Hello, I'm asking for your help to fix frequent Error 502 pages on a new install of ISPConfig (latest ISPConfig on new Ubuntu 22.04, done 4 days ago.) I've been using ISPConfig for a few years & still learning. I'm not techy, but can follow step-by-step guides from you if you need further info. I replaced some long report text with "..." (2k char limit/post) Thanks ** Server, Installation, & Error Info ** #1. VPS: 3 CPUs, 2GB RAM, lots of disk space. Ubuntu server generally is using about 0.62 / 1.93 GB. Testing several WordPress sites or running WP backup, max RAM: 1.70 GB of 1.93 GB. #2. Installed Ubuntu 22.04 #3. Used automated install to prep Ubuntu 22.04 with Nginx, MariaDb... Tutorial: "Perfect Server Automated ...Ubuntu 22.04" https://www.howtoforge.com/ispconfig-autoinstall-debian-ubuntu/ Auto-install command: Code: wget -O - https://get.ispconfig.org | sh -s -- --use-nginx --use-ftp-ports=40110-40210 --unattended-upgrades #4. Firewall ports as instructed. #4.b. This new ISPConfig system, I use Directive Snippets by Til: For NGINX Code: client_max_body_size 100M; location / { try_files $uri $uri/ /index.php?$args; } # Add trailing slash to */wp-admin requests. rewrite /wp-admin$ $scheme://$host$uri/ permanent; location ~* \.(jpg|jpeg|png|gif|css|js|ico)$ { expires max; log_not_found off; } For PHP Code: display_errors = On post_max_size = 99M upload_max_filesize = 255M max_execution_time = 220 memory_limit = 256M max_input_vars = 2000 All WP sites in ISPConfig use above 2 Directive Snippets. #5. Created 9 new sites with ISPconfig. 5 sites are WP with databases. Restored WP sites that were running on earlier versions of Ubuntu (with NGINX) and latest version of ISPconfig. Used Duplicator Pro plugin (by Snapcreek). PHP-FPM, PHP v7.4 on 4 sites. PHP v5.6 on 1 site. All have LetsEncrypt SSL certs. #5.a. Some sites, when restored using the Duplicator install.php script showed "Warnings": .. Warning 1 - Character Set & Collation Support (Continued. I only use English in the sites & no special chars) Code: STATUS character set and collation isn't supported on current database. "Legacy Character set" and "Legacy Collation" will be replaced with default values. DETAILS This test checks to make sure this database can support the character set and collations found in the dup-installer/dup database_[HASH].sql script. Character set list utf8mb4 utf8 Collations list GE3 GD utf8_general_ci (ID utf8mb4_general_ci Ge33 utf8mb4_unicode_520_ci (233 utf8mb4_unicode_ci (e3 The DB where the package was created has a character set & collation that is not supported on this server. This issue happens when a site is moved from an newer version of MySQL to a older version of MySQL. The recommended fix is to update MySQL on this server to support the character set that is failing below. If this is not an option for your host, then you can continue the installation. Invalid values will be replaced with the default values. For more details about this issue and other details regarding this issue see the FAQ link below. Default charset and setting in current installation DB_CHARSET = utf8mb4 DB_COLLATE = utf8mb4_general_ci .. Warning 2 - Can't extract files (proceeded with install of backup and websites working correctly) .. FILE: stats/index.php .. Message: Error opening /var/www/clients/client1/web8/web/stats/index.php .. The /stats/index.php file is there, a 3kb file. ** ALL SITES WORK but ERROR 502 is often displayed ** To recreate the ERROR 502: (A) After REBOOT of Ubuntu v22, ALL sites (WP & Static HTML sites) work OK. (B) Eventually after page accesses by web browser or running heavy processes (such as a new WP site backup: Duplicator Pro plugin), ALL of the WP sites show ERROR 502 page. But static HTML sites continue to work successfully. (C) Before reboot (so that ALL sites work again) I run tests: systemctl status nginx Code: root@u22:~# systemctl status nginx ● nginx.service - A high performance web server & a reverse proxy server Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled) Active: active (running) since Tue 2023-03-28 22:20:21 UTC; 1h 1min ago Docs: man:nginx(8) Process: 800 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=0/SUCCESS) Process: 912 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS) Process: 4112 ExecReload=/usr/sbin/nginx -g daemon on; master_process on; -s reload (code=exited, status=0/SUCCESS) ... CGroup: /system.slice/nginx.service ├─ 926 "nginx: master process /usr/sbin/nginx -g daemon on; master_process on;" ├─4119 "nginx: worker process" "" ... "" "" └─4120 "nginx: worker process" "" ... "" "" Mar 28 22:20:20 u22 systemd[1]: Starting A … proxy server... ... Mar 28 22:32:02 u22 systemd[1]: Reloaded … proxy server. root@u22:~# ps aux | grep php-fpm Code: root@u22:~# ps aux | grep php-fpm root 673 0.0 0.8 189972 16444 ? Ss 22:20 0:00 php-fpm: master process (/etc/php/5.6/fpm/php-fpm.conf) root 674 0.0 1.0 189736 20632 ? Ss 22:20 0:00 php-fpm: master process (/etc/php/7.0/fpm/php-fpm.conf) ... root 680 0.0 0.6 257836 12704 ? Ss 22:20 0:00 php-fpm: master process (/etc/php/7.4/fpm/php-fpm.conf) root 681 0.0 0.6 254456 13608 ? Ss 22:20 0:00 php-fpm: master process (/etc/php/8.0/fpm/php-fpm.conf) root 682 0.0 0.6 259840 12576 ? Ss 22:20 0:00 php-fpm: master process (/etc/php/8.1/fpm/php-fpm.conf) www-data 829 0.0 0.4 259056 8528 ? S 22:20 0:00 php-fpm: pool www www-data 830 0.0 0.4 259056 8528 ? S 22:20 0:00 php-fpm: pool www ispapps 832 0.0 0.4 259700 8204 ? S 22:20 0:00 php-fpm: pool apps-{fpm_domain} web1 833 0.7 2.2 337836 44960 ? S 22:20 0:29 php-fpm: pool web1 ispapps 835 0.0 0.4 259700 8204 ? S 22:20 0:00 php-fpm: pool apps-{fpm_domain} ispconf+ 836 0.0 1.0 260804 20436 ? S 22:20 0:01 php-fpm: pool ispconfig web1 839 0.7 2.2 337756 44820 ? S 22:20 0:30 php-fpm: pool web1 ... web6 843 0.4 4.5 338920 92972 ? S 22:20 0:18 php-fpm: pool web6 … web9 22232 0.0 1.4 260384 30240 ? S 23:13 0:00 php-fpm: pool web9 root 27076 0.0 0.0 7004 2008 pts/1 R+ 23:25 0:00 grep --color=auto php-fpm root@u22:~# cat htf_report.txt | more Code: root@u22:~# wget -q -O htf-common-issues.php "http://gitplace.net/pixcept/ispconfig-tools/raw/stable/htf-common-issues.php" && php -q htf-common-issues.php ## SCRIPT FINISHED ## root@u22:~# cat htf_report.txt | more ## SERVER ## IP-address (as per hostname): ***.***.***.*** [WARN] could not determine server's ip address by ifconfig [INFO] OS version is Ubuntu 22.04 [INFO] uptime: 21:55:56 up 11 min, 2 users, load average: 0.30, 0.22, 0.16 [INFO] memory: total used free shared buff/cache available Mem: 1.9Gi 1.6Gi 73Mi 171Mi 225Mi 23Mi Swap: 0B 0B 0B [INFO] systemd failed services status: UNIT LOAD ACTIVE SUB DESCRIPTION ● clamav-daemon.service loaded failed ...Clam AntiVirus userspace daemon ● snap.lxd.activate.service loaded failed ...Service for snap application lxd.activate LOAD = Reflects … ACTIVE = The high-level … SUB = The low-leve… 2 loaded units listed. [INFO] ISPConfig installed. ## ISPCONFIG ## ISPConfig version is 3.2.9p1 ## VERSION CHECK ## [INFO] php (cli) version is 8.1 [INFO] php-cgi (used for cgi php in default vhost!) is version 8.1 ## RUNNING SERVER PROCESSES ## [INFO] I found the following web server(s): Unknown process (nginx:) (PID 924) … ## LISTENING PORTS ## (only () Local (Address) [localhost]:6379 (682/redis-server) ... [anywhere]:465 (1525/master) [localhost]:53 (756/named) [localhost]:53 (756/named) [anywhere]:443 (924/nginx:) ... [anywhere]:80 (924/nginx:) [anywhere]:25 (1525/master) [anywhere]:22 (742/sshd:) [anywhere]:21 (1028/pure-ftpd) [anywhere]:3306 (816/mariadbd) ... [anywhere]:8080 (924/nginx:) [anywhere]:8081 (924/nginx:) [anywhere]:587 (1525/master) [localhost]:11211 (664/memcached) [localhost]:953 (756/named) [localhost]:953 (756/named) ***.***.***.***:53 (756/named) ***.***.***.***:53 (756/named) [localhost]:6010 (2627/sshd:) ***.***.***.***:53 (616/systemd-resolve) [localhost]:10023 (929/postgrey) ***.***.***.***:40110 (1682/pure-ftpd) ... *:*:*:*::*:53 (756/named) *:*:*:*::*:53 (756/named) *:*:*:*::*:6379 (682/redis-server) *:*:*:*::*:465 (1525/master) *:*:*:*::*:443 (924/nginx:) ... *:*:*:*::*:80 (924/nginx:) *:*:*:*::*:25 (1525/master) *:*:*:*::*:22 (742/sshd:) *:*:*:*::*:21 (1028/pure-ftpd) *:*:*:*::*:3306 (816/mariadbd) ... *:*:*:*::*:53 (756/named) *:*:*:*::*:53 (756/named) *:*:*:*::*:8080 (924/nginx:) *:*:*:*::*:8081 (924/nginx:) *:*:*:*::*:587 (1525/master) *:*:*:*::*:6010 (2627/sshd:) *:*:*:*::*:10023 (929/postgrey) *:*:*:*::*184d:e9ff:fe96:53 (756/named) *:*:*:*::*184d:e9ff:fe96:53 (756/named) *:*:*:*::*:953 (756/named) *:*:*:*::*:953 (756/named) ## IPTABLES ## Chain INPUT (policy DROP) target prot opt source destination ufw-before-logging-input all -- [anywhere]/0 [anywhere]/0 ... ufw-track-input all -- [anywhere]/0 [anywhere]/0 Chain FORWARD (policy DROP) target prot opt source destination ufw-before-logging-forward all -- [anywhere]/0 [anywhere]/0 ufw-before-forward all -- [anywhere]/0 [anywhere]/0 ufw-after-forward all -- [anywhere]/0 [anywhere]/0 ufw-after-logging-forward all -- [anywhere]/0 [anywhere]/0 ufw-reject-forward all -- [anywhere]/0 [anywhere]/0 ufw-track-forward all -- [anywhere]/0 [anywhere]/0 Chain OUTPUT (policy ACCEPT) target prot opt source destination ufw-before-logging-output all -- [anywhere]/0 [anywhere]/0 ufw-before-output all -- [anywhere]/0 [anywhere]/0 ufw-after-output all -- [anywhere]/0 [anywhere]/0 ufw-after-logging-output all -- [anywhere]/0 [anywhere]/0 ufw-reject-output all -- [anywhere]/0 [anywhere]/0 ufw-track-output all -- [anywhere]/0 [anywhere]/0 Chain ufw-after-forward (1 references) target prot opt source destination Chain ufw-after-input (1 references) target prot opt source destination ufw-skip-to-policy-input udp -- [anywhere]/0 [anywhere]/0 udp dpt:137 … ufw-skip-to-policy-input all -- [anywhere]/0 [anywhere]/0 ADDRTYPE match dst-type BROADCAST Chain ufw-after-logging-forward (1 references) target prot opt source destination LOG all -- [anywhere]/0 [anywhere]/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] " Chain ufw-after-logging-input (1 references) target prot opt source destination LOG all -- [anywhere]/0 [anywhere]/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] " Chain ufw-after-logging-output (1 references) target prot opt source destination Chain ufw-after-output (1 references) target prot opt source destination Chain ufw-before-forward (1 references) target prot opt source destination ACCEPT all -- [anywhere]/0 [anywhere]/0 ctstate RELATED,ESTABLISHED ACCEPT icmp -- [anywhere]/0 [anywhere]/0 icmptype 3 … ACCEPT icmp -- [anywhere]/0 [anywhere]/0 icmptype 8 ufw-user-forward all -- [anywhere]/0 [anywhere]/0 Chain ufw-before-input (1 references) target prot opt source destination ACCEPT all -- [anywhere]/0 [anywhere]/0 ACCEPT all -- [anywhere]/0 [anywhere]/0 ctstate RELATED,ESTABLISHED ufw-logging-deny all -- [anywhere]/0 [anywhere]/0 ctstate INVALID DROP all -- [anywhere]/0 [anywhere]/0 ctstate INVALID … ACCEPT udp -- [anywhere]/0 [anywhere]/0 udp spt:67 dpt:68 ufw-not-local all -- [anywhere]/0 [anywhere]/0 ACCEPT udp -- [anywhere]/0 ***.***.***.*** udp dpt:5353 ACCEPT udp -- [anywhere]/0 ***.***.***.*** udp dpt:1900 ufw-user-input all -- [anywhere]/0 [anywhere]/0 Chain ufw-before-logging-forward (1 references) target prot opt source destination Chain ufw-before-logging-input (1 references) target prot opt source destination Chain ufw-before-logging-output (1 references) target prot opt source destination Chain ufw-before-output (1 references) target prot opt source destination ACCEPT all -- [anywhere]/0 [anywhere]/0 ACCEPT all -- [anywhere]/0 [anywhere]/0 ctstate RELATED,ESTABLISHED ufw-user-output all -- [anywhere]/0 [anywhere]/0 Chain ufw-logging-allow (0 references) target prot opt source destination LOG all -- [anywhere]/0 [anywhere]/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW ALLOW] " Chain ufw-logging-deny (2 references) target prot opt source destination RETURN all -- [anywhere]/0 [anywhere]/0 ctstate INVALID limit: avg 3/min burst 10 LOG all -- [anywhere]/0 [anywhere]/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] " Chain ufw-not-local (1 references) target prot opt source destination … ufw-logging-deny all -- [anywhere]/0 [anywhere]/0 limit: avg 3/min burst 10 DROP all -- [anywhere]/0 [anywhere]/0 Chain ufw-reject-forward (1 references) target prot opt source destination Chain ufw-reject-input (1 references) ... Chain ufw-skip-to-policy-output (0 references) target prot opt source destination ... target prot opt source destination ACCEPT tcp -- [anywhere]/0 [anywhere]/0 ctstate NEW ACCEPT udp -- [anywhere]/0 [anywhere]/0 ctstate NEW Chain ufw-user-forward (1 references) target prot opt source destination Chain ufw-user-input (1 references) target prot opt source destination ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:21 ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:22 … ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:4190 ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:8080 ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:8081 ACCEPT tcp -- [anywhere]/0 [anywhere]/0 multiport dports 40110:40210 ACCEPT udp -- [anywhere]/0 [anywhere]/0 udp dpt:53 Chain ufw-user-limit (0 references) target prot opt source destination LOG all -- [anywhere]/0 [anywhere]/0 limit: avg 3/min burst 5 LOG flags 0 level 4 prefix "[UFW LIMIT BLO CK] " REJECT all -- [anywhere]/0 [anywhere]/0 reject-with icmp-port-unreachable Chain ufw-user-limit-accept (0 references) target prot opt source destination ACCEPT all -- [anywhere]/0 [anywhere]/0 Chain ufw-user-logging-forward (0 references) target prot opt source destination Chain ufw-user-logging-input (0 references) target prot opt source destination Chain ufw-user-logging-output (0 references) target prot opt source destination Chain ufw-user-output (1 references) target prot opt source destination ## LET'S ENCRYPT ## acme.sh is installed in /root/.acme.sh/acme.sh root@u22:~# ** Summary ** I hope your expertise can be a source of resolution for the continual ERROR 502 pages. I must reboot the server 10++ times per day until this is fixed. My beliefs: ** New VPS server with 3 CPUs, 2GB RAM & lots of disk space ** Ubuntu 22.04 fresh install, automated NGINX web server install using your "Perfect Server ... ISPconfig for Ubuntu 22.04" (at: https://www.howtoforge.com/ispconfig-autoinstall-debian-ubuntu/ ) should give a reliable, hi-performance platform to host WP and static HTML sites. I would expect that you have many such Ubuntu ISPConfig installations and WP should be a common use for ISPConfig systems.
It might be that your system runs out of RAM. Try adding a swap file, e.g. 4GB or 6GB. https://www.howtoforge.com/ubuntu-swap-file
Till, Thanks for your solution and link to the Ubuntu Swap File instructions. After creating a 6GB /swapfile, the system has not shown the Error 502 page. I will continue to monitor it. So far, so good. By the way, one of the comments on your https://www.howtoforge.com/ubuntu-swap-file page suggests using "fallocate" instead of "dd". After some research, I see that your recommendation to use the "dd" command is most recommended. the "dd" command creates /swapfile that has no holes (is contiguous) so performance hits are minimized. Thanks again.
