📖 ~1 min read
Table of contents
Symptom & Impact
nginx returns 502 Bad Gateway because it cannot write to the PHP-FPM Unix socket.
Environment & Reproduction
Triggered when listen.owner and listen.group in www.conf do not match the nginx runtime user.
Root Cause Analysis
SELinux or POSIX permissions prevent nginx from connecting to the FPM socket file.
Quick Triage
Inspect /var/log/nginx/error.log and ls -l on the configured socket path.
Step-by-Step Diagnosis
Run: sudo ls -l /run/php-fpm/www.sock; sudo journalctl -u php-fpm; getenforce.
Solution – Primary Fix
Set listen.owner = nginx and listen.group = nginx in /etc/php-fpm.d/www.conf and reload php-fpm.
Still having issues? Our IT Solutions & Services team can diagnose and resolve this for you. Get in touch for a free consultation.
Solution – Alternative Approaches
Switch to TCP socket on 127.0.0.1:9000 if SELinux complicates Unix socket sharing.
Verification & Acceptance Criteria
nginx serves PHP pages without 502 errors and curl -I returns 200 from a test PHP script.
Rollback Plan
Revert www.conf to apache:apache ownership and restart php-fpm if nginx is removed.
Prevention & Hardening
Document expected listen.owner/group per stack and check after every php-fpm upgrade.
Related Errors & Cross-Refs
Related to SELinux httpd_can_network_connect booleans and ACL inheritance issues.
Related tutorial: View the step-by-step tutorial for centos-stream-10.
View all centos-stream-10 tutorials on the Tutorials Hub →
Browse all common problems & solutions on the Tutorials Hub.
References & Further Reading
php-fpm.conf(5) and Red Hat web application guide.
Need Expert Help?
If you cannot resolve this yourself, our team offers hands-on Server Management, Managed IT Services, and flexible Support Plans. Contact us today — we respond within one business day.
