Question
NGINX reverse proxy to Apache with Wordpress bad gateway
I have followed the guide here (https://www.digitalocean.com/community/tutorials/how-to-configure-nginx-as-a-web-server-and-reverse-proxy-for-apache-on-one-ubuntu-16-04-server)
While they are using Ubuntu we are using Centos 7.2.
Going directly to apache on port 8080 or 8443 (ssl) works. Pulling static files from Nginx works as well on port 80 and 443. However once the configuration is updated to use pass php traffic to apache I get 502 Bad Gateway. I
Nginx Config
server {
listen 80;
listen 443 ssl;
server_name www.domain.com domain.com;
ssl on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!eNULL:!NULL:!DH:!EDH:!AESGCM;
ssl_session_cache shared:SSL:5m;
ssl_session_timeout 10m;
ssl_prefer_server_ciphers on;
ssl_certificate /etc/nginx/ssl/domain_com.pem;
ssl_certificate_key /etc/nginx/ssl/domain_com.key;
root /data/web/corp/domain;
index index.php index.htm index.html;
location / {
try_files $uri $uri/ /index.php;
}
location ~ \.php$ {
proxy_pass https://127.0.0.1:8443;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location ~ /\. {
deny all;
}
}
I have tried to set the proxy_pass to the internal IP, Public IP, domain name, and loopback ip. Seems to all be the same issue.
Apache is set to listen on 8080 and 443.
The Nginx error logs show this:
2017/03/14 23:07:52 [error] 24934#0: *306 upstream prematurely closed connection while reading response header from upstream, client: 71.25.9.17, server: www.domain.com, request: "GET / HTTP/1.1", upstream: "https://127.0.0.1:8443/index.php", host: "www.domain.com"
Apache SSL error log:
[Tue Mar 14 23:12:36.955268 2017] [ssl:error] [pid 63873] [client 127.0.0.1:45822] AH02261: Re-negotiation handshake failed: Not accepted by client!?, referer: https://www.domain.com/favicon.ico
Apache SSL access log:
127.0.0.1 - - [14/Mar/2017:23:12:16 +0000] "GET /index.php HTTP/1.0" 403 211
I am not sure where to start as I am new to Nginx but from my reading it seems to be much better/faster at serving up static content than Apache. While our development group currently requires .htaccess we have to keep using Apache.
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
×
Ok so I rebuilt the server from scratch and followed the guide exactly including using the same OS.
I was able to install wordpress and I can get to the backend (admin panel) but I am unable to view any pages if I make them. The error is too many redirects.
I have added in the wordpress suggested by @stephenafamo and even updated the proxy_pass line into the nginx config suggested by @hansen.
I am unable to figure out is why I am unable to see any pages or posts that are made.
Here is the new configs:
Nginx
Apache vhost config
Nginx error log is empty
Nginx Access log
Apache access log
Apache Error log
php-fpm log:
I am at a loss to figure out why this is not working. Any Ideas
@joshopkins
Is there any reason why you’re using both Nginx and Apache?
If I visit http://miosystems.com I get the following error:
So it seems like Nginx is still using a proxy that ends in HTTPS.
If I visit https://miosystems.com I get a too many redirects, like you.
Can you rename/remove the
.htaccess
in the main WordPress folder? Since that might be causing the extra redirects.EDIT: The Apache access log says miosystems.com:80 which indicates it’s listening on port 80, not 8080. That’s weird.
@jtittle Have you seen this problem before?
@hansen The reason is some of our applications still require the .htaccess rules but are slowing being redeveloped so they can be relaced. Nginx is much faster with serving static content which is why we are using both.
With the fresh install of wordpress the .htaccess only contains:
removing the .htaccess has no affect.
I haven’t figured out how to put the redirect to force ssl only but if you go to https://miosystems.com/wp-admin you get the login page. If you pull up https://miosystems.com/info.php you get the phpinfo page. This only seems to be an issue with any page on the frontend of wordpress. I made a test page https://miosystems.com/test but it will not pull up either.
@joshopkins
The main reason why Apache is slow, is the htaccess and htpasswd files. Nginx doesn’t allow dynamic configuration like that, which is why it’s much faster.
If you go to https://miosystems.com/wp-admin/options-general.php and edit both URLs to
https://miosystems.com
- does that fix it?To force HTTPS, just change the top part of the Nginx config to this:
@hansen
Both urls are already listed as https://miosystems.com on that page.
Thanks for the code I have put it in place.
No errors in the logs either. Access logs show it bouncing back and forth. What I don’t understand is why the backend works but the frontend doesn’t. My only thought would be that nothing on the backend is index.php. Every page is defined as wp-login.php and the like.
I removed the index.php from the index line and it came up with the index.html test page created during the setup of the systems while following the guide.
I have also noticed that when trying to go to https://miosystems.com/index.php/test/ to see if it would pull up the test page it just default right back to https://miosystems.com
It also seems like ssl is not complete as when going to a static file or to the wordpress admin I get the green ssl cert notice but when just going to https://miosystems.com it says it is unsecure.
@joshopkins
Can you install this plugin into WordPress: https://wordpress.org/plugins/better-search-replace/
Then run a search+replace of
http://miosystems.com
withhttps://miosystems.com
And
http://www.miosystems.com
withhttps://miosystems.com
If the WordPress backend is working, then this problem is very likely related to a plugin, theme or other custom code.
@hansen @stephenafamo @jtittle
This is fresh with no content other than what comes with wordpress other than the test page https://miosystems.com/test and a single image I uploaded to test serving static content https://miosystems.com/wp-content/uploads/haven.png.
Installed the plugin and ran the searches it found nothing. Manually checked the database directly as well with the same results.
I was able to make some headway last night by playing with the wp-config.php file.
I added the following:
My only issue now it seems that while I can see what is set as the default main page I am unable to now navigate to any other page on the frontend such as https://miosystems.com/test (which is the only other page). However any url that is not index.php works i.e. https://miosystems.com/wp-login.php
@joshopkins Try replacing your Nginx config from
to this
@hansen
I tried that as well as
@hansen @jtittle
I am not sure of this is an apache issue or nginx issue. I added back the .htaccess file with the basic permalink structure that wordpress gives but it doesnt make a difference. At this point I am almost willing to pay someone to get this to work. So aggravating.
Thanks for all the help you all have already given and for any more ideas you may have for me.