Question

Nginx Error 111: Connection refused

I recently switched from Apache2 to Nginx for my web server because Apache was giving me some very weird issues that no one could seem to solve. I used this guide here to make the switch. Now, I see in my Nginx error log (located /var/log/nginx/error.log)

2016/06/07 18:41:50 [error] 3221#0: *53 connect() failed (111: Connection refused) while connecting to upstream, client: xxx.xxx.xxx.xxx, server: websitename.net, request: "POST /xmlrpc.php HTTP/1.0", upstream: "fastcgi://127.0.0.1:9000", host: "xxx.xxx.xxx.xxx"

The site was working fine up until a few days ago. I did not change any settings during that time. Here is my full Nginx config.

Subscribe
Share

Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

@WASTECH

A few quick things to check. Login to the CLI and:

Open /etc/php5/fpm/pool.d/www.conf

  • Search for listen – are you using /var/run/php5-fpm.sock? If so, comment the line by adding a ; before it and then add listen = 127.0.0.1:9000 below it.

  • Search for listen.allowed_clients – is it commented or uncommented? If uncommented, comment it out by adding a ; before it.

  • Save /etc/php5/fpm/pool.d/www.conf.

Open /etc/nginx/sites-available/default or the name of the file you created for your server block:

  • Search for fastcgi_pass and change /var/run/php5-fpm.sock to 127.0.0.1:9000.

  • Save /etc/nginx/sites-available/default.

Now restart php-fpm and then nginx by running:

  • service php-fpm restart && service nginx restart

Let me know if that fixes the connection issue. If it does, the issue is because of the lack of read/write permissions on the /var/run/php5-fpm.sock file. If you’re running from the default php-fpm configuration, the user would be www-data and since this user is not a privileged user, it’s unable to read/write to files that are owned by root. Since the sock file has to be executable by the www-data user, and it’s owned by another, you won’t be able to connect.

You can undo the changes above and revert back to using the sock file, though using TCP (which is what the above details swap you over to) works just as well. Latency is negligible unless we’re dealing with a high-traffic scenario and even then, we’d still use TCP to connect to a secondary server.

@WASTECH

A few quick things to check. Login to the CLI and:

Open /etc/php5/fpm/pool.d/www.conf

  • Search for listen – are you using /var/run/php5-fpm.sock? If so, comment the line by adding a ; before it and then add listen = 127.0.0.1:9000 below it.

  • Search for listen.allowed_clients – is it commented or uncommented? If uncommented, comment it out by adding a ; before it.

  • Save /etc/php5/fpm/pool.d/www.conf.

Open /etc/nginx/sites-available/default or the name of the file you created for your server block:

  • Search for fastcgi_pass and change /var/run/php5-fpm.sock to 127.0.0.1:9000.

  • Save /etc/nginx/sites-available/default.

Now restart php-fpm and then nginx by running:

  • service php-fpm restart && service nginx restart

Let me know if that fixes the connection issue. If it does, the issue is because of the lack of read/write permissions on the /var/run/php5-fpm.sock file. If you’re running from the default php-fpm configuration, the user would be www-data and since this user is not a privileged user, it’s unable to read/write to files that are owned by root. Since the sock file has to be executable by the www-data user, and it’s owned by another, you won’t be able to connect.

You can undo the changes above and revert back to using the sock file, though using TCP (which is what the above details swap you over to) works just as well. Latency is negligible unless we’re dealing with a high-traffic scenario and even then, we’d still use TCP to connect to a secondary server.

@WASTECH

A few quick things to check. Login to the CLI and:

Open /etc/php5/fpm/pool.d/www.conf

  • Search for listen – are you using /var/run/php5-fpm.sock? If so, comment the line by adding a ; before it and then add listen = 127.0.0.1:9000 below it.

  • Search for listen.allowed_clients – is it commented or uncommented? If uncommented, comment it out by adding a ; before it.

  • Save /etc/php5/fpm/pool.d/www.conf.

Open /etc/nginx/sites-available/default or the name of the file you created for your server block:

  • Search for fastcgi_pass and change /var/run/php5-fpm.sock to 127.0.0.1:9000.

  • Save /etc/nginx/sites-available/default.

Now restart php-fpm and then nginx by running:

  • service php-fpm restart && service nginx restart

Let me know if that fixes the connection issue. If it does, the issue is because of the lack of read/write permissions on the /var/run/php5-fpm.sock file. If you’re running from the default php-fpm configuration, the user would be www-data and since this user is not a privileged user, it’s unable to read/write to files that are owned by root. Since the sock file has to be executable by the www-data user, and it’s owned by another, you won’t be able to connect.

You can undo the changes above and revert back to using the sock file, though using TCP (which is what the above details swap you over to) works just as well. Latency is negligible unless we’re dealing with a high-traffic scenario and even then, we’d still use TCP to connect to a secondary server.

@WASTECH

A few quick things to check. Login to the CLI and:

Open /etc/php5/fpm/pool.d/www.conf

  • Search for listen – are you using /var/run/php5-fpm.sock? If so, comment the line by adding a ; before it and then add listen = 127.0.0.1:9000 below it.

  • Search for listen.allowed_clients – is it commented or uncommented? If uncommented, comment it out by adding a ; before it.

  • Save /etc/php5/fpm/pool.d/www.conf.

Open /etc/nginx/sites-available/default or the name of the file you created for your server block:

  • Search for fastcgi_pass and change /var/run/php5-fpm.sock to 127.0.0.1:9000.

  • Save /etc/nginx/sites-available/default.

Now restart php-fpm and then nginx by running:

  • service php-fpm restart && service nginx restart

Let me know if that fixes the connection issue. If it does, the issue is because of the lack of read/write permissions on the /var/run/php5-fpm.sock file. If you’re running from the default php-fpm configuration, the user would be www-data and since this user is not a privileged user, it’s unable to read/write to files that are owned by root. Since the sock file has to be executable by the www-data user, and it’s owned by another, you won’t be able to connect.

You can undo the changes above and revert back to using the sock file, though using TCP (which is what the above details swap you over to) works just as well. Latency is negligible unless we’re dealing with a high-traffic scenario and even then, we’d still use TCP to connect to a secondary server.

@WASTECH

A few quick things to check. Login to the CLI and:

Open /etc/php5/fpm/pool.d/www.conf

  • Search for listen – are you using /var/run/php5-fpm.sock? If so, comment the line by adding a ; before it and then add listen = 127.0.0.1:9000 below it.

  • Search for listen.allowed_clients – is it commented or uncommented? If uncommented, comment it out by adding a ; before it.

  • Save /etc/php5/fpm/pool.d/www.conf.

Open /etc/nginx/sites-available/default or the name of the file you created for your server block:

  • Search for fastcgi_pass and change /var/run/php5-fpm.sock to 127.0.0.1:9000.

  • Save /etc/nginx/sites-available/default.

Now restart php-fpm and then nginx by running:

  • service php-fpm restart && service nginx restart

Let me know if that fixes the connection issue. If it does, the issue is because of the lack of read/write permissions on the /var/run/php5-fpm.sock file. If you’re running from the default php-fpm configuration, the user would be www-data and since this user is not a privileged user, it’s unable to read/write to files that are owned by root. Since the sock file has to be executable by the www-data user, and it’s owned by another, you won’t be able to connect.

You can undo the changes above and revert back to using the sock file, though using TCP (which is what the above details swap you over to) works just as well. Latency is negligible unless we’re dealing with a high-traffic scenario and even then, we’d still use TCP to connect to a secondary server.

@WASTECH

A few quick things to check. Login to the CLI and:

Open /etc/php5/fpm/pool.d/www.conf

  • Search for listen – are you using /var/run/php5-fpm.sock? If so, comment the line by adding a ; before it and then add listen = 127.0.0.1:9000 below it.

  • Search for listen.allowed_clients – is it commented or uncommented? If uncommented, comment it out by adding a ; before it.

  • Save /etc/php5/fpm/pool.d/www.conf.

Open /etc/nginx/sites-available/default or the name of the file you created for your server block:

  • Search for fastcgi_pass and change /var/run/php5-fpm.sock to 127.0.0.1:9000.

  • Save /etc/nginx/sites-available/default.

Now restart php-fpm and then nginx by running:

  • service php-fpm restart && service nginx restart

Let me know if that fixes the connection issue. If it does, the issue is because of the lack of read/write permissions on the /var/run/php5-fpm.sock file. If you’re running from the default php-fpm configuration, the user would be www-data and since this user is not a privileged user, it’s unable to read/write to files that are owned by root. Since the sock file has to be executable by the www-data user, and it’s owned by another, you won’t be able to connect.

You can undo the changes above and revert back to using the sock file, though using TCP (which is what the above details swap you over to) works just as well. Latency is negligible unless we’re dealing with a high-traffic scenario and even then, we’d still use TCP to connect to a secondary server.

@WASTECH

A few quick things to check. Login to the CLI and:

Open /etc/php5/fpm/pool.d/www.conf

  • Search for listen – are you using /var/run/php5-fpm.sock? If so, comment the line by adding a ; before it and then add listen = 127.0.0.1:9000 below it.

  • Search for listen.allowed_clients – is it commented or uncommented? If uncommented, comment it out by adding a ; before it.

  • Save /etc/php5/fpm/pool.d/www.conf.

Open /etc/nginx/sites-available/default or the name of the file you created for your server block:

  • Search for fastcgi_pass and change /var/run/php5-fpm.sock to 127.0.0.1:9000.

  • Save /etc/nginx/sites-available/default.

Now restart php-fpm and then nginx by running:

  • service php-fpm restart && service nginx restart

Let me know if that fixes the connection issue. If it does, the issue is because of the lack of read/write permissions on the /var/run/php5-fpm.sock file. If you’re running from the default php-fpm configuration, the user would be www-data and since this user is not a privileged user, it’s unable to read/write to files that are owned by root. Since the sock file has to be executable by the www-data user, and it’s owned by another, you won’t be able to connect.

You can undo the changes above and revert back to using the sock file, though using TCP (which is what the above details swap you over to) works just as well. Latency is negligible unless we’re dealing with a high-traffic scenario and even then, we’d still use TCP to connect to a secondary server.

@WASTECH

A few quick things to check. Login to the CLI and:

Open /etc/php5/fpm/pool.d/www.conf

  • Search for listen – are you using /var/run/php5-fpm.sock? If so, comment the line by adding a ; before it and then add listen = 127.0.0.1:9000 below it.

  • Search for listen.allowed_clients – is it commented or uncommented? If uncommented, comment it out by adding a ; before it.

  • Save /etc/php5/fpm/pool.d/www.conf.

Open /etc/nginx/sites-available/default or the name of the file you created for your server block:

  • Search for fastcgi_pass and change /var/run/php5-fpm.sock to 127.0.0.1:9000.

  • Save /etc/nginx/sites-available/default.

Now restart php-fpm and then nginx by running:

  • service php-fpm restart && service nginx restart

Let me know if that fixes the connection issue. If it does, the issue is because of the lack of read/write permissions on the /var/run/php5-fpm.sock file. If you’re running from the default php-fpm configuration, the user would be www-data and since this user is not a privileged user, it’s unable to read/write to files that are owned by root. Since the sock file has to be executable by the www-data user, and it’s owned by another, you won’t be able to connect.

You can undo the changes above and revert back to using the sock file, though using TCP (which is what the above details swap you over to) works just as well. Latency is negligible unless we’re dealing with a high-traffic scenario and even then, we’d still use TCP to connect to a secondary server.

Mine issue was slightly different I was reverse-proxying my subdomain wordpress blog site on my main site, and I wasn’t using PHP-fpm for handling PHP pages. the error was:
connect() failed (111: Connection refused) while connecting to upstream, client: xxx.xxx.xxx.xxx, server: “my.site.com”, request: GET /blog HTTP/1.0", upstream: “my.blog.site”, host: “my.site.com

the issue was in my blog server’s firewall where WordPress was blocking my site IP address.

check status of firewall #ufw status verbose if status active next

check the iptable #iptables -S check if list contains “f2b-wordpress-hard -s xx.main.site.ip.xx/32 -j REJECT --reject-with icmp-port-unreachable”

do #fail2ban-client set wordpress-hard unbanip xx.main.site.ip.xx

for more details visit: https://gist.github.com/stephenscaff/a0527da89b69dab57f93c09b4287b174

Hi,

Im getting a similar error, but I have:

    # With php7.0-cgi alone:
    #       fastcgi_pass 127.0.0.1:9000;
    #       # With php7.0-fpm:
    #       fastcgi_pass unix:/run/php/php7.0-fpm.sock;

do I need to change unix:/run/php/php7.0-fpm.sock to 127.0.0.1:9000?

Also, /etc/php7/fpm/pool.d/www.conf is not found