Error 502 and 504 every x hours after droplet resize and apt upgrade

August 29, 2017 577 views
PHP Nginx Ubuntu
codexico
By:
codexico

I've resized the droplet from $10 to $20 and right after made an apt update and upgrade.
Now I'm getting about every 6 hours an error 502 or 504 and the site stops.

tail /var/log/nginx/error.log

2017/08/29 15:13:42 [error] 11052#0: *87644 recv() failed (104: Connection reset by peer) while reading response header from upstream, client: 162.158.79.237, server: www.moneytimes.com.br, request: "GET / HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "www.moneytimes.com.br"
2017/08/29 15:13:43 [error] 11052#0: *87636 recv() failed (104: Connection reset by peer) while reading response header from upstream, client: 172.68.26.249, server: www.moneytimes.com.br, request: "GET / HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "www.moneytimes.com.br", referrer: "https://www.moneytimes.com.br/"
2017/08/29 15:13:44 [error] 11052#0: *87646 recv() failed (104: Connection reset by peer) while reading response header from upstream, client: 162.158.90.46, server: www.moneytimes.com.br, request: "GET /rss.xml HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "www.moneytimes.com.br", referrer: "https://www.moneytimes.com.br/"
2017/08/29 15:13:45 [error] 11052#0: *87648 recv() failed (104: Connection reset by peer) while reading response header from upstream, client: 172.68.25.14, server: www.moneytimes.com.br, request: "GET / HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "www.moneytimes.com.br", referrer: "https://www.moneytimes.com.br/"

I have clouflare configured and these client ip's are from them. Also have a letsencrypt.

With a restart php5-fpm all goes back to normal, but I have to be awake to reboot at any time.
Tried to put it on cron, but didn't solve.

It's a droplet created with the "Ubuntu Drupal 8.1.3 on 14.04" one-click app.

Probably was some package update and now it's missing some configuration, but I can't find what.
What can I do to discover what is the problem?

1 comment
  • codexico September 4, 2017

    Update:
    I recovered the backup made before the apt upgrade and the error persists, I had a suspicion that some bot trying to access wp-login is causing this because some times I observed a connection some minutes before the errors starting and blocke on nginx, but still have errors:

    2017/09/04 11:26:45 [error] 4105#0: *12107 access forbidden by rule, client: 172.68.46.15, server: www.moneytimes.com.br, request: "GET /wp-login.php HTTP/1.1", host: "www.moneytimes.com.br"
2017/09/04 12:32:50 [error] 4106#0: *23031 upstream timed out (110: Connection timed out) while reading response header from upstream, client: 108.162.246.153, server: www.moneytimes.com.br, request: "GET /mrv-aprova-emissoes-de-cris-e-debentures-captacao-pode-ultrapassar-r-200-mi HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock", host: "www.moneytimes.com.br"
2017/09/04 12:32:55 [error] 4107#0: *23042 upstream timed out (110: Connection timed out) while reading response header from upstream, client: 172.68.26.219, server: www.moneytimes.com.br, request: "GET /explicando-o-white-paper-do-bitcoin?utm_source=Money+Times+Newsletter&utm_campaign=82dbc3c1b3-EMAIL_CAMPAIGN_2017_09_04&utm_medium=email&utm_term=0_85da2e8a11-82dbc3c1b3-89631069 HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock", host: "www.moneytimes.com.br"
Log In to Comment
Be the first one to answer this question.

Related Questions