Nginx page is not loaded or prompt 502bad Gateway,nginx reverse proxy port number lost bad gateway what does it mean le 502 bad gateway DNF 502 Bad Gateway

Source: Internet
Author: User
Tags nginx reverse proxy

In the Nginx reverse proxy mode, the page loading is incomplete or the 502 bad gateway appears directly.

There are many cases of 502 bad Gateway, most of which are related to the setting of the Nginx timeout problem. The following is a discussion of a situation that is relatively rare but has to be noted.

Presence Environment

Nginx work in reverse proxy mode, listening to non-80 ports (this is important, listening to a non-80 port often means that the user is ready to configure multiple virtual hosts, but not limited to this situation), IP access (should be in the case of domain access, also exists, this is not verified).

Specific questions

Access to pages containing multiple elements (not just static HTML pages, the client will often request to the server multiple elements, slices, CSS format, etc.), the client access to the page is incomplete, lack of image style and other elements, return 502 Bad Gateway error.

Problem analysis

The first contact with the problem is that the value of the host field is illegal, was blocked by the backend server, the original reason for this thought is as follows:
1. Assume that the address of the Nginx listener is 1.1.1.1:2001, the address of the agent is 2.2.2.2, the proxy server is configured in upstream, as follows:
Listen 1.1.1.1:2001;

Upstream Backend1 {
Server 2.2.2.2;
}

Proxy_set_header Host $host;
Proxy_pass Http://backend1;
2. In the above configuration, through the Wireshark capture packet, the client accesses the Nginx proxy, that is, 1.1.1.1:2001, the request Host is, host:1.1.1.1, if not set Proxy_set_header, Nginx accesses the backend server Host as, Host:backend1

(Nginx Official document mentions: Allows redefining or appending fields to the request header passed to the proxied server. The value can contain text, variables, and their combinations. These directives is inherited from the previous level if and only if there is no proxy_set_header directives defined on The current level. By default, only redefined:
Proxy_set_header Host $proxy _host;
Proxy_set_header Connection close;

If Proxy_set_header host $host is set, then Nginx accesses the backend server host as 1.1.1.1. In either case, If the backend server restricts the request Package host field for security reasons (only 2.2.2.2, that is, the address of the server itself is reasonable), then any incorrect access to the host field will be denied or redirected or otherwise processed, and will not be properly accessed, so when you encounter this problem, you begin to think that it is the back-end Ser Ver made a restriction.
3. Later thinking, if the backend server really restricts access to the host field of the package, there should be no page loading, after all, there are few servers to restrict a certain part of the element. Through further packet analysis, when a client accesses a page with multiple elements for the first time, the server will tell the client the address of the other element contained in the page so that the client can continue to request it to get a full page of information. The server tells the client that the address of the other elements of the Ip:port exactly the same as Nginx and the Server Communication host field (understandable, nginx do reverse proxy), if the host does not set the port, The default is 80 (which is why the Nginx Listener 80 port is often not a problem), and the client obtains the page element based on the returned address.
4. So in the above case, if the Proxy_set_header Host $host is set, the address of other elements of the client Access page will be HTTP://1.1.1.1/..., can see, or through the Nginx proxy, But here's the problem: Nginx listens to 1.1.1.1:2001, and the new Access is 1.1.1.1:80 (HTTP port defaults to 80,HTTPS default 443), so you can't proxy requests via Nginx.

How to Solve

The solution is also very simple, is Proxy_set_header host $host:$Server_port, this will be the Nginx listening port added to.

Postscript

Although this is not a result of the server's access to the host field restrictions, but the personal view of the host field limitations is noteworthy, Nginx is also recommended for illegal host access is direct deny.

'). addclass (' pre-numbering '). Hide (); $ (this). addclass (' has-numbering '). Parent (). append ($numbering); for (i = 1; i <= lines; i++) {$numbering. Append ($ ('
  • '). Text (i)); }; $numbering. FadeIn (1700); }); });

    The above describes the Nginx page loading is incomplete or prompt 502bad Gateway,nginx reverse proxy port number is missing, including the bad gateway content, I hope that the PHP tutorial interested friends helpful.

  • Contact Us

    The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

    If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

    A Free Trial That Lets You Build Big!

    Start building with 50+ products and up to 12 months usage for Elastic Compute Service

    • Sales Support

      1 on 1 presale consultation

    • After-Sales Support

      24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.