Question
Ubuntu 16.04 - NGINX - LetsEncrypt SSL - 502 Bad Gateway for first time visiting the site. Everything works if you visited the site earlier.
I set up a web server for two Wordpress websites. Installed NGINX, PHP, Mariadb, certbot for SSL, etc..
The problem I´m facing is that if I visited the website earlier than Certbot´s config, I can access it normally, load different pages, admin panel, php works perfectly and everything is displayed and working fine. Nervertheless, if you are a new user that tries to access the website (https://liventplanning.com) you get a 502 - Bad Gateway error.
Here´s NGINX’s error.log:
2018/07/10 14:47:25 [error] 3425#3425: *1628 upstream sent invalid status "Service Unavailable" while reading response header from upstream, client: 37.9.113.120, server: liventplanning.com, request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/run/php/php7.0-fpm.sock:", host: "liventplanning.com".
And here´s NGINX´s ../sites-available/default file: (I removed all comments and most spaces, for simplicity)
server {
server_name liventplanning.com;
root /var/www/liventplanning;
index index.php index.html index.htm index.nginx-debian.html;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
# proxy_pass http://localhost:8080;
# proxy_http_version 1.1;
# proxy_set_header Upgrade $http_upgrade;
# proxy_set_header Connection 'upgrade';
# proxy_set_header Host $host;
# proxy_cache_bypass $http_upgrade;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
# With php7.0-cgi alone:
#fastcgi_pass 127.0.0.1:9000;
# With php7.0-fpm:
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/liventplanning.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/liventplanning.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
server_name megalaboratorio.com;
root /var/www/megalaboratorio;
index index.php index.html;
location / {
try_files $uri $uri/ =404;
}
listen [::]:443 ssl; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/liventplanning.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/liventplanning.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
root /var/www/liventplanning;
index index.php index.html index.htm index.nginx-debian.html;
server_name www.megalaboratorio.com www.liventplanning.com; # managed by Certbot
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
# proxy_pass http://localhost:8080;
# proxy_http_version 1.1;
# proxy_set_header Upgrade $http_upgrade;
# proxy_set_header Connection 'upgrade';
# proxy_set_header Host $host;
# proxy_cache_bypass $http_upgrade;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
# With php7.0-cgi alone:
#fastcgi_pass 127.0.0.1:9000;
# With php7.0-fpm:
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}
listen [::]:443 ssl ; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/liventplanning.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/liventplanning.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = liventplanning.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80 default_server;
listen [::]:80 default_server;
server_name liventplanning.com;
return 404; # managed by Certbot
}
server {
if ($host = megalaboratorio.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name megalaboratorio.com;
return 404; # managed by Certbot
}
server {
if ($host = www.megalaboratorio.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = www.liventplanning.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80 ;
listen [::]:80 ;
server_name www.megalaboratorio.com www.liventplanning.com;
return 404; # managed by Certbot
}
Any browser that has previously visited the site can use it perfectly, but if you are a new user, you get a 502 bad gateway.
Can someone point me in the right direction? I´ve been checking documentation, config files, forums and logs for a week and am still baffled by this. Thank you in advance for any help.
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
×
Why don’t you try virtualhost approach? Your nginx default file looks a bit messy.