502 Bad Gateway Error, Quick guide to fix it (Updated)

502 Bad Gateway Error, Quick guide to fix it (Updated)

Understand the the HTTP 502 Bad Gateway error: What are the causes and how to fix them.

Table of Contents

What is the 502 Bad Gateway error?

The HTTP 502 Bad Gateway response status code indicates that your server is behind a proxy (e.g. a CDN, a Load Balancer, a Firewall, …), and it is not visible. For instance, your CDN or Firewall can’t reach your web server and your content can’t be served to the user.

Error 502 Bad Gateway sent by Cloudflare
Bad gateway error screen from Cloudflare

Different 502 error messages

  • “Error 502 Bad gateway”
  • “Proxy Error. The proxy server received an invalid response from an upstream server.”
  • “502 Bad Gateway Nginx”
  • “HTTP 502”
  • “502 Service Temporarily Overloaded”
  • “502 Server Error: The server encountered a temporary error and could not complete your request”
  • “502. That’s an error. The server encountered a temporary error and could not complete your request”
  • “Temporary Error (502)”
502. That’s an error. The server encountered a temporary error and could not complete your request
502 Bad Gateway when the website or service is behind google proxies.

The following sections show you the causes, and how to fix the error:

502 Bad Gateway causes

The 502 error means that the proxy service acting as Gateway has a problem getting the content from your server. This proxy service you have in front of your site server can be a CDN, a Load Balancer, a Firewall, etc.

Here you have a list of all the different causes:

  • There is a network problem between your server and your proxy service.
  • Your server is blocking access to the proxy service.
  • Your server is down.
  • Your server is up but can’t handle more connections.
  • Some server requests return an error.
  • There is an invalid or incorrect DNS zone.

How to fix the 502 Bad gateway error code

You can follow the next steps to find and fix the 502 error:

1 Verify your server is up and running

This is the first step you have to verify. Login to your server console or panel and verify that all web services are running.

2 Verify your server is reachable

Temporarily disable the proxy service or skip it forcing your domain DNS zones. We describe below the two methods:

Verify your server bypassing your proxy service

You can bypass the proxy service by pointing your domain name directly to the IP of your server.

You can force the DNS zones, modifying the host file of your computer.

You have tools to help you like:
SwitchHosts for Mac OSX or
HostsFileEditor for Windows.

Verify your server by disabling the proxy service

As an alternative to verify if your server is reachable, you can temporarily disable your proxy service.

If you are using Cloudflare, you can easily disable it from the admin panel. Log in and in the right sidebar, find Quick Actions and enable “Development Mode”:

Enable the Development Mode in Cloudflare.
Enable the Development Mode in Cloudflare to disable the proxy and serve pages directly from your server.

Verify your server is reachable around the World

If you can temporarily disable the proxy service, the next recommended checkpoint is to verify if this server is reachable across different networks.

We recommend you the Uptrends Website Uptime Test online tool:

Uptrends Website Uptime Test result
Verify your site is ok from different network points.

This Uptrends tool checks your site from different country nodes. If some check fails, this will help you identify potential network problems.

3 Verify your server load

If your web server reaches its limit, it can’t answer any more requests, and the gateway delivers the status code 502 Bad Gateway. The reason could be an unexpectedly high interest in the site or even a DDoS attack. This means that an attacker is using a bot network to help overload the server capacity and provoke a system failure.

Your proxy service, CDN, or Load Balancer may be ready to handle high volumes of traffic, but that doesn’t mean your web server is. With WordPress websites, it is extremely easy to overload the server, since there are many pages with high processing time and that we cannot serve from cache.

The best solution in case of non-legit traffic is to be protected by a CDN or Firewall service capable of filtering traffic, and ready to deal with DoS and DDoS attacks.

At Wetopi, as WordPress specialists, we know how important it is to add strong measures of security.
We apply three techniques to filter traffic:

Shared security heuristic learning,
Blacklisting from external sources and
Mitigation of DDoS attacks.

If your traffic is legit, the solutions are obvious:

  • Add cache to your site.
  • If a cache system is not enough, then add more resources to your server.
  • If you cannot financially face the increase in resources, the final option is to lighten your website. If you work with WordPress, reduce the number of plugins to the essential minimum.

4 Verify the resource limits of your hosting

If your website is in a shared hosting, check that you’re not overstepping resource limits.

The establishment of limits is not something that you can find among the functionalities of a “shared hosting”. But keep in mind that to preserve coexistence between all the sites on a shared server, it is very common for the provider to set limits on processing time, on the number of “php workers” and on traffic.

One reason you might want to consider moving to a Hosting like Wetopi is that each WordPress installation runs in an isolated host that contains all of the software resources required to run the site (Linux, Nginx, Php-fpm, MySQL). This means that the software that runs each site is 100% private and is not shared, even between your own WordPress sites.

5 Check the CDN or proxy service status

This networking access problem could be a problem with your proxy service. Check the status service page of your proxy service.

This is a list of “Status Pages” of main providers of Load Balancing, CDN, and Security services:

6 Inspect your server firewall

If your web server has a local firewall: “iptables”, “Uncomplicated Firewall – UFU”, “CSF Firewall”, “Fail2ban”, “FireHOL”, … Then it could be this firewall that is blocking the access to your proxy service.

Inspect the firewall.

iptables blocking different IP addresses.
In this example, iptables is blocking traffic from different IP addresses.

The best solution, in this case, is to add your proxy service IP addresses to the whitelist system of your firewall.

For instance, at Wetopi, we use and recommend Cloudflare as a CDN and security reverse proxy. To prevent “502 Bad Gateway” error problems, our server firewalls have the public list of Cloudflare’s IP addresses in the whitelist’s system.

7 Inspect the DNS

If you are in the process of publishing your domain or modifying it, the problem could be in the DNS

To fix the 502 error due to a DNS problem follow this checklist:

  • If you have just migrated your site to a new host, is it important to wait for DNS zones to fully propagate, which can take up to 24 hours in some cases. This depends on the TTL value of your DNS records.
  • The domain name is not resolving to the correct IP or it does not resolve to any IP. Verify your DNS zone definition according to the instructions provided by your proxy service: CDN, Load Balancer, Security Service, …

8 Check your Database

If you made it this far and none of the above methods work, chances are that the error is caused by an error in your web, or application in a specific page or URL request.

First, you have to check the database health:

  • look for errors in log files
  • repair and/or optimize tables and indexes.
Repair database tables from phpMyAdmin panel
This picture shows you how to repair your MariaDB/MySQL database tables from the phpMyAdmin panel.

9 Check your WordPress or application

If your database is ok, the final solution to fix the 502 error on a specific web page or URL is to debug your site.

If your site is running with WordPress, try this: disable all your plugins, if the problem disappears, then your 502 error is caused by a WordPress Plugin.

If during a test, you don’t want to break your production site:

Clone your server to create a Staging environment!

To clone a WordPress site with Wetopi is as easy as a simple click.

To find the plugin causing the problem, we recommend following this process:

  1. Disable all your plugins.
  2. Check the page that gives you the HTTP Error.
  3. If the page Works, then enable one plugin from the disabled list and jump to the previous step 2.
  4. If the page Fails, then this last enabled plugin could be the one causing the HTTP Error.

We are techies passionate about WordPress. With wetopi, a Managed WordPress Hosting, we want to minimize the friction that every professional faces when working and hosting WordPress projects.

Not a wetopi user?

Free full performance servers for your development and test.
No credit card required.

All HTTP Status Codes

200 OK

201 Created

202 Accepted

203 Non-Authoritative Information

204 No Content

205 Reset Content

206 Partial Content

207 Multi-Status

208 Already Reported

226 IM Used

300 Multiple Choices

301 Moved Permanently

302 Found

303 See Other

304 Not Modified

305 Use Proxy

307 Temporary Redirect

308 Permanent Redirect

400 Bad Request

401 Unauthorized

402 Payment Required

403 Forbidden

404 Not Found

405 Method Not Allowed

406 Not Acceptable

407 Proxy Authentication Required

408 Request Timeout

409 Conflict

410 Gone

411 Length Required

412 Precondition Failed

413 Payload Too Large

414 Request-URI Too Long

415 Unsupported Media Type

416 Requested Range Not Satisfiable

417 Expectation Failed

418 I’m A Teapot

421 Misdirected Request

422 Unprocessable Entity

423 Locked

424 Failed Dependency

426 Upgrade Required

428 Precondition Required

429 Too Many Requests

431 Request Header Fields Too Large

444 Connection Closed Without Response

451 Unavailable For Legal Reasons

499 Client Closed Request

500 Internal Server Error

501 Not Implemented

502 Bad Gateway

503 Service Unavailable

504 Gateway Timeout

505 HTTP Version Not Supported

506 Variant Also Negotiates

507 Insufficient Storage

508 Loop Detected

510 Not Extended

511 Network Authentication Required

599 Network Connect Timeout Error

See how Wetopi stacks up against your current hosting

Migrating sites to us is free and completely effortless on your part.

No hidden small text.
No commitments.
No credit card.

Try before you buy.