Occassional 502 Gateway error with LEMP

August 16, 2016 1k views
Nginx PHP Ubuntu
singh
By:
singh

Some people are reporting that my LEMP website is giving a 502 error. I've seen this myself from one public wifi point. I never see it anywhere else. My logs are filled with these errors:

2016/08/16 06:59:02 [error] 3618#0: *1445992 connect() to unix:/var/run/php5-fpm.sock failed (11: Resource temporarily unavailable) while connecting to upstream, client: 158.255.5.191, server: 178.62.65.221, request: "POST /xmlrpc.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "178.62.65.221"
...

...which I assume are related. Any ideas what's going on here and how to fix it?

Log In to Comment
1 Answer
ryanpq MOD August 23, 2016

xmlrpc.php is a script present in WordPress installations that is a target for attacks. The traffic you are seeing which is likely the cause of the 502 errors is attempts to attack your server via this method. One way to help prevent this would be to edit your nginx configuration file in /etc/nginx/sites-enabled/ to add the following section inside the server block:

 location /xmlrpc.php {
      deny all;
    }
Reply
Have another answer? Share your knowledge.

Related Questions