Hello, I'm using Debian 10, nginx, Mysql. I've got a "502 Bad Gateway" seen in my web browser, as I try to log into the web admin interface of ISPconfig. In my nginx's error.log, the error message repeats, with each attempt: Code: 2021/03/06 10:32:35 [crit] 2521#2521: *10 connect() to unix:/var/lib/php7.3-fpm/ispconfig.sock failed (13: Permission denied) while connecting to upstream, client: <my home ip>, server: _, request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/var/lib/php7.3-fpm/ispconfig.sock:", host: "<my server ip>:8080" Here are the perms of: /var/lib/php7.3-fpm/ Code: # ls -la /var/lib/php7.3-fpm/ total 8 drwx------ 2 root root 4096 Mar 6 10:27 . drwxr-xr-x 58 root root 4096 Mar 6 10:17 .. srw-rw---- 1 ispapps ispapps 0 Mar 6 10:27 apps.sock srw-rw---- 1 ispconfig ispconfig 0 Mar 6 10:27 ispconfig.sock ...and the older /var/lib/php7.0-fpm/: Code: # ls -la /var/lib/php7.0-fpm/ total 8 drwxr-xr-x 2 root root 4096 Mar 6 10:27 . drwxr-xr-x 58 root root 4096 Mar 6 10:17 .. srw-rw---- 1 ispapps ispapps 0 Mar 6 10:27 apps.sock srw-rw---- 1 ispconfig ispconfig 0 Mar 6 10:27 ispconfig.sock Yes, I did the following: apt dist-upgrade (as per the perfect server install) apt-get install php7.3 php7.3-common php7.3-gd php7.3-mysql php7.3-imap php7.3-cli php7.3-cgi php-pear mcrypt imagemagick libruby php7.3-curl php7.3-intl php7.3-pspell php7.3-recode php7.3-tidy php7.3-xmlrpc php7.3-xsl memcached php-memcache php-imagick php-gettext php7.3-zip php7.3-mbstring memcached php7.3-soap php7.3-fpm php7.3-opcache php-apcu (as per the upgrade guide "Updating ISPConfig 3.1 to ISPConfig 3.2"): apt-get install bzip2 p7zip-full xz-utils lzip rar unrar-free goaccess dovecot-lmtpd (ensured this pointed to PHP 7.3): update-alternatives --config php (ensured this pointed to PHP 7.3): update-alternatives --config php-cgi "su -" before running "ispconfig_update.sh", and then later I also did a "ispconfig_update.sh --force", no luck (yes, I let it reconfigure my services): ispconfig_update.sh --force In my /etc/php/7.3/fpm/php.ini, I set: Code: cgi.fix_pathinfo=0 ...and... date.timezone="Canada/Mountain" htf_report.txt: Code: ##### SERVER ##### IP-address (as per hostname): ***.***.***.*** [WARN] could not determine server's ip address by ifconfig [INFO] OS version is Debian GNU/Linux 10 (buster) [INFO] uptime: 10:48:08 up 20 min, 4 users, load average: 0.00, 0.00, 0.00 [INFO] memory: total used free shared buff/cache available Mem: 987Mi 468Mi 125Mi 15Mi 393Mi 355Mi Swap: 0B 0B 0B [INFO] ISPConfig is installed. ##### ISPCONFIG ##### ISPConfig version is 3.2.2 ##### VERSION CHECK ##### [INFO] php (cli) version is 7.3.27-1~deb10u1 ##### PORT CHECK ##### [WARN] Port 21 (FTP server) seems NOT to be listening [WARN] Port 22 (SSH server) seems NOT to be listening ##### MAIL SERVER CHECK ##### ##### RUNNING SERVER PROCESSES ##### [INFO] I found the following web server(s): Unknown process (nginx:) (PID 1013) [INFO] I found the following mail server(s): Postfix (PID 2470) [INFO] I found the following pop3 server(s): Dovecot (PID 2508) [INFO] I found the following imap server(s): Dovecot (PID 2508) [WARN] I could not determine which ftp server is running. ##### LISTENING PORTS ##### (only () Local (Address) [anywhere]:25 (2470/master) [localhost]:61209 (530/python3) [anywhere]:443 (1013/nginx:) [anywhere]:993 (2508/dovecot) [anywhere]:995 (2508/dovecot) ***.***.***.***:2244 (1060/sshd) [localhost]:10023 (603/postgrey) [localhost]:10024 (2500/amavisd-new) [localhost]:10025 (2470/master) [localhost]:10026 (2500/amavisd-new) [localhost]:3306 (2235/mysqld) [localhost]:10027 (2470/master) [anywhere]:587 (2470/master) [localhost]:11211 (535/memcached) [anywhere]:110 (2508/dovecot) [anywhere]:143 (2508/dovecot) [anywhere]:80 (1013/nginx:) [anywhere]:8080 (1013/nginx:) [anywhere]:465 (2470/master) [anywhere]:8081 (1013/nginx:) *:*:*:*::*:25 (2470/master) *:*:*:*::*:443 (1013/nginx:) *:*:*:*::*:993 (2508/dovecot) *:*:*:*::*:995 (2508/dovecot) *:*:*:*::*:10023 (603/postgrey) *:*:*:*::*:10024 (2500/amavisd-new) *:*:*:*::*:10026 (2500/amavisd-new) *:*:*:*::*:587 (2470/master) [localhost]10 (2508/dovecot) [localhost]43 (2508/dovecot) *:*:*:*::*:80 (1013/nginx:) *:*:*:*::*:8080 (1013/nginx:) *:*:*:*::*:465 (2470/master) *:*:*:*::*:8081 (1013/nginx:) ##### IPTABLES ##### Chain INPUT (policy ACCEPT) target prot opt source destination f2b-postfix-sasl tcp -- [anywhere]/0 [anywhere]/0 multiport dports 25 Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain f2b-postfix-sasl (1 references) target prot opt source destination REJECT all -- ***.***.***.*** [anywhere]/0 reject-with icmp-port-unreachable REJECT all -- ***.***.***.*** [anywhere]/0 reject-with icmp-port-unreachable REJECT all -- ***.***.***.*** [anywhere]/0 reject-with icmp-port-unreachable REJECT all -- ***.***.***.*** [anywhere]/0 reject-with icmp-port-unreachable REJECT all -- ***.***.***.*** [anywhere]/0 reject-with icmp-port-unreachable REJECT all -- ***.***.***.*** [anywhere]/0 reject-with icmp-port-unreachable REJECT all -- ***.***.***.*** [anywhere]/0 reject-with icmp-port-unreachable REJECT all -- ***.***.***.*** [anywhere]/0 reject-with icmp-port-unreachable REJECT all -- ***.***.***.*** [anywhere]/0 reject-with icmp-port-unreachable REJECT all -- ***.***.***.*** [anywhere]/0 reject-with icmp-port-unreachable REJECT all -- ***.***.***.*** [anywhere]/0 reject-with icmp-port-unreachable RETURN all -- [anywhere]/0 [anywhere]/0 I also did numerous reboots along the way, after each little fix attempt. No luck either.
Perhaps the fix from this comment helps: https://www.howtoforge.com/communit...e-socket-permission-issues.72883/#post-398146