Error 503 Backend fetch failed

I have some problem with ngnix varnish configuration.
When I connect https://example.com I got this messages:

Error 503 Backend fetch failed
Backend fetch failed

I’m using hitch for configuration and conf file looks like this

/etc/hitch/hitch.conf

## Basic hitch config for use with Varnish and Acmetool

# Listening
frontend = "[*]:443"
ciphers  = "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH"

# Send traffic to the Varnish backend using the PROXY protocol
backend        = "[::1]:6086"
write-proxy-v2 = on

# If you run Varnish 4.0 use this instead
#backend        = "[::1]:6081"
#write-proxy-v2 = off 

# List of PEM files, each with key, certificates and dhparams
pem-file = "/var/lib/acme/live/example.com/haproxy"

# Set uid/gid after binding a socket
# Uncomment these on CentOS/RHEL
#user = "hitch"
#group = "hitch"

and I’m using acmetool and conf file looks like this
/etc/varnish/acmetool.vcl

 # Forward challenge-requests to acmetool, which will listen to port 402
# when issuing lets encrypt requests

backend acmetool {
   .host = "127.0.0.1";
   .port = "402";
}

sub vcl_recv {

    if (req.url ~ "^/.well-known/acme-challenge/") {
        set req.backend_hint = acmetool;

return(pass);

    }
}

My ports (output of “netstat -peanut” )

    Proto Recv-Q Send-Q Local Address           Foreign Address         State       User       Inode      PID/Program name
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      0          18694      836/hitch
tcp        0      0 0.0.0.0:6081            0.0.0.0:*               LISTEN      0          51753      2816/varnishd
tcp        0      0 127.0.0.1:6082          0.0.0.0:*               LISTEN      0          51790      2816/varnishd
tcp        0      0 142.93.244.9:443        212.2.212.133:62429     TIME_WAIT   0          0          -
tcp        0      0 142.93.244.9:443        212.2.212.133:62426     FIN_WAIT2   0          0          -
tcp        0      0 142.93.244.9:443        212.2.212.133:62427     FIN_WAIT2   0          0          -
tcp6       0      0 :::443                  :::*                    LISTEN      0          18695      836/hitch
tcp6       0      0 :::6081                 :::*                    LISTEN      0          51754      2816/varnishd
tcp6       0      0 ::1:6086                :::*                    LISTEN      0          51755      2816/varnishd
tcp6       0      0 ::1:6086                ::1:33656               TIME_WAIT   0          0          -
tcp6       0      0 ::1:6086                ::1:33660               TIME_WAIT   0          0          -

Is nginx running? I don’t see it in your netstat output.

I agree, this statement seems misleading; as there is only hitch+varnish running.

I forgot to add nginx line. Nginx working on 8080 port

OK, so draw it out…
https://example.com
goes to hitch (*:443)
hitch goes to varnish ([::1]:6086)
varnish goes to nginx ([::1]:8080)
? ? ?

Which parts have you tested to be working?

And you might want to include how/why/when/where…
this problem includes LetsEncrypt and thus would benefit it being answered in this forum.
[I’m assuming hitch is using an LE cert but it isn’t quite clear]

I reinstalled nginx and it’s working but not correctly. There are so many errors like that " Mixed Content: The page at ‘’ was loaded over HTTPS, but requested an insecure stylesheet ‘’. This request has been blocked; the content must be served over HTTPS." I think it’s about proxy thing.Do you know how can I fix that?

Try using:
https://www.whynopadlock.com/

I think you mentioned in another thread that you’re using Wordpress, right? You may need to change your site URL to https:// in the Wordpress admin settings. The proxy setup might be confusing any attempt it might be making to detect HTTPS connections automatically (since Varnish is presumably connecting to it over HTTP).

Exactly, I’m using wordpress and I changed url in wp-config.php. Yes, I think the problem is about proxy. All links in the website ( like js css png ) coming http:// and they’re not working about that. I need to force to https all links. I tried something in the varnish but website is down. Have you any idea for achieve that?

Changing the url in WordPress should be sufficient, I would have thought. Maybe Varnish is caching the old version of the html? Have you tried restarting it?

Yeah I restarted serve, nginx, varnish lots of time.But it’s same like https://ibb.co/JpYJD2g

https://codex.wordpress.org/Changing_The_Site_URL

Did you change both WP_HOME and WP_SITEURL to HTTPS?

yes I did. By the way I fixed the problem with changing all urls from database with “Better search replace” plugin.Thanks buddies!

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.