Problem: "502 Bad Gateway nginx/1.10.3 (Ubuntu)"

February 23, 2018 21.4k views
DigitalOcean Ubuntu 16.04

Hi, after the NYC3 Droplet Reboot 2018-02-22 17:00 UTC [Spectre and Meltdown Mitigation] my site is down and I get "502 Bad Gateway nginx/1.10.3 (Ubuntu)". I found these nginx's error logs:

2018/02/22 22:35:04 [error] 1571#1571: *448 connect() failed (111: Connection refused) while connecting to upstream, client: 104.131.85.203, server: 45.55.205.197, request: "GET /api371878927a/running.txt HTTP/1.0", upstream: "http://127.0.0.1:2368/api371878927a/running.txt", host: "45.55.205.197"
2018/02/22 22:35:04 [error] 1571#1571: *449 connect() failed (111: Connection refused) while connecting to upstream, client: 104.131.85.203, server: 45.55.205.197, request: "GET /api371878927a/remoteaddr.php?hostname=adsp-xv-us-nyc HTTP/1.0", upstream: "http://127.0.0.1:2368/api371878927a/remoteaddr.php?hostname=adsp-xv-us-nyc", host: "45.55.205.197"
2018/02/22 22:35:38 [error] 1571#1571: *452 connect() failed (111: Connection refused) while connecting to upstream, client: 66.249.81.62, server: strangerthancinema.it, request: "GET /favicon.ico HTTP/1.1", upstream: "http://127.0.0.1:2368/favicon.ico", host: "strangerthancinema.it"
2018/02/22 22:36:04 [error] 1571#1571: *454 connect() failed (111: Connection refused) while connecting to upstream, client: 104.131.85.203, server: 45.55.205.197, request: "GET /api371878927a/running.txt HTTP/1.0", upstream: "http://127.0.0.1:2368/api371878927a/running.txt", host: "45.55.205.197"
2018/02/22 22:36:20 [error] 1571#1571: *456 connect() failed (111: Connection refused) while connecting to upstream, client: 66.249.81.60, server: strangerthancinema.it, request: "GET /favicon.ico HTTP/1.1", upstream: "http://127.0.0.1:2368/favicon.ico", host: "strangerthancinema.it"
2018/02/22 22:37:04 [error] 1571#1571: *458 connect() failed (111: Connection refused) while connecting to upstream, client: 104.131.85.203, server: 45.55.205.197, request: "GET /api371878927a/running.txt HTTP/1.0", upstream: "http://127.0.0.1:2368/api371878927a/running.txt", host: "45.55.205.197"
2018/02/22 22:38:04 [error] 1571#1571: *462 connect() failed (111: Connection refused) while connecting to upstream, client: 104.131.85.203, server: 45.55.205.197, request: "GET /api371878927a/running.txt HTTP/1.0", upstream: "http://127.0.0.1:2368/api371878927a/running.txt", host: "45.55.205.197"
2018/02/22 22:38:37 [error] 1571#1571: *466 connect() failed (111: Connection refused) while connecting to upstream, client: 66.249.93.94, server: strangerthancinema.it, request: "GET /favicon.ico HTTP/1.1", upstream: "http://127.0.0.1:2368/favicon.ico", host: "strangerthancinema.it"
2018/02/22 22:38:43 [error] 1571#1571: *468 connect() failed (111: Connection refused) while connecting to upstream, client: 151.50.140.189, server: 45.55.205.197, request: "GET / HTTP/1.1", upstream: "http://127.0.0.1:2368/", host: "45.55.205.197"
2018/02/22 22:38:44 [error] 1571#1571: *468 connect() failed (111: Connection refused) while connecting to upstream, client: 151.50.140.189, server: 45.55.205.197, request: "GET /favicon.ico HTTP/1.1", upstream: "http://127.0.0.1:2368/favicon.ico", host: "45.55.205.197", referrer: "http://45.55.205.197/"
2018/02/22 22:39:00 [error] 1571#1571: *474 connect() failed (111: Connection refused) while connecting to upstream, client: 66.249.81.33, server: strangerthancinema.it, request: "GET /favicon.ico HTTP/1.1", upstream: "http://127.0.0.1:2368/favicon.ico", host: "strangerthancinema.it"
2018/02/22 22:39:04 [error] 1571#1571: *476 connect() failed (111: Connection refused) while connecting to upstream, client: 104.131.85.203, server: 45.55.205.197, request: "GET /api371878927a/running.txt HTTP/1.0", upstream: "http://127.0.0.1:2368/api371878927a/running.txt", host: "45.55.205.197"

How do I resolve this problem ? Thanks

8 Answers

Ensure your webroot has the correct ownership and permissions

As well nginx -t will let you know of any errors in your NGINX configuration file(s) if any are present.

cd /path/to/webroot to change your directory to the webroot

ls -la will print out the info you need

Depending if you have NGINX running as www-data or nginx as the user:group you may need to update

chown -R www-data:www-data /path/to./webroot

  • cd /path/to/webroot : "No such file or directory"

    ls -la: "total 76
    drwx------ 8 root root 4096 Feb 23 14:39 .
    drwxr-xr-x 23 root root 4096 Feb 23 18:31 ..
    -rw-rw-r-- 1 root root 5247 Feb 23 19:00 .bashhistory
    -rw-rw-r-- 1 root root 3139 Dec 19 11:32 .bashrc
    drwx------ 2 root root 4096 Dec 18 18:32 .cache
    -rw-rw-r-- 1 root root 0 Feb 23 14:14 .cloud-locale-test.skip
    drwx------ 3 root root 4096 Dec 18 18:30 .config
    -rw-rw-r-- 1 root root 135 Dec 18 18:30 .digitalocean
    password
    drwxr-xr-x 3 root root 4096 Feb 23 17:45 .ghost
    -rw-rw-r-- 1 root root 64 Feb 23 14:39 .lesshst
    drwxr-xr-x 2 root root 4096 Dec 19 11:59 .nano
    drwxr-xr-x 357 root root 12288 Feb 23 17:06 .npm
    -rw-rw-r-- 1 root root 148 Aug 17 2015 .profile
    -rw-rw-r-- 1 root root 1024 Dec 19 11:33 .rnd
    drwx------ 2 root root 4096 Dec 18 18:30 .ssh
    -rw-rw-r-- 1 root root 843 Feb 23 14:29 udo apt-get update
    -rw-rw-r-- 1 root root 1247 Feb 23 13:35 udo systemctl restart nginx"

    • /path/to/webroot is just a reference placeholder and will need to be replaced with the proper path.

      Can you post the results of this command?

      ls -la /etc/nginx

      • total 64
        drwxrwxr-x 6 zagarosh www-data 4096 Nov 7 15:51 .
        drwxr-xr-x 97 root root 4096 Feb 23 19:43 ..
        drwxr-xr-x 2 zagarosh www-data 4096 Jul 12 2017 conf.d
        -rw-r--r-- 1 zagarosh www-data 1077 Feb 11 2017 fastcgi.conf
        -rw-r--r-- 1 zagarosh www-data 1007 Feb 11 2017 fastcgiparams
        -rw-r--r-- 1 zagarosh www-data 2837 Feb 11 2017 koi-utf
        -rw-r--r-- 1 zagarosh www-data 2223 Feb 11 2017 koi-win
        -rw-r--r-- 1 zagarosh www-data 3957 Feb 11 2017 mime.types
        -rw-r--r-- 1 zagarosh www-data 1462 Feb 11 2017 nginx.conf
        -rw-r--r-- 1 zagarosh www-data 180 Feb 11 2017 proxy
        params
        -rw-r--r-- 1 zagarosh www-data 636 Feb 11 2017 scgiparams
        drwxrwxr-x 2 zagarosh www-data 4096 Dec 19 11:33 sites-available
        drwxr-xr-x 2 zagarosh www-data 4096 Dec 19 11:33 sites-enabled
        drwxr-xr-x 2 zagarosh www-data 4096 Dec 19 11:33 snippets
        -rw-r--r-- 1 zagarosh www-data 664 Feb 11 2017 uwsgi
        params
        -rw-r--r-- 1 zagarosh www-data 3071 Feb 11 2017 win-utf

        • OK Next

          find /etc/nginx/{sites-available,conf.d} -type f -exec cat {} \;

          This will help me get a sense on how NGINX is configured

          • server {
            listen 80 defaultserver;
            listen [::]:80 defaultserver ipv6only=on;

            server_name my-ghost-blog.com; # Replace with your domain

            root /usr/share/nginx/html;
            index index.html index.htm;

            clientmaxbody_size 10G;

            location / {
            proxypass http://localhost:2368;
            proxy
            setheader X-Forwarded-For $proxyaddxforwardedfor;
            proxy
            setheader Host $httphost;
            proxysetheader X-Forwarded-Proto $scheme;
            proxy_buffering off;
            }
            }

            You should look at the following URL's in order to grasp a solid understanding of Nginx configuration files in order to fully unleash the power of Nginx. http://wiki.nginx.org/Pitfalls http://wiki.nginx.org/QuickStart http://wiki.nginx.org/Configuration Generally, you will want to move this file somewhere, and start with a clean file but keep this around for reference. Or just disable in sites-enabled. Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. Default server configuration
            server {
            listen 80 defaultserver;
            listen [::]:80 defaultserver;

            SSL configuration listen 443 ssl default_server; listen [::]:443 ssl default_server; Note: You should disable gzip for SSL traffic. See: https://bugs.debian.org/773332 Read up on ssl_ciphers to ensure a secure configuration. See: https://bugs.debian.org/765782 Self signed certs generated by the ssl-cert package Don't use them in a production server! include snippets/snakeoil.conf;

            root /var/www/html;

            Add index.php to the list if you are using PHP

            index index.html index.htm index.nginx-debian.html;

            server_name _;

            location / {
            # First attempt to serve request as file, then
            # as directory, then fall back to displaying a 404.
            try_files $uri $uri/ =404;
            }

            pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 location ~ .php$ { include snippets/fastcgi-php.conf; # With php7.0-cgi alone: fastcgi_pass 127.0.0.1:9000; # With php7.0-fpm: fastcgi_pass unix:/run/php/php7.0-fpm.sock; deny access to .htaccess files, if Apache's document root concurs with nginx's one location ~ /.ht { deny all; Virtual Host configuration for example.com You can move that to a different file under sites-available/ and symlink that to sites-enabled/ to enable it. server { listen 80; listen [::]:80; server_name example.com; root /var/www/example.com; index index.html; location / { try_files $uri $uri/ =404; }
    • Cara root nu gmna

  • [Example link](http://)

[deleted]
  • Update your configuration file like so...

    • change listen defaultserver 80; to listen 80; - defaultserver is invalid syntax
    • remove listen [::]:80 ipv6only=on; - unless you are using ipv6
    • remove root /usr/share/nginx/html; and index index.html index.htm; - these are unneeded since NGINX is being used as a proxy to Ghost
    server {
      listen 80;
    
      server_name my-ghost-blog.com;
    
      clientmaxbody_size 10G;
    
      location / {
        proxypass http://localhost:2368;
        proxysetheader X-Forwarded-For $proxyaddxforwardedfor;
        proxysetheader Host $httphost;
        proxysetheader X-Forwarded-Proto $scheme;
        proxy_buffering off;
      } 
    }
    

    When viewing my-ghost-blog.com I do arrive at a ghost installation - with a notification of...

    No blog url configured
    Open config.js in your root directory & enter your domain name instead of this one.
    

    Hope that helps!

    • I edited /sites-available/default as you told me.
      The "502 bad gateway" disappeared but my blog isn't back yet. I got a screen that says:
      "Welcome to nginx!
      If you see this page, the nginx web server is successfully installed and working. Further configuration is required. For online documentation and support please refer to nginx.org.
      Commercial support is available at nginx.com.
      Thank you for using nginx."

      • This is the default NGINX page.

        What is happening here is your domain has not been entered properly in the NGINX config.

        what is the domain name to your ghost blog? my-ghost-blog.com?

        Is this the only website you are running?

I created a new /sites-available/default only with your indications. Back to "502 bad gateway".

Try running this command chown -Rf nginx:nginx /var/www. If that doesn't work, it could have something to do with php-fpm. I would try to make sure that is enabled and on if your website is dependent on php-fpm (example, WordPress)

If you are still getting the 'welcome to nginx' when you got to the URL, try restarting nginx and the hard refreshing your browser.

Also, try this:

sudo nano /etc/nginx/sites-enabled/default

What you are looking for is the proxy_pass http://localhost:${Port}/

 ${Port} = your localhost port ex. 8080, 3000, or yours is 2368

Your proxy_pass config is missing the forward slash ( / ) at the end after the port number.

It should look like proxy_pass http://localhost:2368/; not 2368;

hope this helps

Have another answer? Share your knowledge.