloudflare-specific code; not in the IANA HTTP status registry.
Last reviewed 2026-06-24. Facts are checked against primary/official sources where available; uncertain specifics are marked “Data not yet verified” rather than guessed.