Kirby 3 -> 502 Bad Gateway -> back to Kirby 1. Probably config or php isssues?

Hi Kirby Community
We use Kirby for many years now. :hugs:

Can’t reach the website anymore. Get 502 Bad Gateway error. :cry:

What happened:

  • Updated Let’s Encrypt to ACMEv2 (seems it worked)
  • Updated Debian 8 to 10 buster (via 9)
  • Updated NGINX 1.14.2
  • Updated Kirby 1 to 2 and to Kirby 3 (at least tried)
  • Overwrote Kirby files with the backup of Kirby 1

The website is still not reachable. The files and folders are reachable (e.g. domain.com/folder-added-manually

I spent hours testing many solutions. Please advise me. I’m already happy if Kirby 1 works again like before.
Let me know which info I can provide.

Thank you very much.

Some points to consider:

You did not mention what you did with PHP. Which version are you using? I can hardly imagine that you can run Kirby1 - Kirby3 with the same PHP version.

Also, have a look into your web server log. What is there regarding the 502 error?

If you do not mind you could install a fresh and up-to-date starterkit to see if this is working.

It seems you have full access to your server. What output gives a netstat -ltpn (as root)?

Check your domain name and virtual host (if any) configuration.

Thank you for your super fast response, Adspectus!
I’m quite a newbie.
Hope the following info is useful.

netstat -ltpn

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 127.0.0.1:3306          0.0.0.0:*               LISTEN      4368/mysqld         
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      19634/nginx: master 
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      28010/sshd          
tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN      3372/master         
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      19634/nginx: master 
tcp6       0      0 :::80                   :::*                    LISTEN      19634/nginx: master 
tcp6       0      0 :::22                   :::*                    LISTEN      28010/sshd          
tcp6       0      0 :::25                   :::*                    LISTEN      3372/master         
tcp6       0      0 :::443                  :::*                    LISTEN      19634/nginx: master 

php -v

PHP 7.4.21 (cli) (built: Jul  2 2021 15:33:47) ( NTS )
Copyright (c) The PHP Group
Zend Engine v3.4.0, Copyright (c) Zend Technologies
    with Zend OPcache v7.4.21, Copyright (c), by Zend Technologies

There are also very strange entries in /var/log/nginx/access.log
Note: I think I installed PHP-FPM in the last two days.

157.245.101.72 - - [15/Jul/2021:11:47:51 +0200] "GET /index.php/PHP%0Ais_the_shittiest_lang.php?QQQQQQ

/var/log/nginx/error.log

2021/07/15 10:08:06 [error] 19552#19552: open() "/run/nginx.pid" failed (2: No such file or directory)
2021/07/15 11:15:38 [crit] 20479#20479: *144 connect() to unix:/run/hhvm/hhvm.sock failed (2: No such file or directory) while connecting to upstream, client: 213.55.241.73, server: domain.com, request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/run/hhvm/hhvm.sock:", host: "domain.com"

var/www/domain/index.php

<?php 

/*

---------------------------------------
Document root of your site
---------------------------------------
this should be identical with the directory 
in which your index.php is located

*/

$root = dirname(__FILE__);



/*

---------------------------------------
Kirby system folder
---------------------------------------

by default this is located inside the root directory
but if you want to share one system folder for 
multiple sites, you can easily change that here
and link to a shared kirby folder somewhere on your
server

*/

$rootKirby = $root . '/kirby';



/*

---------------------------------------
Your site folder
---------------------------------------

Your site folder contains all the site specific files
like templates and snippets. It is located in the root
directory by default, but you can move it if you want.

*/

$rootSite = $root . '/site';



/*

---------------------------------------
Your content folder
---------------------------------------

Your content folder is also located in the root 
directory by default. You can change this here.
It can also be changed later in your site/config.php

*/

$rootContent = $root . '/content';


// Try to load Kirby
if(!file_exists($rootKirby . '/system.php')) {
  die('The Kirby system could not be loaded');  
} 

require_once($rootKirby . '/system.php');

/etc/nginx/nginx.conf

user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;

events {
	worker_connections 768;
	# multi_accept on;
}

http {

	##
	# Basic Settings
	##

	sendfile on;
	tcp_nopush on;
	tcp_nodelay on;
	keepalive_timeout 65;
	types_hash_max_size 2048;
	# server_tokens off;

	 server_names_hash_bucket_size 64;
	# server_name_in_redirect off;

	include /etc/nginx/mime.types;
	default_type application/octet-stream;

	##
	# SSL Settings
	##

	ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
	ssl_prefer_server_ciphers on;

	##
	# Logging Settings
	##

	access_log /var/log/nginx/access.log;
	error_log /var/log/nginx/error.log;

	##
	# Gzip Settings
	##

	gzip on;

	# gzip_vary on;
	# gzip_proxied any;
	# gzip_comp_level 6;
	# gzip_buffers 16 8k;
	# gzip_http_version 1.1;
	# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;

	##
	# Virtual Host Configs
	##

	include /etc/nginx/conf.d/*.conf;
	include /etc/nginx/sites-enabled/*;
}


#mail {
#	# See sample authentication script at:
#	# http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
# 
#	# auth_http localhost/auth.php;
#	# pop3_capabilities "TOP" "USER";
#	# imap_capabilities "IMAP4rev1" "UIDPLUS";
# 
#	server {
#		listen     localhost:110;
#		protocol   pop3;
#		proxy      on;
#	}
# 
#	server {
#		listen     localhost:143;
#		protocol   imap;
#		proxy      on;
#	}
#}

/etc/nginx/php.conf

location ~ [^/]\.php(/|$) {
	fastcgi_split_path_info ^(.+?\.php)(/.*)$;
	if (!-f $document_root$fastcgi_script_name) {
		return 404;
	}

	include fastcgi.conf;
	fastcgi_index index.php;
	fastcgi_pass unix:/run/hhvm/hhvm.sock;
}

etc/nginx/domain-common.conf
(which is in /etc/nginx/sites-enabled/domain.com as ‘include domain-common.conf;’)

root /var/www/domain;

index index.php index.html;

include php.conf;
include kirby.conf;

  1. The output of netstat looks good.
  2. With php -v you got the version of the command line client (“cli”). The version which the webserver uses might differ. If you place a file named phpinfo.php into the webroot directory, with only the line <?php phpinfo(); ?> in it, and open it via your browser, you will get a comprehensive information about your webserver installation and PHP.
  3. As I said, I doubt that Kirby1 will work with PHP7, maybe some Kirby expert reading this could comment on this.
  4. The access log entry is only one of the many trials to hack you site. Do not bother too much.
  5. The error log contains an interesting line about HHVM which seems to be a kind of virtual machine executing PHP code. This might interfere with PHP-FPM - if you install this too - and in my opinion, after reading some about it, I would get rid of it and make sure you have a working installation of PHP-FPM together with nginx.
  6. Actually I do not know much about nginx, I prefer Apache, but the way to configure it looks quite similar. However, from your configuration files, I miss a clean separation of the default virtual host and your virtual host configuration for the kirby site - or even more sites. In principle, it should be possible to run multiple sites yet with different PHP and Kirby versions simultaneously with one web server - at least thats what I do with Apache. I can not tell you the detailed steps for your setup with nginx but I am quite sure that here is the root of your problem.

I certainly won’t work with PHP 7.4 and will only work with PHP 7 if you fiddle with the source code.

Thank you very much for your advice, Adspectus and pixelijn!

I will reinstall the whole server and/or move to a new webhost. This should solve everything.