Why Cloudflare gives error 522 to my NodeJS app

Last week I started to make use of Cloudflare for my DNS on a few of my domains, including my Dynamic DNS. When I wanted to start using HTTPS on the NodeJS app I hosted at home though, I ran into error 522.

To diagnose the actual error code (as Cloudflare just showed you their standard error page), I used the following command:

curl -svo /dev/null my.domain.com

Which identified the error to be 522, to me. Originally, I was confused about this error, as when I turned off HTTPS on Cloudflare, I could access my app via port 443.

After digging further into the issue, I was getting nowhere and decided to try something out of pure curiosity. I decided to make my NodeJS application accept requests from both ports 80 and 443. I did not want to support non-SSL, but I decided to try this anyway. I made the change, I waited 10 minutes to make sure it went through, I tried again, and like magic it was working! I spoke to one of their technical support staff who later revealed to me (not mentioned in their documentation), that their service will send SYN commands to your domain and await a SYN-ACK in response. This all happens on port 80, and upon receiving those, it will open up the SSL traffic, and redirect all traffic via port 443!

If I was actually using nginx or some web server, rather than self hosted, it would have handled this all for me, but since my app was a simple Slack bot, I did not want to install the world on my box at home. The problem is now solved, and I learned something new.

My hope is that anybody else doing self hosted NodeJS (or anything else) at home will benefit from this post, and not waste an entire day looking into the issue as I did!

Cloudflare Dynamic DNS

I use Cloudflare for the DNS on my domain, which lends me a number of useful features, incuding SSL. I wanted one sub-domain to work as a Dynamic DNS for my computer at home, so I wrote a script to do exactly that.

Cloudflare Dynamic DNS is a NodeJS script which when started will keep on running and at 9am every day it will check your public IP and update your sub-domain on Cloudflare accordingly.

It’s a really simple script, but since I use it and find it useful, perhaps somebody else will find it useful. I don’t normally bother with licenses but am aware that some people are skeptical about using software which does not have a license, so I added the MIT license.


Finding MSBuild with Windows Batch files

Lately I have been doing less and less C-Sharp code, and the times I do have to dive in, I try to use CAKE or another some similar system for my build scripts. However my current client has a personal preference of using Windows batch files, which is fine until it looks for a version of MSBuild that I do not have installed!

An example of how existing script files may look would been

@echo off "C:\Program Files (x86)\MSBuild\12.0\Bin\MSBuild.exe" SampleProject.msbuild

Now if I had MSBuild 12.0 installed, that would not be a problem, however I have version 14.0, so I have started changing the scripts to look a bit like this

set msbuild.exe=
for /D %%D in (%SYSTEMROOT%\Microsoft.NET\Framework\v4*) do set msbuild.exe=%%D\MSBuild.exe

if not defined msbuild.exe each error: can't find MSBuild.exe & goto :eof
if not exist "%msbuild.exe%" echo error: %msbuild.exe%: not found &goto :eof

@echo %msbuild.exe% SampleProject.msbuild


I came across the code for this on StackOverflow.

Yesterday I discovered an app for iOS which allowed me to write my Jekyll blog posts.

The app is called Octopage. It is far from perfect when it comes to actually typing the content of the blog posts, but it allows me to create offline drafts, handles all of my customized headers, and just works. I hope the developer will spend more time on polishing up this app, as it is great for when I am not near a computer and have some ideas I want to share.

I made this blog post with the app, as proof of it working!

Today I was playing around with some code, and I was thinking that it would be really nice to hide some admin modules from public access without creating user access security.

So since I was using NancyFx, I decided to create a bit of code to achieve this, and here it is.

        public static void EnsureLocalOnly(this NancyModule module)
#if (!DEBUG)
            module.Before.AddItemToEndOfPipeline(c => !c.Request.IsLocal() ? new Response {StatusCode = HttpStatusCode.NotFound} : null);

The wrapping if statement is simply to only perform this check on release builds of the code (Production builds), leaving me to experiment as much as I please on my development box. This is completely optional, and you are of course welcome to change/modify it as much as you would like to.

Here is an example of how to use the code.

public class AdminModule : NancyModule
    public AdminModule() : base("/admin")

        Get["/"] = _ => "Only localhost can see this";

        Post["/{name}"] = _ => $"Welcome to localhost, {_.name}"; 

Another way the code could be used would be.

public class SimpleModule : NancyModule
    public SimpleModule()
        Get["/"] = _ => "Public can see this";

        Get["/local"] = _ => {
            return "Only localhost can see this";