What causes 502 Bad Gateway on a CDN
September 22, 2010 | David Henzel
The “502 – Bad Gateway” http error – a very uncommon, yet tricky error that some may have encounter when requesting a file through a Pull Zone. The question arising is: What is this error all about?
Generally, this error is a result of a poor IP communication between back-end computers, possibly including the Web server at the site you are trying to visit. In the case of a Pull Zone, it is a communication problem between our servers and the origin server.
In order to analyze the error and find out what would be causing it, the first thing to do is to clear your browser cache completely. Should the error persist, it’s time to look into other causes.
The 3 occasions in which you might encounter this error
- IP on the backend has changed:
This is the first and most common case. People change hosts all the time, not very frequently, but they do. Or web hosts change their IP allocation, or a site owner might upgrade their hosting package and get a different IP address, many reasons and the result is the same; the server will not be able to pull the data off the origin.
- Firewall blocking our server:
The 2nd most common case in which the 502 error will be encountered. As a part of a DDoS mitigation, or as a result of a strict set of Firewall rules, our IPs might be blocked as they could be accidentally identified as illegal traffic for the number of requests could be enormous. The expected result would be that we can’t pull the data off the origin server, and the 502 will be encountered.
- Bad/Corrupt Zone Provisioning:
The 3rd, final, and most unusual case. It happens very, very rarely when something goes wrong during the provisioning process of the Pull Zone. A temporal network hiccup, an occasional timeout etc… This is not a major thing and any of our support team members can easily re-provision the Pull Zone for you.
The debugging process
Debugging is quite easy when you encounter “502 – Bad gateway” and here’s what you can do.
- Check the Origin Server IP:
As a first step, always check if the Origin Server’s IP has changed. Login to the CDN control panel, click on “Mange” next to your Pull Zone, then click on the “Settings” tab. Should you find out that the IP has changed, click “Edit” and put in the correct IP, purge your Pull Zone’s cache, clear your browser’s cache and try again, the problem should be fixed.
- Check your Firewall rules:
If the origin IP is correct and the problem is persisting, contact our technical support. If it’s a Firewall problem, you will be given a set of IP address to whitelist in your Firewall rule-set, then the problem should be fixed.
- Blame the Gremlins:
If neither of the 2 above solutions works, please contact our technical support ( firstname.lastname@example.org ) and the team will be able to help you identify and fix the problem.