nginx: upstream sent too big header - Rocketeers app [ Rocketeers ](/) [Login](https://rocketeersapp.com/login) On this page Knowledge --------- nginx: upstream sent too big header =================================== ### [\#Nginx](https://rocketeersapp.com/knowledge/nginx) This 502 variant happens when your application sends response headers larger than the buffers nginx reserves for them. Common with big cookies, large session data, or many headers. Published by [Mark van Eijk](https://rocketeersapp.com/author/mark-van-eijk) on June 23, 2026 · 1 minute read 1. [About the error](#content-about-the-error) 2. [Why do I see this error](#content-why-do-i-see-this-error) 3. [Solution](#content-solution) 4. [Fix the root cause too](#content-fix-the-root-cause-too) [\#](#content-about-the-error "Permalink")About the error --------------------------------------------------------- The visitor gets a [502 Bad Gateway](/502-bad-gateway-nginx) and the nginx error log explains why: ``` upstream sent too big header while reading response header from upstream ``` nginx reserves a fixed-size buffer for the response headers it reads back from your application (PHP-FPM or a proxied service). If the headers don't fit, nginx can't process the response and returns a 502. [\#](#content-why-do-i-see-this-error "Permalink")Why do I see this error ------------------------------------------------------------------------- - **Large cookies**, especially a big session cookie or many cookies set at once. - A long `Set-Cookie` from a fat session payload. - Many or unusually large custom headers. - A redirect with a very long `Location` URL. It frequently appears right after login, when the session and its cookie grow. [\#](#content-solution "Permalink")Solution ------------------------------------------- Increase the FastCGI buffer sizes so the headers fit. For a PHP-FPM app: ``` fastcgi_buffer_size 32k; fastcgi_buffers 8 16k; fastcgi_busy_buffers_size 64k; ``` For a proxied application (`proxy_pass`), the equivalents are: ``` proxy_buffer_size 32k; proxy_buffers 8 16k; proxy_busy_buffers_size 64k; ``` Put these in the relevant `location` or `server` block, then validate and reload: ``` nginx -t && systemctl reload nginx ``` ### [\#](#content-fix-the-root-cause-too "Permalink")Fix the root cause too Bigger buffers treat the symptom. If the headers are huge because you're storing a lot in the session (and therefore the cookie), trim it. In Laravel, keep large data server-side by using a non-cookie session driver such as `redis` or `database` rather than the `cookie` driver, so only a small session id travels in the header: ``` SESSION_DRIVER=redis ``` See [Redis connection refused in Laravel](/redis-connection-refused-laravel) if you switch to the Redis driver. ### Subscribe to our newsletter Do you want to receive regular updates with fresh and exclusive content to learn more about web development, hosting, security and performance? Subscribe now! Fill in your email address to receive updates Subscribe #### More in [\#Nginx](https://rocketeersapp.com/knowledge/nginx) - [Server Side Includes (SSI) in nginx](https://rocketeersapp.com/knowledge/server-side-includes-ssi-nginx) - [Configure Content Security Policy with nonce using nginx](https://rocketeersapp.com/knowledge/content-security-policy) - [nginx rewrite or internal redirection cycle](https://rocketeersapp.com/knowledge/nginx-rewrite-or-internal-redirection-cycle) - [How to install Nginx on Ubuntu](https://rocketeersapp.com/knowledge/how-to-install-nginx) - [Detect Googlebot visits using nginx](https://rocketeersapp.com/knowledge/detect-googlebot-nginx) - [Use nginx try\_files to make your site static](https://rocketeersapp.com/knowledge/nginx-try-files) [View all 7 articles →](https://rocketeersapp.com/knowledge/nginx)