• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Resolved 502 bad gateway error on all domains

i did

sudo /usr/local/psa/admin/bin/nginxmng --disable
sudo /usr/local/psa/admin/bin/nginxmng --enable
sudo /usr/local/psa/admin/bin/nginxmng --status
sudo /usr/local/psa/admin/sbin/httpdmng --reconfigure-all

Nothing was fixed
 
Try this :

Code:
/etc/init.d/apache2 restart
/usr/local/psa/admin/bin/nginxmng --disable
/usr/local/psa/admin/bin/nginxmng --enable
/usr/local/psa/admin/bin/nginxmng --status
/usr/local/psa/admin/sbin/httpdmng --reconfigure-all

I didn't add sudo at start of commands as you're supposed to be root when doing that.
Command with --status option is just here to check if NGINX is well started.

If it don't work reboot server with command "reboot -n" then do it again.

If it still don't work check your NGINX error log and report here please.
 
Try this :

Code:
/etc/init.d/apache2 restart
/usr/local/psa/admin/bin/nginxmng --disable
/usr/local/psa/admin/bin/nginxmng --enable
/usr/local/psa/admin/bin/nginxmng --status
/usr/local/psa/admin/sbin/httpdmng --reconfigure-all

I didn't add sudo at start of commands as you're supposed to be root when doing that.
Command with --status option is just here to check if NGINX is well started.

If it don't work reboot server with command "reboot -n" then do it again.

If it still don't work check your NGINX error log and report here please.

The 504 error still returns, i have moved 4 of the sites to shared hosting on namecheap leaving just 3 or 4 on my server
 
Fail2ban is for another problem : Hack attempt and IP banning.
In your case 504 mean time-out ...
It seems NGINX can't contact Apache or can't contact fast enough.

You have to look at your log.
Log location depend on your server OS but usually it is /var/log/nginx
 
Fail2ban is for another problem : Hack attempt and IP banning.
In your case 504 mean time-out ...
It seems NGINX can't contact Apache or can't contact fast enough.

You have to look at your log.
Log location depend on your server OS but usually it is /var/log/nginx

if it starts again in this new server
 
Fail2ban is for another problem : Hack attempt and IP banning.
In your case 504 mean time-out ...
It seems NGINX can't contact Apache or can't contact fast enough.

You have to look at your log.
Log location depend on your server OS but usually it is /var/log/nginx

did all i found from the sites log is upstream error, connection error
 
Please keep in mind, that the cause of an issue/problem/error will vary, because of individual ( domain/subdomain ) configuration(s) and modification(s) on your server. There is no "general fix" for 502 errors ( Bad gateway )!!!


To help you to investigate your issue(s)/problem(s)/error(s), please INCLUDE depending entries from your log - files ( these locations and log-names can vary on your system, but they will all exist, if the corresponding service(s) is(are) installed! ):

  • General webserver - error - logs:
/var/log/apache2/error.log or /var/log/httpd/error.log
/var/log/nginx/error.log
  • General PHP - version error - logs:
/var/log/php_errors.log
/var/log/plesk-php54-fpm
/error.log
/var/log/plesk-php55-fpm
/error.log
/var/log/plesk-php56-fpm
/error.log
/var/log/plesk-php70-fpm
/error.log
  • Domain - specific logs:
/var/www/vhosts/system/(SUB.)DOMAIN.COM/logs/
error_log ( apache2 )
proxy_error_log ( nginx )​


The more information(s) you provide ( operating system, webserver - configuration ( incl. modules ), domain-specific PHP - handler in use, log - entries, etc. ), the better will be any help and/or suggestion to solve your issue(s).
If you don't provide enough information(s), people willing to help you are not able to investigate your issue(s)/problem(s)/error(s).



If you are interested in all Plesk - related services, corresponding log - files and general commands for these services, please visit and bookmark:

 
Please keep in mind, that the cause of an issue/problem/error will vary, because of individual ( domain/subdomain ) configuration(s) and modification(s) on your server. There is no "general fix" for 502 errors ( Bad gateway )!!!


To help you to investigate your issue(s)/problem(s)/error(s), please INCLUDE depending entries from your log - files ( these locations and log-names can vary on your system, but they will all exist, if the corresponding service(s) is(are) installed! ):

  • General webserver - error - logs:
/var/log/apache2/error.log or /var/log/httpd/error.log
/var/log/nginx/error.log
  • General PHP - version error - logs:
/var/log/php_errors.log
/var/log/plesk-php54-fpm
/error.log
/var/log/plesk-php55-fpm
/error.log
/var/log/plesk-php56-fpm
/error.log
/var/log/plesk-php70-fpm
/error.log
  • Domain - specific logs:
/var/www/vhosts/system/(SUB.)DOMAIN.COM/logs/
error_log ( apache2 )
proxy_error_log ( nginx )​


The more information(s) you provide ( operating system, webserver - configuration ( incl. modules ), domain-specific PHP - handler in use, log - entries, etc. ), the better will be any help and/or suggestion to solve your issue(s).
If you don't provide enough information(s), people willing to help you are not able to investigate your issue(s)/problem(s)/error(s).



If you are interested in all Plesk - related services, corresponding log - files and general commands for these services, please visit and bookmark:


If it starts again, because i have moved 4 sites to Namecheap leaving just 2 wp and one piwik on the server
 
I just setup a new 12.5 server on CentOS 7 and have been getting some 502 Bad Gateway errors once in a while. Logs show errors like this: connect() failed (111: Connection refused) while connecting to upstream
I found restarting my CSF Firewall fixes the issue. I'm not sure why that is an issue at this point but if it becomes an issue I'll probably end up disabling it.
 
@jtroher

You stated

I found restarting my CSF Firewall fixes the issue.

and I am a little bit suprised.

In theory, CSF can be used, that should not give a problem.

However, CSF contains a "mechanism" called LFD that performs tasks, similar to the tasks performed by Fail2Ban: just scanning logs and creating firewall rules (with iptables).

For that reason, it can be a bad choice to have Fail2Ban AND CSF activated/installed: two similar tools are doing the same thing, using considerable resources for

a) log scanning (resource usage: memory, disk reads and database/disk writes)

b) creating (iptables based) firewall rules (resource usage: memory primarily. potential problems: double entries in the firewall, making the system inefficient and underperforming)

and I can hence recommend that you choose one of Fail2Ban and CSF (not both).

In general, the combination of Fail2Ban and CSF would not be a major problem, but under

- high traffic volumes
- attacks (of all kinds)
- heavy memory loads (due to other processes, such as Apache, backups and so on)

the combination can break the system, certainly if you are running a relatively small server.

In short, it is better to choose between Fail2Ban or CSF.

Finally, note that your 502 errors are not very likely to be related to (only) CSF: often some additional causes can be identified.

Can you provide some additional information, like some output from the logs?

Also note that you try to deactivate CSF and just have a look at what happens, i.e. whether the 502 errors are returning.

The latter is a good thing to do, since that enables us to have a proper look at the actual root cause of the problem: if CSF deactivated and the 502 errors dissolve, it was CSF.

Otherwise, we have a "clean slate" to investigate the problem, without any interference of CSF.

Anyway, hope the above helps.

Regards.......
 
trialotto

My issues may not necessarily be related to CSF but going by the Connection Refused error that's what I looked at and restarting it worked. It's only happened a couple times so far and I don't have much on that server yet so it's not a huge deal right now. I'll keep monitoring it though and I'll disable the CSF if it looks to be causing issues or conflicts with Fail2Ban. Thanks for the info
 
@jtroher,

I suggest that you have a look at the error.log (in the apache directory of /var/log) and the fail2ban.log (in /var/log) files, it can be rather informative.

Regards...
 
Back
Top