Wordpress 502 & 504 Errors NGINX & PHP-FPM

August 3, 2017 1.2k views
Nginx PHP Ubuntu 16.04

So, my server was doing fine, but recently my Wordpress has been getting a lot of 502 and 504 errors -- mostly when making updates to the site. I think it's a PHP-FPM issue and perhaps how my server is configured since I've upgraded a couple times and it should be blazing fast -- I have the 4GB / 60 GB / 4TB option.

@jtittle I saw you were an expert in this kind of thing.

Here's my nginx.conf:

workerprocesses 4;
worker
rlimit_nofile 20480;

pid /var/run/nginx.pid;

events {
worker_connections 2048;

    use epoll;
    multi_accept on;

}

http {
setrealipfrom 127.0.0.1;
real
ip_header X-Forwarded-For;

    server_names_hash_bucket_size 64;
    server_name_in_redirect off;

    include /etc/nginx/mime.types;
    default_type application/octet-stream;

    access_log off;
    error_log /var/log/nginx/error.log;

    keepalive_timeout 65;
    keepalive_requests 100000;
    sendfile on;
    tcp_nopush on;
    tcp_nodelay on;

    types_hash_max_size 2048;

    client_body_buffer_size      128k;
    client_max_body_size         24m;
    client_header_buffer_size    1k;
    large_client_header_buffers  4 4k;
    output_buffers               1 32k;
    postpone_output              1460;

    client_header_timeout  3m;
    client_body_timeout    3m;
    send_timeout           3m;

    open_file_cache max=1000 inactive=20s;
    open_file_cache_valid 30s;
    open_file_cache_min_uses 5;
    open_file_cache_errors off;

    gzip on;
    gzip_vary on;
    gzip_min_length 1000;
    gzip_types
    application/x-javascript
    application/javascript
    text/css
    text/javascript
    text/plain
    text/xml
    application/json
    application/vnd.ms-fontobject
    application/x-font-opentype
    application/x-font-truetype
    application/x-font-ttf
    application/xml font/eot
    font/opentype font/otf
    image/svg+xml
    image/vnd.microsoft.icon;
    gzip_disable "MSIE [1-6]\.";

    log_format main      '$remote_addr - $remote_user [$time_local]  '
    '"$request" $status $bytes_sent '
    '"$http_referer" "$http_user_agent" '
    '"$gzip_ratio"';

    log_format download  '$remote_addr - $remote_user [$time_local]  '
    '"$request" $status $bytes_sent '
    '"$http_referer" "$http_user_agent" '
    '"$http_range" "$sent_http_content_range"';

    map $status $loggable {
            ~^[23]  0;
            default 1;
    }

    server_tokens off;

    #include /etc/nginx/naxsi_core.rules;


    server {
            listen 80;
            listen 443 ssl http2;
            server_name www.nerdlouisville.org *.nerdlouisville.com;

            ssl_protocols TLSv1 TLSv1.1 TLSv1.2;                ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
            ssl_prefer_server_ciphers on;
            ssl_certificate /etc/letsencrypt/live/nerdlouisville.org/fullchain.pem;
            ssl_certificate_key /etc/letsencrypt/live/nerdlouisville.org/privkey.pem;
            ssl_trusted_certificate /etc/letsencrypt/live/nerdlouisville.org/chain.pem;
            ssl_session_cache shared:SSL:128m;
            ssl_session_timeout 1d;
            add_header Strict-Transport-Security "max-age=31557600; includeSubDomains";
            add_header X-Frame-Options "SAMEORIGIN" always;
            add_header X-Content-Type-Options "nosniff" always;
            add_header X-Xss-Protection "1";
            ssl_stapling on;
            ssl_stapling_verify on;
            resolver 8.8.8.8;

            return 301 https://nerdlouisville.org$request_uri;
    }
    server {
            server_name     nerdlouisville.org nerdlouisville.com;
            listen 80;
            return 301 https://nerdlouisville.org$request_uri;
    }
    server {
            listen 443 ssl http2;
            server_name nerdlouisville.org;

            ssl_protocols TLSv1 TLSv1.1 TLSv1.2;                ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
            ssl_prefer_server_ciphers on;
            ssl_certificate /etc/letsencrypt/live/nerdlouisville.org/fullchain.pem;
            ssl_certificate_key /etc/letsencrypt/live/nerdlouisville.org/privkey.pem;
            ssl_trusted_certificate /etc/letsencrypt/live/nerdlouisville.org/chain.pem;
            ssl_session_cache shared:SSL:128m;
            ssl_session_timeout 1d;
            add_header Strict-Transport-Security "max-age=31557600; includeSubDomains";
            add_header X-Frame-Options "SAMEORIGIN" always;
            add_header X-Content-Type-Options "nosniff" always;
            add_header X-Xss-Protection "1";
            ssl_stapling on;
            ssl_stapling_verify on;
            resolver 8.8.8.8;

            if ($http_user_agent ~ "MSIE" ) {
                    return 303 https://browser-update.org/update.html;
            }

            charset utf-8;



        root /var/www/html;
        index index.php index.html index.htm;

            location / {
                    try_files $uri $uri/ /index.php?q=$uri&$args;
            }

            location /forum {
                try_files $uri @vanilla;
            }
            location @vanilla {
                rewrite ^/forum(/.*) /forum/index.php?p=$uri&$args last;
            }


            location ~* \.(jpg|jpeg|gif|png|css|js|ico|xml)$ { expires 5d; }
            location = /favicon.ico { access_log off; log_not_found off; }
            location = /robots.txt { access_log off; log_not_found off; }
            location ~ /\. { log_not_found off; deny all; }


            location ~ \.php$ {
            include snippets/fastcgi-php.conf;
            fastcgi_pass unix:/run/php/php7.0-fpm.sock;
            }

    }



    upstream backend {
            server 127.0.0.1:4567 weight=1;
    }
11 Answers
jtittle MOD August 3, 2017
Accepted Answer

@michaelppfaff

The error in the PHP-FPM log:

server reached pm.max_children

When this happens, generally PHP-FPM will restart, which will cause a failed connection if NGINX is attempting to connect at the same time. We can up the limits on this setting as well as others in the www.conf file.

I'd make a backup of your www.conf file:

cp /etc/php/7.0/fpm/pool.d/www.conf /usr/local/src/www.conf

Then modify these values in /etc/php/7.0/fpm/pool.d/www.conf

pm.max_children = 16
pm.start_servers = 8
pm.min_spare_servers = 6
pm.max_spare_servers = 12

That'll raise the default limits to more usable limits, though depending on traffic and what you're running, those may need to increase. Generally, all values I use are divisible by 2 (i.e. I won't use 5, 7, 9, etc) to prevent odd rounding. Details on how to set pm.start_servers is in the configuration comments as well to give you an idea of what it should be set to.

You'd then need to restart PHP-FPM:

service php7.0-fpm restart
  • Awesome! Thanks for the confident answer.

    Okay, I've updated these values and restarted php-fpm. Seems to be running okay.

    Is there a way to test these values? And, how will I know when they need to increase again?

  • @jtittle

    Just noticed this new error:

    [03-Aug-2017 22:07:57] NOTICE: fpm is running, pid 31776
    [03-Aug-2017 22:07:57] NOTICE: ready to handle connections
    [03-Aug-2017 22:07:57] NOTICE: systemd monitor interval set to 10000ms
    [03-Aug-2017 22:08:47] WARNING: [pool www] server reached pm.max_children setting (16), consider raising it
    
    • Should I increase some more?

      Here's my memory:

      total        used        free      shared  buff/cache   available
      Mem:        4046656     1629320      302952       73548     2114384     2070960
      Swap:             0           0           0
      
    • @michaelppfaff

      There's really no way to test the values other than make the changes and restart :-). The PHP-FPM service doesn't have a test suite like NGINX does (though it'd be nice to see).

      In terms of RAM, you're good there, so you could raise the limits, though by how far really depends on what you're running on the Droplet.

      Would you be able to provide more details on what's running (WordPress, Drupal, etc)?

      • Two Wordpress sites (with little traffic) and a NodeBB forum. That's... about it.

        If I increase the numbers, you said keep them even. Do the numbers just increase proportionately?

        • @michaelppfaff

          Yes and no :-).

          For pm.start_servers, the formula is:

          min_spare_servers + (max_spare_servers - min_spare_servers) / 2
          

          So we could double the values and set:

          pm.max_children = 32
          pm.min_spare_servers = 12
          pm.max_spare_servers = 24
          

          And then to get pm.start_servers, we'd use the formula above:

          pm.start_servers = 12 + ( (24 - 12) / 2 )
          
          pm.start_servers = 26
          

          You'd then restart PHP-FPM for the changes to take effect.

          You do, however, need to be careful with the settings. Going too high may cause issues elsewhere -- although there's really not a definite limit.

          ...

          In this case, however, NGINX isn't causing the issues, it's simply a matter of finding what works within PHP-FPM and getting the numbers right. It's all a matter of testing.

          • For pm.start_servers I tried 26 but it threw an error, so I redid the math (it's listed in the config file! ha) and got:

            min_spare_servers + (max_spare_servers - min_spare_servers) / 2

            12 + (24 - 12 = 12) / 2 = 24 / 2 = 12

            But, 12 worked!

            Thanks for the awesome assistance. Incredibly grateful!

Hi @michaelppfaff

Please supply the last lines from your error log from when the error happened:

tail -20 /var/log/nginx/error.log

And can you also post your PHP-FPM pool configuration, since you're most likely either exceeding the memory limit or timeout.

/etc/php/7.0/fpm/pool.d/www.conf

@michaelppfaff

The first thing I'd recommend, before we get started with the configuration, would be to tail the logs.

tail -25 /var/log/nginx/error.log

Also, let's take a look at the PHP-FPM log, which should be in /var/log as well.

tail -25 /var/log/php7.0-fpm.log

That should give us a clearer indication of anything that may be wrong. You can also run:

nginx -t

To see if there's anything wrong with your NGINX configuration.

...

Let's start there first and we'll work our way up/down :-).

@michaelppfaff

Before reposting, let me clean up a bit ;-). When posting a ton of data, sometimes it'll get flagged, but I can publish on my end :-).

Here's my fastcgi.conf

fastcgi_param  SCRIPT_FILENAME    $document_root$fastcgi_script_name;
fastcgi_param  QUERY_STRING       $query_string;
fastcgi_param  REQUEST_METHOD     $request_method;
fastcgi_param  CONTENT_TYPE       $content_type;
fastcgi_param  CONTENT_LENGTH     $content_length;

fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
fastcgi_param  REQUEST_URI        $request_uri;
fastcgi_param  DOCUMENT_URI       $document_uri;
fastcgi_param  DOCUMENT_ROOT      $document_root;
fastcgi_param  SERVER_PROTOCOL    $server_protocol;
fastcgi_param  REQUEST_SCHEME     $scheme;
fastcgi_param  HTTPS              $https if_not_empty;

fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;

fastcgi_param  REMOTE_ADDR        $remote_addr;
fastcgi_param  REMOTE_PORT        $remote_port;
fastcgi_param  SERVER_ADDR        $server_addr;
fastcgi_param  SERVER_PORT        $server_port;
fastcgi_param  SERVER_NAME        $server_name;

# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param  REDIRECT_STATUS    200;

First of all, thank you all so much for the hasty responses.

One of the first things I did was run nginx -t and it seemed okay. Here are the results of that (other logs posted below).

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

nginx error.log:

2017/08/03 21:06:03 [error] 1382#1382: *1516842 upstream timed out (110: Connect                                                                                                                                                             ion timed out) while reading response header from upstream, client: 23.95.97.212                                                                                                                                                             , server: nerdlouisville.org, request: "GET /pinebox/index.php?title=Be_Mindful_                                                                                                                                                             Chemical_Compounds_Skincare_Organizations_Don_t_Want_You_To_Know_About HTTP/1.1"                                                                                                                                                             , upstream: "fastcgi://unix:/run/php/php7.0-fpm.sock", host: "nerdlouisville.org                                                                                                                                                             "
2017/08/03 21:06:03 [error] 1382#1382: *1516843 upstream timed out (110: Connect                                                                                                                                                             ion timed out) while reading response header from upstream, client: 23.95.97.212                                                                                                                                                             , server: nerdlouisville.org, request: "GET /pinebox/index.php?title=Elegance_Tr                                                                                                                                                             icks_And_Tips_To_Try_Out HTTP/1.1", upstream: "fastcgi://unix:/run/php/php7.0-fp                                                                                                                                                             m.sock", host: "nerdlouisville.org"
2017/08/03 21:06:03 [error] 1382#1382: *1516846 upstream timed out (110: Connect                                                                                                                                                             ion timed out) while reading response header from upstream, client: 23.95.97.212                                                                                                                                                             , server: nerdlouisville.org, request: "GET /pinebox/index.php?title=Splendor_St                                                                                                                                                             rategies_Which_Every_Particular_person_Should_Know HTTP/1.1", upstream: "fastcgi                                                                                                                                                             ://unix:/run/php/php7.0-fpm.sock", host: "nerdlouisville.org"
2017/08/03 21:06:06 [error] 1382#1382: *1516850 upstream timed out (110: Connect                                                                                                                                                             ion timed out) while reading response header from upstream, client: 144.217.224.                                                                                                                                                             11, server: nerdlouisville.org, request: "GET /pinebox/index.php?title=Alpha_Mon                                                                                                                                                             ster_Advanced_Review HTTP/1.1", upstream: "fastcgi://unix:/run/php/php7.0-fpm.so                                                                                                                                                             ck", host: "nerdlouisville.org"
2017/08/03 21:06:08 [error] 1382#1382: *1516852 upstream timed out (110: Connect                                                                                                                                                             ion timed out) while reading response header from upstream, client: 212.83.130.1                                                                                                                                                             59, server: nerdlouisville.org, request: "GET /pinebox/index.php?title=4_Led_Fla                                                                                                                                                             shlight_Metal_Instrument:_Lighting_Up_Your_Way HTTP/1.1", upstream: "fastcgi://u                                                                                                                                                             nix:/run/php/php7.0-fpm.sock", host: "nerdlouisville.org", referrer: "https://ne                                                                                                                                                             rdlouisville.org/"
2017/08/03 21:06:11 [error] 1382#1382: *1516860 upstream timed out (110: Connect                                                                                                                                                             ion timed out) while reading response header from upstream, client: 107.183.178.                                                                                                                                                             172, server: nerdlouisville.org, request: "GET /pinebox/index.php?title=Pengerti                                                                                                                                                             an_Tentang_Ayam_Sabung_India HTTP/1.1", upstream: "fastcgi://unix:/run/php/php7.                                                                                                                                                             0-fpm.sock", host: "nerdlouisville.org", referrer: "https://nerdlouisville.org/"
2017/08/03 21:06:20 [error] 1383#1383: *1516985 connect() to unix:/run/php/php7.                                                                                                                                                             0-fpm.sock failed (11: Resource temporarily unavailable) while connecting to ups                                                                                                                                                             tream, client: 208.110.82.170, server: nerdlouisville.org, request: "GET /pinebo                                                                                                                                                             x/index.php?search=&title=Special%3ASearch&fulltext=Search HTTP/1.1", upstream:                                                                                                                                                              "fastcgi://unix:/run/php/php7.0-fpm.sock:", host: "nerdlouisville.org"
2017/08/03 21:06:21 [error] 1383#1383: *1516987 connect() to unix:/run/php/php7.                                                                                                                                                             0-fpm.sock failed (11: Resource temporarily unavailable) while connecting to ups                                                                                                                                                             tream, client: 43.251.99.6, server: nerdlouisville.org, request: "GET /pinebox/i                                                                                                                                                             ndex.php?title=User:SusanneOverlock HTTP/1.1", upstream: "fastcgi://unix:/run/ph                                                                                                                                                             p/php7.0-fpm.sock:", host: "nerdlouisville.org", referrer: "https://nerdlouisvil                                                                                                                                                             le.org/"
2017/08/03 21:06:22 [error] 1382#1382: *1516872 upstream timed out (110: Connect                                                                                                                                                             ion timed out) while reading response header from upstream, client: 195.154.59.1                                                                                                                                                             83, server: nerdlouisville.org, request: "GET /pinebox/index.php?title=Quick_Adv                                                                                                                                                             ice_In_Best_Toaster_Oven_-_An_Introduction HTTP/1.1", upstream: "fastcgi://unix:                                                                                                                                                             /run/php/php7.0-fpm.sock", host: "nerdlouisville.org", referrer: "https://nerdlo                                                                                                                                                             uisville.org/"
2017/08/03 21:06:22 [error] 1380#1380: *1516989 connect() to unix:/run/php/php7.                                                                                                                                                             0-fpm.sock failed (11: Resource temporarily unavailable) while connecting to ups                                                                                                                                                             tream, client: 137.74.207.120, server: nerdlouisville.org, request: "GET /pinebo                                                                                                                                                             x/index.php?title=EmilieDominick402&action=history HTTP/1.1", upstream: "fastcgi                                                                                                                                                             ://unix:/run/php/php7.0-fpm.sock:", host: "nerdlouisville.org"
2017/08/03 21:06:26 [error] 1380#1380: *1516992 connect() to unix:/run/php/php7.                                                                                                                                                             0-fpm.sock failed (11: Resource temporarily unavailable) while connecting to ups                                                                                                                                                             tream, client: 108.161.129.150, server: nerdlouisville.org, request: "GET /pineb                                                                                                                                                             ox/index.php?title=User:MapleSwope225 HTTP/1.1", upstream: "fastcgi://unix:/run/                                                                                                                                                             php/php7.0-fpm.sock:", host: "nerdlouisville.org"
2017/08/03 21:06:26 [error] 1380#1380: *1516991 connect() to unix:/run/php/php7.                                                                                                                                                             0-fpm.sock failed (11: Resource temporarily unavailable) while connecting to ups                                                                                                                                                             tream, client: 104.238.176.164, server: nerdlouisville.org, request: "GET /pineb                                                                                                                                                             ox/index.php?title=User:MichellTribolet HTTP/1.1", upstream: "fastcgi://unix:/ru                                                                                                                                                             n/php/php7.0-fpm.sock:", host: "nerdlouisville.org", referrer: "https://nerdloui                                                                                                                                                             sville.org/"
2017/08/03 21:06:26 [error] 1380#1380: *1516993 connect() to unix:/run/php/php7.                                                                                                                                                             0-fpm.sock failed (11: Resource temporarily unavailable) while connecting to ups                                                                                                                                                             tream, client: 64.145.94.183, server: nerdlouisville.org, request: "GET /pinebox                                                                                                                                                             /index.php?title=User:LorenzaHamblin HTTP/1.0", upstream: "fastcgi://unix:/run/p                                                                                                                                                             hp/php7.0-fpm.sock:", host: "nerdlouisville.org", referrer: "https://nerdlouisvi                                                                                                                                                             lle.org/"
2017/08/03 21:06:26 [error] 1380#1380: *1516996 connect() to unix:/run/php/php7.                                                                                                                                                             0-fpm.sock failed (11: Resource temporarily unavailable) while connecting to ups                                                                                                                                                             tream, client: 108.62.24.188, server: nerdlouisville.org, request: "GET /pinebox                                                                                                                                                             /index.php?title=User:MarcoDobbs HTTP/1.0", upstream: "fastcgi://unix:/run/php/p                                                                                                                                                             hp7.0-fpm.sock:", host: "nerdlouisville.org", referrer: "https://nerdlouisville.                                                                                                                                                             org/"
2017/08/03 21:06:27 [error] 1382#1382: *1516880 upstream timed out (110: Connect                                                                                                                                                             ion timed out) while reading response header from upstream, client: 163.172.212.                                                                                                                                                             81, server: nerdlouisville.org, request: "GET /pinebox/index.php?title=Are_You_G                                                                                                                                                             etting_The_Complete_Printing_Package_Deal HTTP/1.1", upstream: "fastcgi://unix:/                                                                                                                                                             run/php/php7.0-fpm.sock", host: "nerdlouisville.org", referrer: "https://nerdlou                                                                                                                                                             isville.org/"
2017/08/03 21:06:32 [error] 1382#1382: *1516891 upstream timed out (110: Connect                                                                                                                                                             ion timed out) while reading response header from upstream, client: 173.44.165.1                                                                                                                                                             67, server: nerdlouisville.org, request: "GET /pinebox/index.php?search=&title=S                                                                                                                                                             pecial%3ASearch&fulltext=Search HTTP/1.0", upstream: "fastcgi://unix:/run/php/ph                                                                                                                                                             p7.0-fpm.sock", host: "nerdlouisville.org"
2017/08/03 21:06:33 [error] 1383#1383: *1516894 upstream timed out (110: Connect                                                                                                                                                             ion timed out) while reading response header from upstream, client: 107.183.178.                                                                                                                                                             172, server: nerdlouisville.org, request: "GET /pinebox/index.php?title=Pemahama                                                                                                                                                             n_Tentang_Ayam_Sabung_Birma_Vs_Saigon HTTP/1.0", upstream: "fastcgi://unix:/run/                                                                                                                                                             php/php7.0-fpm.sock", host: "nerdlouisville.org"
2017/08/03 21:06:34 [error] 1383#1383: *1516898 upstream timed out (110: Connect                                                                                                                                                             ion timed out) while reading response header from upstream, client: 198.46.210.8                                                                                                                                                             1, server: nerdlouisville.org, request: "GET /pinebox/index.php?title=The_Best_H                                                                                                                                                             erbal_Pounds_Reduction_Products_For_Fast_Last HTTP/1.0", upstream: "fastcgi://un                                                                                                                                                             ix:/run/php/php7.0-fpm.sock", host: "nerdlouisville.org"
2017/08/03 21:06:35 [error] 1383#1383: *1516900 upstream timed out (110: Connect                                                                                                                                                             ion timed out) while reading response header from upstream, client: 23.92.116.16                                                                                                                                                             9, server: nerdlouisville.org, request: "GET /pinebox/index.php?title=User:Jacqu                                                                                                                                                             esBecerra5 HTTP/1.0", upstream: "fastcgi://unix:/run/php/php7.0-fpm.sock", host:                                                                                                                                                              "nerdlouisville.org", referrer: "https://nerdlouisville.org/"
2017/08/03 21:06:36 [error] 1383#1383: *1516905 upstream timed out (110: Connect                                                                                                                                                             ion timed out) while reading response header from upstream, client: 176.141.93.1                                                                                                                                                             91, server: nerdlouisville.org, request: "GET /pinebox/index.php?title=User:Zelm                                                                                                                                                             aGarth7 HTTP/1.1", upstream: "fastcgi://unix:/run/php/php7.0-fpm.sock", host: "n                                                                                                                                                             erdlouisville.org", referrer: "https://nerdlouisville.org/"
2017/08/03 21:06:36 [error] 1383#1383: *1516903 upstream timed out (110: Connect                                                                                                                                                             ion timed out) while reading response header from upstream, client: 176.61.138.1                                                                                                                                                             46, server: nerdlouisville.org, request: "GET /pinebox/index.php?search=&title=S                                                                                                                                                             pecial%3ASearch&fulltext=Search HTTP/1.0", upstream: "fastcgi://unix:/run/php/ph                                                                                                                                                             p7.0-fpm.sock", host: "nerdlouisville.org"
2017/08/03 21:06:36 [error] 1383#1383: *1516904 upstream timed out (110: Connect                                                                                                                                                             ion timed out) while reading response header from upstream, client: 176.61.138.1                                                                                                                                                             46, server: nerdlouisville.org, request: "GET /pinebox/index.php?search=&title=S                                                                                                                                                             pecial%3ASearch&fulltext=Search HTTP/1.0", upstream: "fastcgi://unix:/run/php/ph                                                                                                                                                             p7.0-fpm.sock", host: "nerdlouisville.org"
2017/08/03 21:06:37 [error] 1383#1383: *1516911 upstream timed out (110: Connect                                                                                                                                                             ion timed out) while reading response header from upstream, client: 191.101.114.                                                                                                                                                             209, server: nerdlouisville.org, request: "GET /pinebox/index.php?title=User:Sha                                                                                                                                                             staThurlow9 HTTP/1.1", upstream: "fastcgi://unix:/run/php/php7.0-fpm.sock", host                                                                                                                                                             : "nerdlouisville.org", referrer: "https://nerdlouisville.org/"
2017/08/03 21:06:37 [error] 1383#1383: *1516912 upstream timed out (110: Connect                                                                                                                                                             ion timed out) while reading response header from upstream, client: 173.44.165.1                                                                                                                                                             67, server: nerdlouisville.org, request: "GET /pinebox/index.php?search=&title=S                                                                                                                                                             pecial%3ASearch&fulltext=Search HTTP/1.0", upstream: "fastcgi://unix:/run/php/ph                                                                                                                                                             p7.0-fpm.sock", host: "nerdlouisville.org"
2017/08/03 21:13:14 [error] 1382#1382: *1519938 open() "/var/www/html/nerdlouvia                                                                                                                                                             /wp-content/uploads/2016/08/nerdlouvia-block-1.jpg" failed (2: No such file or d                                                                                                                                                             irectory), client: 173.252.86.197, server: nerdlouvia.com, request: "GET /wp-con                                                                                                                                                             tent/uploads/2016/08/nerdlouvia-block-1.jpg HTTP/1.1", host: "nerdlouvia.com"

PHP-FPM log:

[01-Aug-2017 11:48:20] NOTICE: exiting, bye-bye!
[01-Aug-2017 11:48:20] NOTICE: configuration file /etc/php/7.0/fpm/php-fpm.conf test is successful

[01-Aug-2017 11:48:20] NOTICE: fpm is running, pid 12676
[01-Aug-2017 11:48:20] NOTICE: ready to handle connections
[01-Aug-2017 11:48:20] NOTICE: systemd monitor interval set to 10000ms
[01-Aug-2017 11:48:24] WARNING: [pool www] server reached pm.max_children setting (5), consider raising it
[02-Aug-2017 06:06:33] WARNING: [pool www] server reached pm.max_children setting (5), consider raising it
[02-Aug-2017 21:28:45] WARNING: [pool www] server reached pm.max_children setting (5), consider raising it
[02-Aug-2017 21:29:38] WARNING: [pool www] server reached pm.max_children setting (5), consider raising it
[03-Aug-2017 01:05:01] WARNING: [pool www] server reached pm.max_children setting (5), consider raising it
[03-Aug-2017 12:51:10] WARNING: [pool www] child 25967 exited on signal 9 (SIGKILL) after 42369.267504 seconds from start
[03-Aug-2017 12:51:10] NOTICE: [pool www] child 13031 started
[03-Aug-2017 12:51:10] WARNING: [pool www] child 21294 exited on signal 9 (SIGKILL) after 55358.662473 seconds from start
[03-Aug-2017 12:51:10] NOTICE: [pool www] child 13032 started
[03-Aug-2017 12:51:10] WARNING: [pool www] child 21295 exited on signal 9 (SIGKILL) after 55352.677996 seconds from start
[03-Aug-2017 12:51:10] NOTICE: [pool www] child 13033 started
[03-Aug-2017 19:59:02] NOTICE: Terminating ...
[03-Aug-2017 19:59:02] NOTICE: exiting, bye-bye!
[03-Aug-2017 19:59:02] NOTICE: configuration file /etc/php/7.0/fpm/php-fpm.conf test is successful

[03-Aug-2017 19:59:02] NOTICE: fpm is running, pid 26009
[03-Aug-2017 19:59:02] NOTICE: ready to handle connections
[03-Aug-2017 19:59:02] NOTICE: systemd monitor interval set to 10000ms
[03-Aug-2017 19:59:46] WARNING: [pool www] server reached pm.max_children setting (5), consider raising it

pool config:

; Start a new pool named 'www'.
; the variable $pool can we used in any directive and will be replaced by the
; pool name ('www' here)
[www]

; Per pool prefix
; It only applies on the following directives:
; - 'access.log'
; - 'slowlog'
; - 'listen' (unixsocket)
; - 'chroot'
; - 'chdir'
; - 'php_values'
; - 'php_admin_values'
; When not set, the global prefix (or /usr) applies instead.
; Note: This directive can also be relative to the global prefix.
; Default Value: none
;prefix = /path/to/pools/$pool

; Unix user/group of processes
; Note: The user is mandatory. If the group is not set, the default user's group
;       will be used.
user = www-data
group = www-data

; The address on which to accept FastCGI requests.
; Valid syntaxes are:
;   'ip.add.re.ss:port'    - to listen on a TCP socket to a specific IPv4 address on
;                            a specific port;
;   '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
;                            a specific port;
;   'port'                 - to listen on a TCP socket to all addresses
;                            (IPv6 and IPv4-mapped) on a specific port;
;   '/path/to/unix/socket' - to listen on a unix socket.
; Note: This value is mandatory.
listen = /run/php/php7.0-fpm.sock

; Set listen(2) backlog.
; Default Value: 511 (-1 on FreeBSD and OpenBSD)
;listen.backlog = 511

; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server. Many
; BSD-derived systems allow connections regardless of permissions.
; Default Values: user and group are set as the running user
;                 mode is set to 0660
listen.owner = www-data
listen.group = www-data
listen.mode = 0660
; When POSIX Access Control Lists are supported you can set them using
; these options, value is a comma separated list of user/group names.
; When set, listen.owner and listen.group are ignored
;listen.acl_users =
;listen.acl_groups =

; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect.
; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
; must be separated by a comma. If this value is left blank, connections will be
; accepted from any ip address.
; Default Value: any
;listen.allowed_clients = 127.0.0.1

; Specify the nice(2) priority to apply to the pool processes (only if set)
; The value can vary from -19 (highest priority) to 20 (lower priority)
; Note: - It will only work if the FPM master process is launched as root
;       - The pool processes will inherit the master process priority
;         unless it specified otherwise
; Default Value: no set
; process.priority = -19

; Choose how the process manager will control the number of child processes.
; Possible Values:
;   static  - a fixed number (pm.max_children) of child processes;
;   dynamic - the number of child processes are set dynamically based on the
;             following directives. With this process management, there will be
;             always at least 1 children.
;             pm.max_children      - the maximum number of children that can
;                                    be alive at the same time.
;             pm.start_servers     - the number of children created on startup.
;             pm.min_spare_servers - the minimum number of children in 'idle'
;                                    state (waiting to process). If the number
;                                    of 'idle' processes is less than this
;                                    number then some children will be created.
;             pm.max_spare_servers - the maximum number of children in 'idle'
;                                    state (waiting to process). If the number
;                                    of 'idle' processes is greater than this
;                                    number then some children will be killed.
;  ondemand - no children are created at startup. Children will be forked when
;             new requests will connect. The following parameter are used:
;             pm.max_children           - the maximum number of children that
;                                         can be alive at the same time.
;             pm.process_idle_timeout   - The number of seconds after which
;                                         an idle process will be killed.
; Note: This value is mandatory.
pm = dynamic

; The number of child processes to be created when pm is set to 'static' and the
; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'.
; This value sets the limit on the number of simultaneous requests that will be
; served. Equivalent to the ApacheMaxClients directive with mpm_prefork.
; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP
; CGI. The below defaults are based on a server without much resources. Don't
; forget to tweak pm.* to fit your needs.
; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand'
; Note: This value is mandatory.
pm.max_children = 5

; The number of child processes created on startup.
; Note: Used only when pm is set to 'dynamic'
; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2
pm.start_servers = 2

; The desired minimum number of idle server processes.
; Note: Used only when pm is set to 'dynamic'
; Note: Mandatory when pm is set to 'dynamic'
pm.min_spare_servers = 1

; The desired maximum number of idle server processes.
; Note: Used only when pm is set to 'dynamic'
; Note: Mandatory when pm is set to 'dynamic'
pm.max_spare_servers = 3

; The number of seconds after which an idle process will be killed.
; Note: Used only when pm is set to 'ondemand'
; Default Value: 10s
;pm.process_idle_timeout = 10s;

; The number of requests each child process should execute before respawning.
; This can be useful to work around memory leaks in 3rd party libraries. For
; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
; Default Value: 0
;pm.max_requests = 500

; The URI to view the FPM status page. If this value is not set, no URI will be
; recognized as a status page. It shows the following informations:
;   pool                 - the name of the pool;
;   process manager      - static, dynamic or ondemand;
;   start time           - the date and time FPM has started;
;   start since          - number of seconds since FPM has started;
;   accepted conn        - the number of request accepted by the pool;
;   listen queue         - the number of request in the queue of pending
;                          connections (see backlog in listen(2));
;   max listen queue     - the maximum number of requests in the queue
;                          of pending connections since FPM has started;
;   listen queue len     - the size of the socket queue of pending connections;
;   idle processes       - the number of idle processes;
;   active processes     - the number of active processes;
;   total processes      - the number of idle + active processes;
;   max active processes - the maximum number of active processes since FPM
;                          has started;
;   max children reached - number of times, the process limit has been reached,
;                          when pm tries to start more children (works only for
;                          pm 'dynamic' and 'ondemand');
; Value are updated in real time.
; Example output:
;   pool:                 www
;   process manager:      static
;   start time:           01/Jul/2011:17:53:49 +0200
;   start since:          62636
;   accepted conn:        190460
;   listen queue:         0
;   max listen queue:     1
;   listen queue len:     42
;   idle processes:       4
;   active processes:     11
;   total processes:      15
;   max active processes: 12
;   max children reached: 0
;
; By default the status page output is formatted as text/plain. Passing either
; 'html', 'xml' or 'json' in the query string will return the corresponding
; output syntax. Example:
;   http://www.foo.bar/status
;   http://www.foo.bar/status?json
;   http://www.foo.bar/status?html
;   http://www.foo.bar/status?xml
;
; By default the status page only outputs short status. Passing 'full' in the
; query string will also return status for each pool process.
; Example:
;   http://www.foo.bar/status?full
;   http://www.foo.bar/status?json&full
;   http://www.foo.bar/status?html&full
;   http://www.foo.bar/status?xml&full
; The Full status returns for each process:
;   pid                  - the PID of the process;
;   state                - the state of the process (Idle, Running, ...);
;   start time           - the date and time the process has started;
;   start since          - the number of seconds since the process has started;
;   requests             - the number of requests the process has served;
;   request duration     - the duration in µs of the requests;
;   request method       - the request method (GET, POST, ...);
;   request URI          - the request URI with the query string;
;   content length       - the content length of the request (only with POST);
;   user                 - the user (PHP_AUTH_USER) (or '-' if not set);
;   script               - the main script called (or '-' if not set);
;   last request cpu     - the %cpu the last request consumed
;                          it's always 0 if the process is not in Idle state
;                          because CPU calculation is done when the request
;                          processing has terminated;
;   last request memory  - the max amount of memory the last request consumed
;                          it's always 0 if the process is not in Idle state
;                          because memory calculation is done when the request
;                          processing has terminated;
; If the process is in Idle state, then informations are related to the
; last request the process has served. Otherwise informations are related to
; the current request being served.
; Example output:
;   ************************
;   pid:                  31330
;   state:                Running
;   start time:           01/Jul/2011:17:53:49 +0200
;   start since:          63087
;   requests:             12808
;   request duration:     1250261
;   request method:       GET
;   request URI:          /test_mem.php?N=10000
;   content length:       0
;   user:                 -
;   script:               /home/fat/web/docs/php/test_mem.php
;   last request cpu:     0.00
;   last request memory:  0
;
; Note: There is a real-time FPM status monitoring sample web page available
;       It's available in: /usr/share/php/7.0/fpm/status.html
;
; Note: The value must start with a leading slash (/). The value can be
;       anything, but it may not be a good idea to use the .php extension or it
;       may conflict with a real PHP file.
; Default Value: not set
;pm.status_path = /status

; The ping URI to call the monitoring page of FPM. If this value is not set, no
; URI will be recognized as a ping page. This could be used to test from outside
; that FPM is alive and responding, or to
; - create a graph of FPM availability (rrd or such);
; - remove a server from a group if it is not responding (load balancing);
; - trigger alerts for the operating team (24/7).
; Note: The value must start with a leading slash (/). The value can be
;       anything, but it may not be a good idea to use the .php extension or it
;       may conflict with a real PHP file.
; Default Value: not set
;ping.path = /ping

; This directive may be used to customize the response of a ping request. The
; response is formatted as text/plain with a 200 response code.
; Default Value: pong
;ping.response = pong

; The access log file
; Default: not set
;access.log = log/$pool.access.log

; The access log format.
; The following syntax is allowed
;  %%: the '%' character
;  %C: %CPU used by the request
;      it can accept the following format:
;      - %{user}C for user CPU only
;      - %{system}C for system CPU only
;      - %{total}C  for user + system CPU (default)
;  %d: time taken to serve the request
;      it can accept the following format:
;      - %{seconds}d (default)
;      - %{miliseconds}d
;      - %{mili}d
;      - %{microseconds}d
;      - %{micro}d
;  %e: an environment variable (same as $_ENV or $_SERVER)
;      it must be associated with embraces to specify the name of the env
;      variable. Some exemples:
;      - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e
;      - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e
;  %f: script filename
;  %l: content-length of the request (for POST request only)
;  %m: request method
;  %M: peak of memory allocated by PHP
;      it can accept the following format:
;      - %{bytes}M (default)
;      - %{kilobytes}M
;      - %{kilo}M
;      - %{megabytes}M
;      - %{mega}M
;  %n: pool name
;  %o: output header
;      it must be associated with embraces to specify the name of the header:
;      - %{Content-Type}o
;      - %{X-Powered-By}o
;      - %{Transfert-Encoding}o
;      - ....
;  %p: PID of the child that serviced the request
;  %P: PID of the parent of the child that serviced the request
;  %q: the query string
;  %Q: the '?' character if query string exists
;  %r: the request URI (without the query string, see %q and %Q)
;  %R: remote IP address
;  %s: status (response code)
;  %t: server time the request was received
;      it can accept a strftime(3) format:
;      %d/%b/%Y:%H:%M:%S %z (default)
;      The strftime(3) format must be encapsuled in a %{<strftime_format>}t tag
;      e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t
;  %T: time the log has been written (the request has finished)
;      it can accept a strftime(3) format:
;      %d/%b/%Y:%H:%M:%S %z (default)
;      The strftime(3) format must be encapsuled in a %{<strftime_format>}t tag
;      e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t
;  %u: remote user
;
; Default: "%R - %u %t \"%m %r\" %s"
;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"

; The log file for slow requests
; Default Value: not set
; Note: slowlog is mandatory if request_slowlog_timeout is set
;slowlog = log/$pool.log.slow

; The timeout for serving a single request after which a PHP backtrace will be
; dumped to the 'slowlog' file. A value of '0s' means 'off'.
; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
; Default Value: 0
;request_slowlog_timeout = 0

; The timeout for serving a single request after which the worker process will
; be killed. This option should be used when the 'max_execution_time' ini option
; does not stop script execution for some reason. A value of '0' means 'off'.
; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
; Default Value: 0
;request_terminate_timeout = 0

; Set open file descriptor rlimit.
; Default Value: system defined value
;rlimit_files = 1024

; Set max core size rlimit.
; Possible Values: 'unlimited' or an integer greater or equal to 0
; Default Value: system defined value
;rlimit_core = 0

; Chroot to this directory at the start. This value must be defined as an
; absolute path. When this value is not set, chroot is not used.
; Note: you can prefix with '$prefix' to chroot to the pool prefix or one
; of its subdirectories. If the pool prefix is not set, the global prefix
; will be used instead.
; Note: chrooting is a great security feature and should be used whenever
;       possible. However, all PHP paths will be relative to the chroot
;       (error_log, sessions.save_path, ...).
; Default Value: not set
;chroot =

; Chdir to this directory at the start.
; Note: relative path can be used.
; Default Value: current directory or / when chroot
;chdir = /var/www

; Redirect worker stdout and stderr into main error log. If not set, stdout and
; stderr will be redirected to /dev/null according to FastCGI specs.
; Note: on highloaded environement, this can cause some delay in the page
; process time (several ms).
; Default Value: no
;catch_workers_output = yes

; Clear environment in FPM workers
; Prevents arbitrary environment variables from reaching FPM worker processes
; by clearing the environment in workers before env vars specified in this
; pool configuration are added.
; Setting to "no" will make all environment variables available to PHP code
; via getenv(), $_ENV and $_SERVER.
; Default Value: yes
;clear_env = no

; Limits the extensions of the main script FPM will allow to parse. This can
; prevent configuration mistakes on the web server side. You should only limit
; FPM to .php extensions to prevent malicious users to use other extensions to
; exectute php code.
; Note: set an empty value to allow all extensions.
; Default Value: .php
;security.limit_extensions = .php .php3 .php4 .php5 .php7

; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
; the current environment.
; Default Value: clean env
;env[HOSTNAME] = $HOSTNAME
;env[PATH] = /usr/local/bin:/usr/bin:/bin
;env[TMP] = /tmp
;env[TMPDIR] = /tmp
;env[TEMP] = /tmp

; Additional php.ini defines, specific to this pool of workers. These settings
; overwrite the values previously defined in the php.ini. The directives are the
; same as the PHP SAPI:
;   php_value/php_flag             - you can set classic ini defines which can
;                                    be overwritten from PHP call 'ini_set'.
;   php_admin_value/php_admin_flag - these directives won't be overwritten by
;                                     PHP call 'ini_set'
; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no.

; Defining 'extension' will load the corresponding shared extension from
; extension_dir. Defining 'disable_functions' or 'disable_classes' will not
; overwrite previously defined php.ini values, but will append the new value
; instead.

; Note: path INI options can be relative and will be expanded with the prefix
; (pool, global or /usr)

; Default Value: nothing is defined by default except the values in php.ini and
;                specified at startup with the -d argument
;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com
;php_flag[display_errors] = off
;php_admin_value[error_log] = /var/log/fpm-php.www.log
;php_admin_flag[log_errors] = on
;php_admin_value[memory_limit] = 32M

  • @michaelppfaff

    Like it says in the error log, change the amount of max_children to something higher.
    Try changing the PHP-FPM pool parameters to the following - I have a site that can handle several hundred visitors per minute running a heavy Magento installation:

    pm = dynamic
    # pm.max_children = (total RAM - RAM used by other process) / (average amount of RAM used by a PHP process)
    pm.max_children = 15
    # pm.start_servers = min_spare_servers + (max_spare_servers - min_spare_servers) / 2
    pm.start_servers = 5
    pm.min_spare_servers = 5
    pm.max_spare_servers = 10
    pm.max_requests = 100
    

    And then you need to restart the pools sudo service php7.0-fpm restart

Have another answer? Share your knowledge.