Symptoms
- If Nginx is enabled, all sites return the following error:
504 Gateway Timeout error
502 Bad gateway
- Fail2ban is not installed or disabled;
- Apache and nginx services are running;
- There are the following records in
/var/log/httpd/error_log
:upstream timed out (110: Connection timed out) while reading response header from upstream
- There are the following records in
/var/www/vhosts/example.com/logs/proxy_error_log
:2018/01/25 07:41:57 [error] 18625#0: *8 connect() failed (111: Connection refused) while connecting to upstream
Cause
Firewall blocks local connection on port 7080 and 7081, so Nginx is unable to connect to Apache.
Resolution
- Install Plesk Firewall if it is not installed How to install Plesk Firewall
- Go to Plesk > Tools & Settings > Firewall > Modify Plesk Firewall Rules >Add Custom Rule and allow 7080/7081 ports for all external IP addresses for Incoming/Outgoing.
Click on a section to expand
Adding rules directly from the server
- To do this manually, connect to the server via SSH
Note: if direct SSH access to the server is not possible, contact server administrator for further assistance.
- Add rules using the commands below:
# iptables -A INPUT -s 10.10.10.10 -p tcp -m tcp --dport 7081 -j ACCEPT
# iptables -A INPUT -s 10.10.10.10 -p tcp -m tcp --dport 7080 -j ACCEPT
# iptables -A OUTPUT -s 10.10.10.10 -p tcp -m tcp --sport 7081 -j ACCEPT
# iptables -A OUTPUT -s 10.10.10.10 -p tcp -m tcp --sport 7080 -j ACCEPT