Question

Occassional 502 Gateway error with LEMP

Posted August 16, 2016 1.4k views
Nginx Ubuntu PHP

Some people are reporting that my LEMP website is giving a 502 error. I’ve seen this myself from one public wifi point. I never see it anywhere else. My logs are filled with these errors:

2016/08/16 06:59:02 [error] 3618#0: *1445992 connect() to unix:/var/run/php5-fpm.sock failed (11: Resource temporarily unavailable) while connecting to upstream, client: 158.255.5.191, server: 178.62.65.221, request: “POST /xmlrpc.php HTTP/1.1”, upstream: “fastcgi://unix:/var/run/php5-fpm.sock:”, host: “178.62.65.221”

…which I assume are related. Any ideas what’s going on here and how to fix it?

Add a comment
singh
By:
singh
Add a comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

1 answer
ryanpq August 23, 2016

xmlrpc.php is a script present in WordPress installations that is a target for attacks. The traffic you are seeing which is likely the cause of the 502 errors is attempts to attack your server via this method. One way to help prevent this would be to edit your nginx configuration file in /etc/nginx/sites-enabled/ to add the following section inside the server block:

 location /xmlrpc.php {
      deny all;
    }
Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help