Why does my site load poorly after setting a reverse proxy?

ndphuong219

Dear supporter,
i have sever A (ip_a) with domain.com and database
i create sever B ( ip_b ) with only domain.com ( no database )
i set up ssl for domain.com ( at sever B ), set PHP is static.
Now i create Reverse Proxy sever B as image below

i edit config.php from
/* That's all, stop editing! Happy publishing. */

/** Absolute path to the WordPress directory. */
if ( ! defined( 'ABSPATH' ) ) {
define( 'ABSPATH', DIR . '/' );
}

/** Sets up WordPress vars and included files. */
require_once ABSPATH . 'wp-settings.php';

---->
/** Absolute path to the WordPress directory. */
if ( ! defined( 'ABSPATH' ) ) {
define( 'ABSPATH', DIR . '/' );
}
if ($SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') $SERVER['HTTPS']='on';
/** Sets up WordPress vars and included files. */
require_once ABSPATH . 'wp-settings.php';
( i tried keep default config.php but i cant access login page. )
--- i point IP_b to DNS cloudflare
Everything work well....
BUT....
If my site has about 20+ concurrent hits, it will get error 502

After I removed the reverse proxy, my site was able to handle 2000+ concurrent online visitors. ( I used bot traffic to test the load capacity of my website. )
Please help me fix this problem. Thank you

aaPanel_Kern

ndphuong219
Access process:
cloudflare --> sever B --> sever A
Check what the error log of sever B's site shows when it cannot be accessed
What is the domain name used by sever B's site? What is the anti-proxy setting. Hide some personal information
What domain name does sever A's site use?

ndphuong219

This is error log from severB when my site cant access ( sever proxy contain only domain, no database, no source wp )
https://anotepad.com/notes/pkyn6bnm

aaPanel_Kern

ndphuong219
All is this error. upstream prematurely closed connection while reading response header from upstream
upstream: "http://91.120.224.202:80/"
91.120.224.202 is your server A?

ndphuong219

aaPanel_Kern yes. that is IP of sever A, (I changed it for security here )
. how i resolve it ?

aaPanel_Kern

ndphuong219
Check what the keepalive_timeout configuration of serve A is

ndphuong219

aaPanel_Kern i keep sever A and B are the same default config

But if I turn off the reverse proxy and point the cloudflare DNS to ip server A, keeping the nginx config as default, it can handle 2000+ concurrent online visitors ( the same traffic abow )

aaPanel_Kern

ndphuong219
Try server A setting keepalive_timeout to 0

ndphuong219

aaPanel_Kern after set keepalive timeout sever A =0, i clear all logs from sever A and Sever B, i run traffic again, and now sever A no logs,
site still same error, here is sever B log
https://anotepad.com/notes/ect67r5n
When i reset nginx sever A, site will working second and then error

aaPanel_Kern

ndphuong219
Does server A have access logs and error logs now? still the same problem

ndphuong219

ahh...eveything ok when i uninstall nginx free firewall from sever A. No error now.
is there any way i can still use nginx free firewall without getting the above error?
Should I install opcache, memcache extent from sever B ?

aaPanel_Kern

ndphuong219
Add the ip of server B to the whitelist of the nginx free firewall of server A, and try to open the CDN.
opcache and memcache should be installed in server A. Server B only forwards and does not process data

ndphuong219

please give me a specific example to whitelist IP. How can I add my ip server : 39.221.66.167 to whitelist ?
what i insert starting and end ip with this ip address ? starting 39 and ending 167 ?

aaPanel_Kern

ndphuong219
Start and end with the same ip.

Hamka

if you want to use a reverse proxy, don't activate ssl on the backend server...just a server that is a proxy that is ssl enabled