nginx proxy keeps getting bad gateway

Hong Yi asked:

I am running a CentOS7 virtual machine and trying to proxy it to a subsonic server which is running on Windows Server 2012. When I was using apache it was working without issues but I am currently trying to do the same using nginx but I keep getitng 502 bad gateway. I can’t seem to figure what is causing this issue.

My nginx.conf:

server {
listen       80;
server_name  *;

#charset koi8-r;
#access_log  /var/log/nginx/log/host.access.log  main;

location / {
    root   /usr/share/nginx/html;
    index  index.html index.htm;

#error_page  404              /404.html;

# redirect server error pages to the static page /50x.html
error_page   500 502 503 504  /50x.html;
location = /50x.html {
    root   /usr/share/nginx/html;

# proxy the PHP scripts to Apache listening on
#location ~ .php$ {
#    proxy_pass;

# pass the PHP scripts to FastCGI server listening on
#location ~ .php$ {
#    root           html;
#    fastcgi_pass;
#    fastcgi_index  index.php;
#    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
#    include        fastcgi_params;

# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#location ~ /.ht {
#    deny  all;
server {
        listen  80;

    location / {
            proxy_redirect /;
            proxy_set_header        Host            $host;
            proxy_set_header        X-Real-IP       $remote_addr;
            proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
            client_max_body_size    10m;
            client_body_buffer_size 128k;
            proxy_connect_timeout   90;
            proxy_send_timeout      90;
            proxy_read_timeout      90;
            proxy_buffers           32 4k;



On apache:

<VirtualHost *:80>
        RewriteEngine on
        RewriteRule ^music/(.*)$ [P]
        ProxyPass /
        ProxyPassReverse /

Telnet to

Connected to
Escape character is '^]'.
HTTP/1.1 400 Bad Request
Connection: close
Server: Jetty(8.y.z-SNAPSHOT)

Error: 400Connection closed by foreign host.

Error log:

2014/10/23 16:51:21 [crit] 11191#0: *1 connect() to failed (13: Permission denied) while connecting to upstream, client:, server:, request: "GET /favicon.ico HTTP/1.1", upstream: "", host: ""

Any help appreciated. Thanks in advance.

My answer:

By default SELinux prevents the web server from making outbound connections to foreign hosts.

You can change this and allow outgoing connections by setting the httpd_can_network_connect boolean.

setsebool -P httpd_can_network_connect 1

View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.