502 on Nginx after start CSF

June 25, 2014 1.7k views

Hi I've installed gunicorn, django and nginx as described in this tutorial Tutorial. I've developed a function in django that add in my database an user and it works perfectly!!
Now I've installed CSF (Config Server Firewall) and if I run it csf -r, the same function for adding a user doesn't work.
I see, in the error log of Nginx, this raw:

2014/06/25 10:11:04 [error] 5396#0: *19 upstream prematurely closed connection while reading response header from upstream, client: 79.35.50.121, server: localjob.it, request: POST /django/registerClient HTTP/1.1, upstream: http://188.226.199.19:8001/django/registerClient, host: 188.226.199.19

I underline that the function work without star csf.
Anyone can explain me why I get this problem?

2 Answers

What does your Nginx configuration look like? It sounds like you are using something like this for your proxy pass:

proxy_pass http://188.226.199.19:8001;

Since you've set up a firewall that is blocking port 8001, you need to make sure you are accessing it on the local host. So you want something like:

    server {
        server_name yourdomainorip.com;

        access_log off;

        location /static/ {
            alias /opt/myenv/static/;
        }

        location / {
                proxy_pass http://127.0.0.1:8001;
                proxy_set_header X-Forwarded-Host $server_name;
                proxy_set_header X-Real-IP $remote_addr;
        }
    }

You could also edit /etc/csf/csf.conf and add port 8001 to both TCP_IN and TCP_OUT

Doesn't work!!

Underlining that the url of the function is http://188.226.199.19/django/registerClient

My nginx configuration is something like this:

server {
        listen 80;
        listen 443 ssl;
        ssl_certificate /etc/nginx/ssl/bundle.crt;
        ssl_certificate_key /etc/nginx/ssl/privateKey.key;
        server_name localjob.it;
        access_log off;

        location / {
            alias /webapps/sitoweb/;
            error_page 404 = /404.html;
        }

        location /django/ {
                proxy_pass http://127.0.0.1:8001;
                proxy_set_header X-Forwarded-Host $server_name;
                proxy_set_header X-Real-IP $remote_addr;
                add_header P3P 'CP="ALL DSP COR PSAa PSDa OUR NOR ONL UNI COM NAV"';
                add_header 'Access-Control-Allow-Origin' '*';
                add_header 'Access-Control-Allow-Headers' 'Content-Type,Accept';
                add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE';
         }
}
  • Did you try editing /etc/csf/csf.conf ? So it's only erroring on POSTs and not GETs?

Have another answer? Share your knowledge.