nginx returns 503 when it gets 403 from haproxy

Francis Daly francis at
Fri Apr 15 07:31:53 UTC 2016

On Thu, Apr 14, 2016 at 10:45:36PM -0400, CJ Ess wrote:

Hi there,

> In my environment I have Nginx terminating connections, then sending them
> to an HAProxy upstream. We've noticed that whenever HAProxy emts a 403
> error (Forbidden, in response to our ACL rules), NGINX reports a 503 result
> (service unavailable) and I believe is logging an "upstream prematurely
> closed connection while reading response header from upstream" error
> message in the nginx error log.
> What I'd really like to do is pass the 403 code back to the user - what do
> I need to do?

Can you provide a small config that shows the problem?

http {
    upstream haproxy {
    server {
        server_name haproxy;
        return 403;

    server {
        listen 8080;
        location / {
            proxy_pass http://haproxy;

seems to suggest that nginx does what you want.

So - have you a different config; or is your haproxy not issuing a
"clean" 403, or is something else happening on the wire?

Francis Daly        francis at

More information about the nginx mailing list