nginx returns 503 when it gets 403 from haproxy
CJ Ess
zxcvbn4038 at gmail.com
Mon Apr 18 17:54:40 UTC 2016
Ok, I figured it out. Seems that several years ago someone at my day job
did a custom errorfile in haproxy which returns a 503 error whenever
haproxy intends to return a 403 error. It was forgotten and went unnoticed
until now. Now we have to figure out if its a cut and paste error or if
there was a legit reason for doing this. Either way its not an nginx (or
haproxy) issue.
On Fri, Apr 15, 2016 at 4:49 PM, Валентин Бартенев <vbart at nginx.com> wrote:
> On Thursday 14 April 2016 22:45:36 CJ Ess wrote:
> > In my environment I have Nginx terminating connections, then sending them
> > to an HAProxy upstream. We've noticed that whenever HAProxy emts a 403
> > error (Forbidden, in response to our ACL rules), NGINX reports a 503
> result
> > (service unavailable) and I believe is logging an "upstream prematurely
> > closed connection while reading response header from upstream" error
> > message in the nginx error log.
> >
> > What I'd really like to do is pass the 403 code back to the user - what
> do
> > I need to do?
>
> That message suggests that haproxy closes connection before properly
> returning
> headers. So nginx can't pass 403 since it can't get it right from haproxy.
>
> You should check what is wrong with haproxy.
>
> wbr, Valentin V. Bartenev
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20160418/4a3b4999/attachment.html>
More information about the nginx
mailing list