Some people are reporting that my LEMP website is giving a 502 error. I’ve seen this myself from one public wifi point. I never see it anywhere else. My logs are filled with these errors:
2016/08/16 06:59:02 [error] 3618#0: *1445992 connect() to unix:/var/run/php5-fpm.sock failed (11: Resource temporarily unavailable) while connecting to upstream, client: 158.255.5.191, server: 178.62.65.221, request: “POST /xmlrpc.php HTTP/1.1”, upstream: “fastcgi://unix:/var/run/php5-fpm.sock:”, host: “178.62.65.221” …
…which I assume are related. Any ideas what’s going on here and how to fix it?
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Try DigitalOcean for free
Click below to sign up and get $100 of credit to try our products over 60 days!
xmlrpc.php is a script present in WordPress installations that is a target for attacks. The traffic you are seeing which is likely the cause of the 502 errors is attempts to attack your server via this method. One way to help prevent this would be to edit your nginx configuration file in /etc/nginx/sites-enabled/ to add the following section inside the
serverblock: