Understand the the HTTP 502 Bad Gateway error: What are the causes and how to fix them.
Table of Contents
- What is the 502 Bad Gateway error?
- 502 Bad Gateway causes
How to fix the 502 Bad gateway error code
- 1 Verify your server is up and running
- 2 Verify your server is reachable
- 3 Verify your server load
- 4 Verify the resource limits of your hosting
- 5 Check the CDN or proxy service status
- 6 Inspect your server firewall
- 7 Inspect the DNS
- 8 Check your Database
- 9 Check your WordPress or application
- All HTTP Status Codes
What is the 502 Bad Gateway error?
The HTTP 502 Bad Gateway response status code indicates that your server is behind a proxy (e.g. a CDN, a Load Balancer, a Firewall, …), and it is not visible. For instance, your CDN or Firewall can’t reach your web server and your content can’t be served to the user.
Different 502 error messages
- “Error 502 Bad gateway”
- “Proxy Error. The proxy server received an invalid response from an upstream server.”
- “502 Bad Gateway Nginx”
- “HTTP 502”
- “502 Service Temporarily Overloaded”
- “502 Server Error: The server encountered a temporary error and could not complete your request”
- “502. That’s an error. The server encountered a temporary error and could not complete your request”
- “Temporary Error (502)”
The following sections show you the causes, and how to fix the error:
502 Bad Gateway causes
The 502 error means that the proxy service acting as Gateway has a problem getting the content from your server. This proxy service you have in front of your site server can be a CDN, a Load Balancer, a Firewall, etc.
Here you have a list of all the different causes:
- There is a network problem between your server and your proxy service.
- Your server is blocking access to the proxy service.
- Your server is down.
- Your server is up but can’t handle more connections.
- Some server requests return an error.
- There is an invalid or incorrect DNS zone.
How to fix the 502 Bad gateway error code
You can follow the next steps to find and fix the 502 error:
1 Verify your server is up and running
This is the first step you have to verify. Login to your server console or panel and verify that all web services are running.
2 Verify your server is reachable
Temporarily disable the proxy service or skip it forcing your domain DNS zones. We describe below the two methods:
Verify your server bypassing your proxy service
You can bypass the proxy service by pointing your domain name directly to the IP of your server.
You can force the DNS zones, modifying the host file of your computer.
You have tools to help you like:
SwitchHosts for Mac OSX or
HostsFileEditor for Windows.
Verify your server by disabling the proxy service
As an alternative to verify if your server is reachable, you can temporarily disable your proxy service.
If you are using Cloudflare, you can easily disable it from the admin panel. Log in and in the right sidebar, find Quick Actions and enable “Development Mode”:
Verify your server is reachable around the World
If you can temporarily disable the proxy service, the next recommended checkpoint is to verify if this server is reachable across different networks.
We recommend you the Uptrends Website Uptime Test online tool:
This Uptrends tool checks your site from different country nodes. If some check fails, this will help you identify potential network problems.
3 Verify your server load
If your web server reaches its limit, it can’t answer any more requests, and the gateway delivers the status code 502 Bad Gateway. The reason could be an unexpectedly high interest in the site or even a DDoS attack. This means that an attacker is using a bot network to help overload the server capacity and provoke a system failure.
Your proxy service, CDN, or Load Balancer may be ready to handle high volumes of traffic, but that doesn’t mean your web server is. With WordPress websites, it is extremely easy to overload the server, since there are many pages with high processing time and that we cannot serve from cache.
The best solution in case of non-legit traffic is to be protected by a CDN or Firewall service capable of filtering traffic, and ready to deal with DoS and DDoS attacks.
At Wetopi, as WordPress specialists, we know how important it is to add strong measures of security.Shared security heuristic learning,
We apply three techniques to filter traffic:
Blacklisting from external sources and
Mitigation of DDoS attacks.
If your traffic is legit, the solutions are obvious:
- Add cache to your site.
- If a cache system is not enough, then add more resources to your server.
- If you cannot financially face the increase in resources, the final option is to lighten your website. If you work with WordPress, reduce the number of plugins to the essential minimum.
4 Verify the resource limits of your hosting
If your website is in a shared hosting, check that you’re not overstepping resource limits.
The establishment of limits is not something that you can find among the functionalities of a “shared hosting”. But keep in mind that to preserve coexistence between all the sites on a shared server, it is very common for the provider to set limits on processing time, on the number of “php workers” and on traffic.
One reason you might want to consider moving to a Hosting like Wetopi is that each WordPress installation runs in an isolated host that contains all of the software resources required to run the site (Linux, Nginx, Php-fpm, MySQL). This means that the software that runs each site is 100% private and is not shared, even between your own WordPress sites.
5 Check the CDN or proxy service status
This networking access problem could be a problem with your proxy service. Check the status service page of your proxy service.
This is a list of “Status Pages” of main providers of Load Balancing, CDN, and Security services:
- Cloudflare status page
- Sucuri status
- KeyCDN status
- StackPath status
- Google cloud services status
- Amazon Cloudfront status
6 Inspect your server firewall
If your web server has a local firewall: “iptables”, “Uncomplicated Firewall – UFU”, “CSF Firewall”, “Fail2ban”, “FireHOL”, … Then it could be this firewall that is blocking the access to your proxy service.
Inspect the firewall.
The best solution, in this case, is to add your proxy service IP addresses to the whitelist system of your firewall.
For instance, at Wetopi, we use and recommend Cloudflare as a CDN and security reverse proxy. To prevent “502 Bad Gateway” error problems, our server firewalls have the public list of Cloudflare’s IP addresses in the whitelist’s system.
7 Inspect the DNS
If you are in the process of publishing your domain or modifying it, the problem could be in the DNS
To fix the 502 error due to a DNS problem follow this checklist:
- If you have just migrated your site to a new host, is it important to wait for DNS zones to fully propagate, which can take up to 24 hours in some cases. This depends on the TTL value of your DNS records.
- The domain name is not resolving to the correct IP or it does not resolve to any IP. Verify your DNS zone definition according to the instructions provided by your proxy service: CDN, Load Balancer, Security Service, …
8 Check your Database
If you made it this far and none of the above methods work, chances are that the error is caused by an error in your web, or application in a specific page or URL request.
First, you have to check the database health:
- look for errors in log files
- repair and/or optimize tables and indexes.
9 Check your WordPress or application
If your database is ok, the final solution to fix the 502 error on a specific web page or URL is to debug your site.
If your site is running with WordPress, try this: disable all your plugins, if the problem disappears, then your 502 error is caused by a WordPress Plugin.
Do not break your production site!To clone a WordPress site with Wetopi is as easy as a simple click.
Staging environments are the solution!
To find the plugin causing the problem, we recommend following this process:
- Disable all your plugins.
- Check the page that gives you the HTTP Error.
- If the page Works, then enable one plugin from the disabled list and jump to the previous step 2.
- If the page Fails, then this last enabled plugin could be the one causing the HTTP Error.
We are techies passionate about WordPress. With wetopi, a Managed WordPress Hosting, we want to minimize the friction that every professional faces when working and hosting WordPress projects.
Not a wetopi user?
Free full performance servers for your development and test.
No credit card required.
All HTTP Status Codes
203 Non-Authoritative Information
204 No Content
205 Reset Content
206 Partial Content
208 Already Reported
226 IM Used
300 Multiple Choices
301 Moved Permanently
303 See Other
304 Not Modified
305 Use Proxy
307 Temporary Redirect
308 Permanent Redirect
400 Bad Request
402 Payment Required
404 Not Found
406 Not Acceptable
407 Proxy Authentication Required
408 Request Timeout
411 Length Required
412 Precondition Failed
413 Payload Too Large
414 Request-URI Too Long
415 Unsupported Media Type
416 Requested Range Not Satisfiable
417 Expectation Failed
418 I’m A Teapot
421 Misdirected Request
422 Unprocessable Entity
424 Failed Dependency
426 Upgrade Required
428 Precondition Required
429 Too Many Requests
431 Request Header Fields Too Large
444 Connection Closed Without Response
451 Unavailable For Legal Reasons
500 Internal Server Error
501 Not Implemented
505 HTTP Version Not Supported
506 Variant Also Negotiates
507 Insufficient Storage
508 Loop Detected
510 Not Extended
511 Network Authentication Required
599 Network Connect Timeout Error