When you see a 502 Bad Gateway error , it can be frustrating, especially when your website works perfectly fine using the server’s IP address, but breaks when you access it through the domain name. It’s a very common issue that happens when you’re using a reverse proxy such as Nginx, Apache, or HAProxy. In this blog, we explained why it happens, and how you can fix it by following the steps one by one.
What Does “502 Bad Gateway” exactly Means?
A 502 Bad Gateway error means that one server act as a gateway or proxy received an invalid response from another server then it come across the 502 Bad gateway. Simply saying, when your reverse proxy (like Nginx) tried to connect to the backend service or web application (like Apache, Node.js, or a Docker container), but the communication failed and it could not connect. It doesn’t always mean your backend is down. The proxy just doesn’t know how to talk to it correctly due to misconfigurations.
So the reason why it Works on IP but Not on Domain :
If your website works using the server’s IP address (like http://192.168.50.12) but not with your domain name (like https://example.com), so it usually means:
- The reverse proxy is misconfigured – It’s possible it’s pointing to the wrong upstream host or missing a hostname.
- DNS or hostname resolution issue – Your domain may not be resolving correctly on the proxy server.
- SSL or HTTPS configuration issue – The proxy might not trust the certificate or might be redirecting incorrectly .
- Firewall or SELinux restrictions – The proxy might not be allowed to reach the domain name.
- Loopback to itself – sometimes the proxy tries to connect to the same domain name it’s serving, creating an infinite loop as loopback.
So below are the steps to follow to fix this issue one by one.
Step 1: Check If Domain Resolves Correctly
From your reverse proxy server, test if your domain resolves to the correct IP:
ping example.com
or
nslookup example.com
If the IP shown doesn’t match your server’s IP, then DNS is the issue.
You need to update your DNS records to fix it (A or CNAME) or by adding a temporary entry in /etc/hosts like this:
192.168.50.12 example.com
Save and try again.
Step 2: Check Reverse Proxy Configuration
If you’re using Nginx as a reverse proxy, you need to open your site configuration file (for example, /etc/nginx/sites-available/example.com):
#sudo nano /etc/nginx/sites-available/example.com
You will see the code like below
server {server_name example.com;
location / {
proxy_pass http://example.com:8080;
}
}
So the problem could be here, the proxy is trying to reach example.com again, which causes a loop.
You should replace it with your backend IP address instead domainname like below :
server {
server_name example.com;
location / {
proxy_pass http://127.0.0.1:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
}
Save the file and test your Nginx configuration using command below :
#sudo nginx -t
#sudo systemctl reload nginx
Now, try to access the domain again. If it works, the issue was a proxy loop.
Step 3: Check for SSL/HTTPS Issues
If your site uses HTTPS, you need to make sure both your proxy and backend are handling SSL correctly.
Sometimes, you only need SSL on the proxy, not on the backend.
For example, if Nginx handles HTTPS, and your backend only runs HTTP, your configuration should be like:
server {
listen 443 ssl;
server_name example.com;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
location / {
proxy_pass http://127.0.0.1:8080;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
If you mistakenly use proxy_pass https://example.com;, Nginx might fail to validate the SSL certificate, and it will cause a 502 error.
Step 4: Check Backend Service
In some cases , the backend service (like Apache, Gunicorn, or Node.js) isn’t actually responding even though it seems to be running.
You need to check and verify if it’s listening on the correct port:
sudo netstat -tlnp | grep 8080
or
ss -tlnp | grep 8080
If the service isn’t running, you need to restart it:
sudo systemctl restart apache2
# or
sudo systemctl restart your_app
Step 5: Look at Logs for More Clues and exact issue tracing
In issue investigation, the logs works like your best friends in debugging the any issues error, specially for 502 errors.
Check Nginx error logs:
sudo tail -f /var/log/nginx/error.log
If it shows messages like “connect() failed” or “bad gateway”, it usually points to a connectivity issue between the proxy and the backend.
You can also check application logs to see if it’s rejecting connections or crashing under load.
Step 6: Restart Services
Once the changes are done , restart everything cleanly:
#sudo systemctl restart nginx
#sudo systemctl restart your_app
Then, test again using using the curl command :
curl -I https://example.com
It it shows 200 OK response if everything is fixed.
Issues like 502 Bad Gateway errors can stem from proxy, DNS, or SSL settings, and our team is available 24×7 to guide you through them. Whether you need quick troubleshooting, configuration validation, or hands-on assistance, we’re always here to help. Connect with us anytime through chat or contact us directly for immediate support.
Partner with SupportPRO for 24/7 proactive cloud support that keeps your business secure, scalable, and ahead of the curve.
