Why do I get 502 only on long requests?

Your proxy timeout is too short. LLM responses and complex skill executions can take 30-120 seconds. Increase proxy_read_timeout (nginx) or read_timeout (Caddy) to at least 300 seconds. This allows OpenClaw to finish before the proxy gives up.

Should I use nginx or Caddy for OpenClaw?

Caddy is easier to configure and handles SSL automatically via Let's Encrypt. Nginx offers more fine-grained control and is better for complex load balancing. For simple single-instance deployments, Caddy is recommended. For production with multiple backends, use nginx.

Can I use Cloudflare with OpenClaw?

Yes, but be aware Cloudflare proxies timeout at 100 seconds on the free plan. For longer LLM requests, either upgrade to a paid plan with configurable timeouts, or set Cloudflare to DNS-only mode (gray cloud) and terminate SSL at your origin with nginx/Caddy.

How do I handle websocket connections through the proxy?

Add proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; to your nginx location block. For Caddy, websockets are handled automatically. Without this, real-time features like streaming responses will fail.

🔧Troubleshooting

How to Fix OpenClaw 502 Bad Gateway Errors

Intermediate30-60 minutesUpdated 2025-03-01

A 502 Bad Gateway error means your reverse proxy (nginx, Caddy, Apache) can't communicate with the upstream OpenClaw service. This might be because OpenClaw crashed, is listening on the wrong port, the proxy configuration has errors, or timeouts are too aggressive for long LLM responses. This guide walks through each failure point.

Why This Is Hard to Do Yourself

These are the common pitfalls that trip people up.

⏱️

Upstream timeout on long requests

LLM responses take 30+ seconds, proxy times out before completion

⚙️

Misconfigured proxy settings

Wrong upstream port, incorrect headers, or missing websocket support

💥

Upstream process crashed

OpenClaw isn't running but proxy expects it to be available

🔌

Port mismatch between proxy and app

Proxy forwards to :3000 but OpenClaw listens on :8080

Step-by-Step Guide

Step 1

Verify OpenClaw process is running

Ensure the upstream service actually exists and is accepting connections.

Step 2

Confirm port configuration matches

Verify the proxy forwards to the port OpenClaw is actually listening on.

Step 3

Review proxy error logs

Examine nginx or Caddy logs to see the specific upstream error.

Step 4

Increase proxy timeout limits

Extend timeouts to accommodate slow LLM responses and long-running skills.

Step 5

Check SSL termination configuration

Ensure proxy properly handles HTTPS and forwards correct protocol headers.

Step 6

Test bypassing the proxy

Access OpenClaw directly to isolate whether the issue is proxy or application.

Tired of 502 Errors?

Our reverse proxy experts configure nginx, Caddy, or Apache for optimal OpenClaw performance. Get SSL, websockets, load balancing, and health checks configured correctly the first time.

Browse Setup & Installation experts →

Learn more about our expert service →

Get matched with a specialist who can help.

Frequently Asked Questions

Related Guides

🔧Troubleshooting

How to Fix OpenClaw SSL Certificate Errors

Intermediate30-60 minutes

🚀Setup & Installation

How to Configure OpenClaw Gateway with HTTPS

Intermediate30-60 minutes