Question

Occassional 502 Gateway error with LEMP

Some people are reporting that my LEMP website is giving a 502 error. I’ve seen this myself from one public wifi point. I never see it anywhere else. My logs are filled with these errors:

2016/08/16 06:59:02 [error] 3618#0: *1445992 connect() to unix:/var/run/php5-fpm.sock failed (11: Resource temporarily unavailable) while connecting to upstream, client: 158.255.5.191, server: 178.62.65.221, request: “POST /xmlrpc.php HTTP/1.1”, upstream: “fastcgi://unix:/var/run/php5-fpm.sock:”, host: “178.62.65.221” …

…which I assume are related. Any ideas what’s going on here and how to fix it?

Subscribe
Share

Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

xmlrpc.php is a script present in WordPress installations that is a target for attacks. The traffic you are seeing which is likely the cause of the 502 errors is attempts to attack your server via this method. One way to help prevent this would be to edit your nginx configuration file in /etc/nginx/sites-enabled/ to add the following section inside the server block:

 location /xmlrpc.php {
      deny all;
    }