• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Resolved 502 Bad Gateway nginx : How to solve?

P

PeterK900

Basic Pleskian
I have encountered this problem 502 Bad Gateway nginx for all sites on the server. Everything was working fine one evening, the following morning no site (3) was accessible. No server changes had been made. Everything else works, ftp and Plesk.

I have looked at two possible solutions from this forum - Apache may have stopped - It hadn't.
I have run plesk repair web <domainname> to sort any Domain misconfiguration. Script runs with no errors but the problem still exists.

What else can I do to sort this problem? The server is unmanaged and the hosting company isn't providing any help.

Thanks.
 
The 502 means that nginx is not able to communicate with Apache. This is almost always caused by Apache not running. Are you on Debian/Ubuntu or Redhat/CentOS? Please post the output of this command:

Debian/Ubuntu:
# service apache2 status

Redhat/CentOS:
# service httpd status

If Apache IS running and does not show any errors, it is possible that your local IP address (the IP address of your server) has been blacklisted by Fail2Ban. Please check the blocked ip list in Tools & Settings > IP Address Banning. If it is blocked, remove it from the ban list and add your server's IP to Fail2Ban's "Trusted IP Addresses".
 
Peter Debik said:
The 502 means that nginx is not able to communicate with Apache. This is almost always caused by Apache not running. Are you on Debian/Ubuntu or Redhat/CentOS? Please post the output of this command:

Debian/Ubuntu:
# service apache2 status

Redhat/CentOS:
# service httpd status

If Apache IS running and does not show any errors, it is possible that your local IP address (the IP address of your server) has been blacklisted by Fail2Ban. Please check the blocked ip list in Tools & Settings > IP Address Banning. If it is blocked, remove it from the ban list and add your server's IP to Fail2Ban's "Trusted IP Addresses".
Click to expand...

Absolutely fantastic....

The server address is listed under IP Address banning Used Jail : plesk-apache-badbot

and removing it brings everything back. Thank you so much.

Can you throw any light on how this could have happened? I can see why a third party banning service might list the server if it had been doing something naughty ( which this server hasn't) - but why should the server do it to itself? Does this suggest a hack? Or a hosting issue? Is it going to happen again and should I de-activate IP address banning?

Thanks Peter for your prompt help so far. If you can give any pointers on these last questions then I'd be very grateful.
 
From Apache's perspective, a high number of requests coming from the same system over and over again is an attack. That system of course is the Nginx reverse proxy, but Fail2Ban does not know that. It is correct that by default this can trigger a badbot jail, bad bots are doing exactly the same: The hammer the web server with stupid requests that cause a lot of load and have no use. For that reason, your local IP address(es) need to be on the "Trusted IPs" list of the Fail2Ban component, so that Nginx does not trigger the jail with all the requests it forwards to Apache.

In new Obisidian installations Plesk addes the local IP to the whitelist automatically.
 
Peter Debik said:
From Apache's perspective, a high number of requests coming from the same system over and over again is an attack. That system of course is the Nginx reverse proxy, but Fail2Ban does not know that. It is correct that by default this can trigger a badbot jail, bad bots are doing exactly the same: The hammer the web server with stupid requests that cause a lot of load and have no use. For that reason, your local IP address(es) need to be on the "Trusted IPs" list of the Fail2Ban component, so that Nginx does not trigger the jail with all the requests it forwards to Apache.

In new Obisidian installations Plesk addes the local IP to the whitelist automatically.
Click to expand...
Thanks again Peter for the solution and explanation. And for an early taste of Christmas. Had me dancing round the room, not just the music perhaps, a little bit that three websites are up again! Liked it, of course.
 
Hi, I was seeing a lot of errors related to 502. And this one is more like mine, of course, everyone who entered did the tests mentioned and it didn't work. All my sites are showing error 502. I checked the IP and added the server's IP to FAIL2BAN but it didn't work.

What but can I analyze and try?
 
You must log in or register to reply here.

Similar threads

D
Issue 502 Bad Gateway - New Install - Restored from Backup
Replies
10
Views
557
MartinT
M
A
Issue 502 Bad Gateway nginx - have not changed anything
Replies
3
Views
1K
The 8th
The 8th
Mario Chamorro
Input Webmail 502 Bad Gateway
Replies
0
Views
1K
Mario Chamorro
Mario Chamorro
A
Issue 502 Gateway error with HTTP POST Requests but not GET requests
Replies
3
Views
961
Maarten
M
Powie
Issue Bad Gateway - nginx - IPv6 only
Replies
2
Views
559
Powie
Powie
Back
Top