Ever bumped into a “502 Bad Gateway” error while on the web? It’s like running into a detour sign on a road trip. Annoying, but fixable. This guide will help you understand this common online hiccup and show you how to clear the path.
By the end, you’ll know how to get things moving smoothly again.
Table of Contents
- What is the 502 Bad Gateway error?
- Common 502 error messages
- Causes of 502 Bad Gateway
- Step-by-Step Guide to Fix the Error
- Conclusion
- All HTTP Status Codes
What is the 502 Bad Gateway error?
The HTTP 502 Bad Gateway response status code indicates that your server is behind a proxy (e.g. a CDN, a Load Balancer, a Firewall, …), and it is not visible. For instance, your CDN or Firewall can’t reach your web server and your content can’t be served to the user.
Common 502 error messages
- “Error 502 Bad Gateway”
- “Proxy Error. The proxy server received an invalid response from an upstream server.”
- “502 Bad Gateway Nginx”
- “HTTP 502”
- “502 Service Temporarily Overloaded”
- “502 Server Error: The server encountered a temporary error and could not complete your request”
- “502. That’s an error. The server encountered a temporary error and could not complete your request”
- “Temporary Error (502)”
The following sections show you the causes, and how to fix the error:
Causes of 502 Bad Gateway
The 502 error means that the proxy service acting as gateway has a problem getting the content from your server. This proxy service you have in front of your site server can be a CDN, a Load Balancer, a Firewall, etc.
Here you have a list of all the different causes:
- There is a network problem between your server and your proxy service.
- Your server is blocking access to the proxy service.
- Your server is down.
- Your server is up but can’t handle more connections.
- Some server requests return an error.
- There is an invalid or incorrect DNS zone.
Step-by-Step Guide to Fix the Error
You can follow the next steps to find the cause and fix the 502 error:
1 Verify your server status:
Login to your server console or panel and verify that all web services are running.
2 Check Server Reachability:
- Temporarily disable the proxy service or skip it forcing your domain DNS zones. We describe below the two methods:
- Bypass the proxy service by pointing your domain name directly to the IP of your server.
- Use tools like SwitchHosts for Mac OSX or HostsFileEditor for Windows to modify your computer’s host file.
- Verify your server by disabling the proxy service: as an alternative , you can temporarily disable your proxy service.
- If you are using Cloudflare, you can easily disable it from the admin panel. Log in and in the right sidebar, find Quick Actions and enable “Development Mode”:
- Verify your server is reachable around the World: if you can temporarily disable the proxy service, the next recommended checkpoint is to verify if this server is reachable across different networks.
- We recommend you the Uptrends Website Uptime Test online tool:
This Uptrends tool checks your site from different country nodes. If some check fails, this will help you identify potential network problems.
3 Inspect your server load
If your web server reaches its limit, it can’t answer any more requests, and the Gateway delivers the status code 502 Bad Gateway.
Look into:
- Traffic patterns: look for unexpectedly high interest pages.
- Potential DDoS attacks: this means that an attacker is using a bot network to help overload the server capacity and provoke a system failure.
- Cache settings: your proxy service, CDN, or Load Balancer may be ready to handle high volumes of traffic, but that doesn’t mean your web server is. With WordPress websites, it is extremely easy to overload the server, since there are many pages with high processing time and that we cannot serve from cache.
The best solution in case of non-legit traffic is to be protected by a CDN or Firewall service capable of filtering traffic, and ready to deal with DoS and DDoS attacks.
If your traffic is legit, the solutions are:
- Add cache to your site.
- If a cache system is not enough, then add more resources to your server.
- If you cannot financially face the increase in resources, the final option is to lighten your website. If you work with WordPress, reduce the number of plugins to the essential minimum.
As WordPress specialists, we know how important it is to add strong measures of security.
Shared security heuristic learning,
We apply three techniques to filter traffic:
Blacklisting from external sources and
Mitigation of DDoS attacks.
4 Review Hosting Resource Limits
If your website is in a shared hosting, check that you’re not overstepping resource limits.
The establishment of limits is not something that you can find among the functionalities of a “shared hosting”. But keep in mind that to preserve coexistence between all the sites on a shared server, it is very common for the provider to set limits on processing time, on the number of “php workers” and on traffic.
5 Check CDN or Proxy Service Status
This networking access problem could be a problem with your proxy service. Check the status service page of your proxy service.
This is a list of “Status Pages” of main providers of Load Balancing, CDN, and Security services:
- Cloudflare status page
- Sucuri status
- KeyCDN status
- StackPath status
- Google cloud services status
- Amazon Cloudfront status
6 Inspect server firewall
If your web server has a local firewall: “iptables”, “Uncomplicated Firewall – UFU”, “CSF Firewall”, “Fail2ban”, “FireHOL”, … Then it could be this firewall that is blocking the access to your proxy service.
Inspect the firewall.
The best solution, in this case, is to add your proxy service IP addresses to the whitelist system of your firewall.
For instance, we use and recommend Cloudflare as a CDN and security reverse proxy. To prevent “502 Bad Gateway” error problems, our server firewalls have the public list of Cloudflare’s IP addresses in the whitelist’s system.
7 Review DNS Settings
If you are in the process of publishing your domain or modifying it, the problem could be in the DNS
To fix the 502 error due to a DNS problem follow this checklist:
- If you have just migrated your site to a new host, is it important to wait for DNS zones to fully propagate, which can take up to 24 hours in some cases. This depends on the TTL value of your DNS records.
- The domain name is not resolving to the correct IP or it does not resolve to any IP. Verify your DNS zone definition according to the instructions provided by your proxy service: CDN, Load Balancer, Security Service, …
8 Database Inspection
If you made it this far and none of the above methods work, chances are that the error is caused by an error in your web, or application in a specific page or URL request.
First, you have to check the database health:
- look for errors in log files
- repair and/or optimize tables and indexes.
9 Analyze Website or Application
If your database is ok, the final solution to fix the 502 error on a specific web page or URL is to debug your site.
If your site is running with WordPress, try this: disable all your plugins, if the problem disappears, then your 502 error is caused by a WordPress Plugin.
Do not break your production site!
To clone a WordPress site with Wetopi is as easy as a simple click.
Staging environments are the solution!
To find the plugin causing the problem, we recommend following this process:
- Disable all your plugins.
- Check the page that gives you the HTTP Error.
- If the page Works, then enable one plugin from the disabled list and jump to the previous step 2.
- If the page Fails, then this last enabled plugin could be the one causing the HTTP Error.
Conclusion
Addressing a 502 Bad Gateway Error promptly is crucial for maintaining a seamless user experience. This guide aims to provide comprehensive solutions, but always consider seeking expert help if the problem persists.
Remember to periodically review and update your server and application configurations to prevent such errors in the future.
Don’t you have an account on Wetopi?
Free full performance servers for your development and test.
No credit card required.
All HTTP Status Codes
200 OK
201 Created
202 Accepted
203 Non-Authoritative Information
204 No Content
205 Reset Content
206 Partial Content
207 Multi-Status
208 Already Reported
226 IM Used
300 Multiple Choices
301 Moved Permanently
302 Found
303 See Other
304 Not Modified
305 Use Proxy
307 Temporary Redirect
308 Permanent Redirect
402 Payment Required
404 Not Found
406 Not Acceptable
407 Proxy Authentication Required
408 Request Timeout
409 Conflict
411 Length Required
412 Precondition Failed
413 Payload Too Large
414 Request-URI Too Long
415 Unsupported Media Type
416 Requested Range Not Satisfiable
417 Expectation Failed
418 I’m A Teapot
421 Misdirected Request
422 Unprocessable Entity
423 Locked
424 Failed Dependency
426 Upgrade Required
428 Precondition Required
429 Too Many Requests
431 Request Header Fields Too Large
444 Connection Closed Without Response
451 Unavailable For Legal Reasons
501 Not Implemented
505 HTTP Version Not Supported
506 Variant Also Negotiates
507 Insufficient Storage
508 Loop Detected
510 Not Extended
511 Network Authentication Required
599 Network Connect Timeout Error