nginx returns 503 when it gets 403 from haproxy

CJ Ess zxcvbn4038 at
Mon Apr 18 17:54:40 UTC 2016

Ok, I figured it out. Seems that several years ago someone at my day job
did a custom errorfile in haproxy which returns a 503 error whenever
haproxy intends to return a 403 error. It was forgotten and went unnoticed
until now. Now we have to figure out if its a cut and paste error or if
there was a legit reason for doing this. Either way its not an nginx (or
haproxy) issue.

On Fri, Apr 15, 2016 at 4:49 PM, Валентин Бартенев <vbart at> wrote:

> On Thursday 14 April 2016 22:45:36 CJ Ess wrote:
> > In my environment I have Nginx terminating connections, then sending them
> > to an HAProxy upstream. We've noticed that whenever HAProxy emts a 403
> > error (Forbidden, in response to our ACL rules), NGINX reports a 503
> result
> > (service unavailable) and I believe is logging an "upstream prematurely
> > closed connection while reading response header from upstream" error
> > message in the nginx error log.
> >
> > What I'd really like to do is pass the 403 code back to the user - what
> do
> > I need to do?
> That message suggests that haproxy closes connection before properly
> returning
> headers.  So nginx can't pass 403 since it can't get it right from haproxy.
> You should check what is wrong with haproxy.
>   wbr, Valentin V. Bartenev
> _______________________________________________
> nginx mailing list
> nginx at
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the nginx mailing list