Error 502 from time to time

[ehrenwert]

Hello,

since my last upgrade I mention Error 502 on all domains (!) from time to time.
Restarting NGINX and Apache2 solves the problem.

The nginx-error-log shows:

2015/11/13 02:11:47 [error] 9589#0: *205730 recv() failed (104: Connection reset by peer) while reading response header from upstream, client: 194.139.xxx.xx, server: , request: "GET / HTTP/1.1", upstream: "http://81.30.xxx.xxx:7080/", host: "example.com"
2015/11/13 02:11:47 [error] 9589#0: *205734 connect() failed (111: Connection refused) while connecting to upstream, client: 85.214.51.xx, server: , request: "GET / HTTP/1.1", upstream: "http://81.30.xxx.xxx:7080/", host: "example.com", referrer: "$
2015/11/13 02:11:47 [error] 9589#0: *205736 connect() failed (111: Connection refused) while connecting to upstream, client: 188.126.191.xxx, server: , request: "GET / HTTP/1.1", upstream: "http://81.30.xxx.xxx:7080/", host: "example.com", referrer$

So I guess that something in the "chain" of services is broken. My first idea was that fail2ban is blocking the IP of the server itself, but all IPs are whitelisted on fail2ban and the fail2ban-log for the time the 502 was showing does not list the server's IP:

2015-11-13 02:11:18,556 fail2ban.filter [938]: INFO [plesk-postfix] Found 89.248.172.xxx

2015-11-13 02:11:24,312 fail2ban.filter [938]: INFO [plesk-postfix] Found 89.248.172.xxx

2015-11-13 02:14:19,329 fail2ban.filter [938]: INFO [plesk-postfix] Found 193.189.117.xxx

2015-11-13 02:14:31,425 fail2ban.filter [938]: INFO [plesk-dovecot] Found 203.129.224.xxx

2015-11-13 02:15:17,449 fail2ban.filter [938]: INFO [plesk-dovecot] Found 203.129.224.xxx

2015-11-13 02:15:35,050 fail2ban.filter [938]: INFO [plesk-postfix] Found 213.165.70.xxx

2015-11-13 02:15:49,608 fail2ban.filter [938]: INFO [plesk-postfix] Found 85.59.149.xx

2015-11-13 02:15:50,144 fail2ban.filter [938]: INFO [plesk-postfix] Found 85.59.149.xx

2015-11-13 02:15:50,673 fail2ban.filter [938]: INFO [plesk-postfix] Found 85.59.149.xx

2015-11-13 02:15:51,195 fail2ban.filter [938]: INFO [plesk-postfix] Found 85.59.149.xx

2015-11-13 02:15:51,817 fail2ban.filter [938]: INFO [plesk-postfix] Found 85.59.149.xx

2015-11-13 02:15:51,967 fail2ban.actions [938]: NOTICE [plesk-postfix] Ban 85.59.149.xx

2015-11-13 02:15:51,968 fail2ban.filter [938]: INFO [recidive] Found 85.59.149.xx

2015-11-13 02:15:52,070 fail2ban.action [938]: ERROR iptables -n -L INPUT | grep -q 'f2b-plesk-postfix[ \t]' -- stdout: ''

2015-11-13 02:15:52,070 fail2ban.action [938]: ERROR iptables -n -L INPUT | grep -q 'f2b-plesk-postfix[ \t]' -- stderr: ''

2015-11-13 02:15:52,070 fail2ban.action [938]: ERROR iptables -n -L INPUT | grep -q 'f2b-plesk-postfix[ \t]' -- returned 1

2015-11-13 02:15:52,070 fail2ban.CommandAction [938]: ERROR Invariant check failed. Trying to restore a sane environment

2015-11-13 02:15:52,173 fail2ban.action [938]: ERROR iptables -D INPUT -p tcp -m multiport --dports smtp,smtps,submission -j f2b-plesk-postfix

iptables -F f2b-plesk-postfix

iptables -X f2b-plesk-postfix -- stdout: ''

2015-11-13 02:15:52,173 fail2ban.action [938]: ERROR iptables -D INPUT -p tcp -m multiport --dports smtp,smtps,submission -j f2b-plesk-postfix

iptables -F f2b-plesk-postfix

iptables -X f2b-plesk-postfix -- stderr: "iptables v1.4.21: Couldn't load target `f2b-plesk-postfix':No such file or directory\n\nTry `iptables -h' or 'iptables --help' for more information.\niptables: No chain/target/match by that name.\niptables: No chain/target/match $

2015-11-13 02:15:52,173 fail2ban.action [938]: ERROR iptables -D INPUT -p tcp -m multiport --dports smtp,smtps,submission -j f2b-plesk-postfix

iptables -F f2b-plesk-postfix

iptables -X f2b-plesk-postfix -- returned 1

2015-11-13 02:15:52,173 fail2ban.actions [938]: ERROR Failed to execute ban jail 'plesk-postfix' action 'iptables-multiport' info 'CallingMap({'ipjailmatches': <function <lambda> at 0x7ff37cb30938>, 'matches': u'Nov 13 02:15:49 servername postfix/smtpd[15783]: w$

2015-11-13 02:15:52,349 fail2ban.filter [938]: INFO [plesk-postfix] Found 85.59.149.xx

2015-11-13 02:15:52,974 fail2ban.filter [938]: INFO [plesk-postfix] Found 85.59.149.xx

2015-11-13 02:15:53,455 fail2ban.filter [938]: INFO [plesk-postfix] Found 85.59.149.xx

2015-11-13 02:15:54,596 fail2ban.filter [938]: INFO [plesk-postfix] Found 85.59.149.xx

2015-11-13 02:15:55,235 fail2ban.filter [938]: INFO [plesk-postfix] Found 85.59.149.xx

2015-11-13 02:15:55,736 fail2ban.filter [938]: INFO [plesk-postfix] Found 85.59.149.xx

2015-11-13 02:15:56,178 fail2ban.actions [938]: NOTICE [plesk-postfix] 85.59.149.xx already banned

2015-11-13 02:15:56,254 fail2ban.filter [938]: INFO [plesk-postfix] Found 85.59.149.xx

2015-11-13 02:15:56,728 fail2ban.filter [938]: INFO [plesk-postfix] Found 85.59.149.xx

2015-11-13 02:15:57,501 fail2ban.filter [938]: INFO [plesk-postfix] Found 85.59.149.xx

2015-11-13 02:15:59,592 fail2ban.filter [938]: INFO [plesk-postfix] Found 85.59.149.xx

Any idea how to resolve this?