Question

Error 502 and 504 every x hours after droplet resize and apt upgrade

I’ve resized the droplet from $10 to $20 and right after made an apt update and upgrade. Now I’m getting about every 6 hours an error 502 or 504 and the site stops.

tail /var/log/nginx/error.log

2017/08/29 15:13:42 [error] 11052#0: *87644 recv() failed (104: Connection reset by peer) while reading response header from upstream, client: 162.158.79.237, server: www.moneytimes.com.br, request: "GET / HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "www.moneytimes.com.br"
2017/08/29 15:13:43 [error] 11052#0: *87636 recv() failed (104: Connection reset by peer) while reading response header from upstream, client: 172.68.26.249, server: www.moneytimes.com.br, request: "GET / HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "www.moneytimes.com.br", referrer: "https://www.moneytimes.com.br/"
2017/08/29 15:13:44 [error] 11052#0: *87646 recv() failed (104: Connection reset by peer) while reading response header from upstream, client: 162.158.90.46, server: www.moneytimes.com.br, request: "GET /rss.xml HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "www.moneytimes.com.br", referrer: "https://www.moneytimes.com.br/"
2017/08/29 15:13:45 [error] 11052#0: *87648 recv() failed (104: Connection reset by peer) while reading response header from upstream, client: 172.68.25.14, server: www.moneytimes.com.br, request: "GET / HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "www.moneytimes.com.br", referrer: "https://www.moneytimes.com.br/"

I have clouflare configured and these client ip’s are from them. Also have a letsencrypt.

With a restart php5-fpm all goes back to normal, but I have to be awake to reboot at any time. Tried to put it on cron, but didn’t solve.

It’s a droplet created with the “Ubuntu Drupal 8.1.3 on 14.04” one-click app.

Probably was some package update and now it’s missing some configuration, but I can’t find what. What can I do to discover what is the problem?

Subscribe
Share

Update: I recovered the backup made before the apt upgrade and the error persists, I had a suspicion that some bot trying to access wp-login is causing this because some times I observed a connection some minutes before the errors starting and blocke on nginx, but still have errors:

2017/09/04 11:26:45 [error] 4105#0: *12107 access forbidden by rule, client: 172.68.46.15, server: www.moneytimes.com.br, request: "GET /wp-login.php HTTP/1.1", host: "www.moneytimes.com.br"
2017/09/04 12:32:50 [error] 4106#0: *23031 upstream timed out (110: Connection timed out) while reading response header from upstream, client: 108.162.246.153, server: www.moneytimes.com.br, request: "GET /mrv-aprova-emissoes-de-cris-e-debentures-captacao-pode-ultrapassar-r-200-mi HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock", host: "www.moneytimes.com.br"
2017/09/04 12:32:55 [error] 4107#0: *23042 upstream timed out (110: Connection timed out) while reading response header from upstream, client: 172.68.26.219, server: www.moneytimes.com.br, request: "GET /explicando-o-white-paper-do-bitcoin?utm_source=Money+Times+Newsletter&utm_campaign=82dbc3c1b3-EMAIL_CAMPAIGN_2017_09_04&utm_medium=email&utm_term=0_85da2e8a11-82dbc3c1b3-89631069 HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock", host: "www.moneytimes.com.br"

Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Hi @codexico,

The error provided suggests the issue is coming from PHP-FPM. You’ll need to enable the catch_workers_output module. This can be set on /etc/php5/fpm/pool.d/www.conf. As soon as you do, restart the service and check your php5-fpm.log. Check the log and it should provide more descriptive errors.

Regards, KDSys