• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Resolved 502 Bad Gateway nginx : How to solve?

P

PeterK900

Basic Pleskian
I have encountered this problem 502 Bad Gateway nginx for all sites on the server. Everything was working fine one evening, the following morning no site (3) was accessible. No server changes had been made. Everything else works, ftp and Plesk.

I have looked at two possible solutions from this forum - Apache may have stopped - It hadn't.
I have run plesk repair web <domainname> to sort any Domain misconfiguration. Script runs with no errors but the problem still exists.

What else can I do to sort this problem? The server is unmanaged and the hosting company isn't providing any help.

Thanks.
 
The 502 means that nginx is not able to communicate with Apache. This is almost always caused by Apache not running. Are you on Debian/Ubuntu or Redhat/CentOS? Please post the output of this command:

Debian/Ubuntu:
# service apache2 status

Redhat/CentOS:
# service httpd status

If Apache IS running and does not show any errors, it is possible that your local IP address (the IP address of your server) has been blacklisted by Fail2Ban. Please check the blocked ip list in Tools & Settings > IP Address Banning. If it is blocked, remove it from the ban list and add your server's IP to Fail2Ban's "Trusted IP Addresses".
 
Peter Debik said:
The 502 means that nginx is not able to communicate with Apache. This is almost always caused by Apache not running. Are you on Debian/Ubuntu or Redhat/CentOS? Please post the output of this command:

Debian/Ubuntu:
# service apache2 status

Redhat/CentOS:
# service httpd status

If Apache IS running and does not show any errors, it is possible that your local IP address (the IP address of your server) has been blacklisted by Fail2Ban. Please check the blocked ip list in Tools & Settings > IP Address Banning. If it is blocked, remove it from the ban list and add your server's IP to Fail2Ban's "Trusted IP Addresses".
Click to expand...

Absolutely fantastic....

The server address is listed under IP Address banning Used Jail : plesk-apache-badbot

and removing it brings everything back. Thank you so much.

Can you throw any light on how this could have happened? I can see why a third party banning service might list the server if it had been doing something naughty ( which this server hasn't) - but why should the server do it to itself? Does this suggest a hack? Or a hosting issue? Is it going to happen again and should I de-activate IP address banning?

Thanks Peter for your prompt help so far. If you can give any pointers on these last questions then I'd be very grateful.
 
From Apache's perspective, a high number of requests coming from the same system over and over again is an attack. That system of course is the Nginx reverse proxy, but Fail2Ban does not know that. It is correct that by default this can trigger a badbot jail, bad bots are doing exactly the same: The hammer the web server with stupid requests that cause a lot of load and have no use. For that reason, your local IP address(es) need to be on the "Trusted IPs" list of the Fail2Ban component, so that Nginx does not trigger the jail with all the requests it forwards to Apache.

In new Obisidian installations Plesk addes the local IP to the whitelist automatically.
 
Peter Debik said:
From Apache's perspective, a high number of requests coming from the same system over and over again is an attack. That system of course is the Nginx reverse proxy, but Fail2Ban does not know that. It is correct that by default this can trigger a badbot jail, bad bots are doing exactly the same: The hammer the web server with stupid requests that cause a lot of load and have no use. For that reason, your local IP address(es) need to be on the "Trusted IPs" list of the Fail2Ban component, so that Nginx does not trigger the jail with all the requests it forwards to Apache.

In new Obisidian installations Plesk addes the local IP to the whitelist automatically.
Click to expand...
Thanks again Peter for the solution and explanation. And for an early taste of Christmas. Had me dancing round the room, not just the music perhaps, a little bit that three websites are up again! Liked it, of course.
 
Hi, I was seeing a lot of errors related to 502. And this one is more like mine, of course, everyone who entered did the tests mentioned and it didn't work. All my sites are showing error 502. I checked the IP and added the server's IP to FAIL2BAN but it didn't work.

What but can I analyze and try?
 
You must log in or register to reply here.

Similar threads

A
Issue 502 Bad Gateway nginx - have not changed anything
Replies
2
Views
345
Another_Omeka_User
A
Powie
Issue Bad Gateway - nginx - IPv6 only
Replies
2
Views
224
Powie
Powie
K
Issue Error 502 nginx
Replies
1
Views
121
Martin Dias
Martin Dias
Mlieder
Question Problems with Joomla and my domains on Plesk Obsidian on Ubuntu 22.04
Replies
2
Views
734
Conny Dittmann
Conny Dittmann
Z
Issue Prestashop 8 : very slow and error "504 Gateway Time-out - Nginx"
Replies
1
Views
247
1nghi
1
Back
Top